Windows firewall question

  • Thread starter Thread starter XPUser
  • Start date Start date
X

XPUser

Hi ... I have xp pro sp2 ... I would like to know with windows firewall
do I need to make any exceptions ( allow or not allow ) ? I was
thinking maybe I need to add a few programs like >> Internet Explorer ,
Outlook express, thing in that nature , Yes or no ? thanks
 
Windows Firewall is better ,I think .
Although its protections is only for the incoming traffic ,it is very good.

Now about your question.No ,you don't need to make exceptions for Internet
Exploer or Outlool Express because as I said WF has only incoming
protection.Your programs has free outgoing connection.I also use Windows
Firewall and use it with checked Don't allow exceptions.

Well ,if you want to use a chat program and exchange files you need an
exception.
But you can still chat (using text) without exception :)

Also ,see here:
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx

Read this article and all other links in it.

Microsoft (R)
suggests 3 + 1 general steps how to protect
your PC and the infomation stored on it,
your privacy and your family
1.Use an internet firewall
2.Enable Automatic Updates for your PC
3.Use an antivirus software
4.Use antispyware software

Goto http://www.microsoft.com/athome/security and learn more
Check the Security Essentials for your OS and also have a look at all
sections!


Panda_man
 
Hi ... Thanks for your input, but I find no use with a third party
software firewall , My hardware firewall does the trick for me , Beside
that my computer runs much smoother without a third party software ....
 
Hi ... I forgot all about how microsoft firewall works , Thanks for
reminding me , I had been using sygate for years but I notice I really
never seening the need for it, So in the last few months all I ever use
now is microsoft firewall and my router , Computer is running much
better this way , Oh yeah almost forgot I have all the anti -
virus\spyware programs install to , Thanks for your help ....
 
:)

If you have any other questions ,donot hesitate to contact the community
again !!!


Panda_man
 
I feel the same way you do. I refuse to install ANY 3rd party fixes, free
software, etc. Nothing is FREE in the world. All those free fixes and free
programs you read about in this and many newsgroups will clog up your
systems and create more problems than they solve. My suggestion is to stay
away from them and in the long run you will be glad you did.
 
XPUser said:
Hi ... I forgot all about how microsoft firewall works , Thanks for
reminding me , I had been using sygate for years but I notice I really
never seening the need for it, So in the last few months all I ever
use now is microsoft firewall and my router , Computer is running much
better this way , Oh yeah almost forgot I have all the anti -
virus\spyware programs install to , Thanks for your help ....
Click to expand...

This is how it works!





From www.spywareinfo.com



I promised myself a while back not to go on another anti-Microsoft rant,
that I would write calmly about any goofs they make. It has been a hard
promise to keep at times. And now, I must break that promise. If I don't
rant about this, I will burst at the seams.

The function of a software firewall is simple. It allows the user to control
the computer's access to other computers. To do that, it blocks attempts to
send unauthorized data out over a network, as well as the attempts of other
computers to send data to the protected computer. A proper firewall allows
data into or out of the computer, only when the user gives the firewall
permission to do so. I think most people will agree that this is an accurate
description of the proper function of a software firewall.

So I am left to wonder if the Microsoft programmers who designed the Windows
Firewall have lost their freakin minds. While the Windows Firewall will
block network access like any other firewall, the settings which determine
whether or not an attempt to access the network is permitted is stored in
the registry. Any piece of software is allowed to edit that part of the
registry and give itself permission to send or receive data over the
network.

There are several viruses, worms and spyware programs that edit the registry
settings for the Windows Firewall. Even if the user discovers a virus
infection and cleans it successfully, that computer can be reinfected at any
time, if the virus edited the firewall settings. Many network worms can
infect a computer if it discovers certain unsecured network ports. It
happened to me once, when I turned off my firewall and forgot to turn it
back on.

Changes to a firewall's settings should be possible only through the
firewall program's interface. Those changes should be saved into an
encrypted file, which cannot be altered by any other program. Those settings
should not EVER be written to the registry, where they can be altered by any
other program running on the PC. It takes only the smallest shred of common
sense to realize this.

Where was the common sense when they were creating the Windows Firewall?
This is like hiring security guards to keep gate crashers away from a party
but allowing the guests to write their own invitations.

But wait, there's more!

Someone discovered recently that the Windows Firewall interface won't even
tell the user about an opened port, if the registry entry granting it
permission has a malformed name. Not only can a malicious programmer give
his evil creation permission to bypass the firewall, he can hide the fact
that he's done it!

It is boneheaded mistakes like this which make it difficult to use Windows
safely. God help us all when Microsoft begins to make its own antivirus
software. The only reason Microsoft's antispyware program works well
probably is because Microsoft didn't write it.
 
I agree with most of the things in your post but will disagree with another
..Find them mixed with your words:



I promised myself a while back not to go on another anti-Microsoft rant,
that I would write calmly about any goofs they make. It has been a hard
promise to keep at times. And now, I must break that promise. If I don't
rant about this, I will burst at the seams.

The function of a software firewall is simple. It allows the user to control
the computer's access to other computers. To do that, it blocks attempts to
send unauthorized data out over a network, as well as the attempts of other
computers to send data to the protected computer. A proper firewall allows
data into or out of the computer, only when the user gives the firewall
permission to do so. I think most people will agree that this is an accurate
description of the proper function of a software firewall.
Click to expand...

Panda_man >> You description is very good.

So I am left to wonder if the Microsoft programmers who designed the Windows
Firewall have lost their freakin minds. While the Windows Firewall will
block network access like any other firewall, the settings which determine
whether or not an attempt to access the network is permitted is stored in
the registry. Any piece of software is allowed to edit that part of the
registry and give itself permission to send or receive data over the
network.

There are several viruses, worms and spyware programs that edit the registry
settings for the Windows Firewall. Even if the user discovers a virus
infection and cleans it successfully, that computer can be reinfected at any
time, if the virus edited the firewall settings.
Click to expand...


Panda_man >> Let me just remind you that that's why we use antivirus
software ...
Always up-to-date and scanning everything.I also have added TruPrevent to
monitor all suspicous activity.
Many network worms can
infect a computer if it discovers certain unsecured network ports. It
happened to me once, when I turned off my firewall and forgot to turn it
back on.
Click to expand...

Panda_man >> What are we talking about ...You forgot ,it is wrong made by
human.All wrongs that have changed the history have been made by humans...

Changes to a firewall's settings should be possible only through the
firewall program's interface. Those changes should be saved into an
encrypted file, which cannot be altered by any other program. Those settings
should not EVER be written to the registry, where they can be altered by any
other program running on the PC. It takes only the smallest shred of common
sense to realize this.
Click to expand...

Panda_man >> Agree .

Where was the common sense when they were creating the Windows Firewall?
This is like hiring security guards to keep gate crashers away from a party
but allowing the guests to write their own invitations.

But wait, there's more!

Someone discovered recently that the Windows Firewall interface won't even
tell the user about an opened port, if the registry entry granting it
permission has a malformed name. Not only can a malicious programmer give
his evil creation permission to bypass the firewall, he can hide the fact
that he's done it!
Click to expand...


And just to tell you that Windows Firewall is NOT a firewall like any other
firewall.
All other firewalls have exceptions for IPs ,all other have control of all
programs and IPs for Inconing ,Outgoing and Incoming and Outgoing connection.

Windows Firewall is much more like a technology for blocking intruders (and
for blocking programs used from intruders)
It has no exceptions for IP ,not control of the outgoing traffic.But it is
capable to block attack(a programs tries to get into a computer ,it blocks) .
And that's why people with Windows Firewall can use it to chat with text.
Even though the hasn't put Windows Messenger (example) as an exception they
still chat because the chat is not like Peer to Peer ,it passes a server.But
when a file is needed to be sent ,the other pc connect to mine(p2p) and this
is an intrusion and blocked from WF.

I personally have tested WF for blocking intrusion attempts and it
successfully did it.:)


As a man from Microsoft said some years ago in a radio program WF is made
especially for Home User that really don't know What do to.A Software
firewall (SF) ask that a program XXX.YYY wants access .What to do .They
have never heard of that software and click Access ok.( By the way ...they
think ...I use program ZZZ.YYY and if I block XXX.YYY something may go
wrong.I'd rather allow)

His words were that he is very surpised when he personally saw guys being
asked from a SF what to do and all they do is : ACCESS OK , ACCESS OK ,
ACCESS OK....

Although we both may know what to do ,the so called Home user will not know
what to do.He/She goes to work ,has a family ,children,home and although
he/she uses the computer everyday ,they don't know about "virus" , "intruder
" ,"suspicious software".....

Microsoft made WF (and especially with Don't allow exceptions) to protect
even the most stupid person.And I think you'd better start encouringing home
users use Windows Firewall much more than any other SF.

Thank you .



Panda_man
 
WF exists primarily to protect an XP computer on its first outing to the WWW
and Windows Update.. any more than that would inevitably invoke lawsuits
from the legal dept's of Symantec, Network Associates and others.. :-)
 
I have already heard that.The first connection ...It protects everyone on the
first connction as GOOD as on people's second connection...

And will stop here ,this conversation can be endless.
No matter what you will say or anyone says,I go on using Windows Firewall.


Panda_man
--
Let's beat malware black and blue
Panda TruPrevent - the most intelligent technology to combat unknown malware
http://www.pandasoftware.com
http://www.microsoft.com/protect





Mike Hall (MS-MVP) said:
WF exists primarily to protect an XP computer on its first outing to the WWW
and Windows Update.. any more than that would inevitably invoke lawsuits
from the legal dept's of Symantec, Network Associates and others.. :-)
Click to expand...
 
I use it myself..


--
Mike Hall
MVP - Windows Shell/User


Panda_man said:
I have already heard that.The first connection ...It protects everyone on
the
first connction as GOOD as on people's second connection...

And will stop here ,this conversation can be endless.
No matter what you will say or anyone says,I go on using Windows Firewall.


Panda_man
--
Let's beat malware black and blue
Panda TruPrevent - the most intelligent technology to combat unknown
malware
http://www.pandasoftware.com
http://www.microsoft.com/protect
Click to expand...
 
I have already heard that.The first connection ...It protects everyone on the
first connction as GOOD as on people's second connection...

And will stop here ,this conversation can be endless.
No matter what you will say or anyone says,I go on using Windows Firewall.
Click to expand...

I've seen AOL applications reconfigure the WF without the user knowing,
seen other apps ask the user if they could reconfigure it, which didn't
work when using ZAP or non WF apps.

I disable the Windows Firewall Service on every Domain computer and
every computer in my home. It's not proven to be effective when malware
is on the computer, and not needed when a person has the barrier (NAT
device) method.
 
Back
Top