Is Windows xp firewall enough protection in combination with a router?

[da5S]

I am a computer novice and recently switched to Cable internet fro
dial-up and want to know if my Linksys wrt54g router firewall and th
windows firewall are enough protection from attacks. I also hav
Norton 2004 Virus scan installed

 

[DS]

I am a computer novice and recently switched to Cable internet from
dial-up and want to know if my Linksys wrt54g router firewall and the
windows firewall are enough protection from attacks. I also have
Norton 2004 Virus scan installed.

yes, unless you have opened specific ports on the rtr to be forwarded to
your pc, the NAT implementation on the rtr is quite safe in itself. i have
a rtr and use an older version of ZoneAlarm. the rtr keeps out everything,
and ZoneAlarm monitors the outbound connections.

generally speaking, IMO, any compromise of security is caused by the user
themselves, ie. opening infected e-mail attachments or using file-sharing
programs like Kazaa. the only exception that i know of, thus far, was the
RPC worm.

more of a security risk are webpages. i keep all of my ie setting's to
'off' or 'prompt', activeX, java applets, scripts, etc. sure it's a pain in
the ass to click 'no' 5 or 6 times as a web page is loading, but it sure
does save the headaches of browse-by silent installs of whatever.

unfortunately i have to support 5 or 6 family member's, all computer near-
illiterates, and you wouldn't believe (actually i'm sure you would) the
stuff that i've had to clean up from their computers.

one particular computer took about 20 minutes to start up, maybe more,
dinner was ready, i re-started immediately before dinner, went and ate, and
came back, and it was still starting up. the issue was about 70
spyware/adware/maleware items added to the startup set. there was about 15
thing's that belonged there. after those 70 items were removed, startup was
complete in under 2 minutes.

IMO, this is much more of a threat than DOS attacks and such, especially
since the XP firewall only blocks incoming connections, not outbound.

now being on a persistant connection, the cable, it's more of an issue than
ever. use ad-aware, spybot seek and destroy, and hijackThis! on a regular
basis to check for these types of distributions. spybot has a resident
program that monitors certain registry setting's and warns you if
something's trying to change it, and blacklist's many of the known spyware
processes.

regards,

ds

 

[Bruce Chambers]

I am a computer novice and recently switched to Cable internet from
dial-up and want to know if my Linksys wrt54g router firewall and
the
windows firewall are enough protection from attacks. I also have
Norton 2004 Virus scan installed.

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

If you use a router with NAT, it's still a very good idea to use a
3rd party software firewall. Like WinXP's built-in firewall,
NAT-capable routers do nothing to protect the user from him/herself
(or any "curious," over-confident teenagers in the home). Again --
and I cannot emphasize this enough -- almost all spyware and many
Trojans and worms are downloaded and installed deliberately (albeit
unknowingly) by the user. So a software firewall, such as Sygate or
ZoneAlarm, that can detect and warn the user of unauthorized out-going
traffic is an important element of protecting one's privacy and
security. (Remember: Most antivirus applications do not even scan for
or protect you from adware/spyware, because, after all, you've
installed them yourself, so you must want them there, right?)

I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it
comes to computer security and protecting my privacy, I prefer the old
"belt and suspenders" approach. In the professional IT community,
this is also known as a "layered defense." Basically, it comes down
to never, ever "putting all of your eggs in one basket."

--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having
both at once. - RAH