D
dowker
Is the inbuilt XP firewall sufficient?
If I install a third party firewall
eg Zone-Alarm do I stop the XP firewall?
If I install a third party firewall
eg Zone-Alarm do I stop the XP firewall?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
M
Marc Reynolds [MSFT]
Hi,
The answer to your first question - Is the XP firewall enough? - is "It
depends". The XP firewall does a great job of protecting your internal
network and has basci configuration to allow you to get apps working
through it. However it you want more features you should consider
purchasing another firewall.
The answer to your second question is "Yes". If you install another
firewall you should stop the XP firewall.
Thanks,
Marc Reynolds
Microsoft Technical Support
This posting is provided "AS IS" with no warranties, and confers no rights.
The answer to your first question - Is the XP firewall enough? - is "It
depends". The XP firewall does a great job of protecting your internal
network and has basci configuration to allow you to get apps working
through it. However it you want more features you should consider
purchasing another firewall.
The answer to your second question is "Yes". If you install another
firewall you should stop the XP firewall.
Thanks,
Marc Reynolds
Microsoft Technical Support
This posting is provided "AS IS" with no warranties, and confers no rights.
M
Merlin
Marc Reynolds said:Hi,
The answer to your first question - Is the XP firewall enough? - is "It
depends". The XP firewall does a great job of protecting your internal
network and has basci configuration to allow you to get apps working
through it. However it you want more features you should consider
purchasing another firewall.
The answer to your second question is "Yes". If you install another
firewall you should stop the XP firewall.
just to add, the XP firewall is intended for folks that aren't very
fluent in running some of the more advanced firewalls.
think of it as posting a few rent-a-cop guards at the perimeter. it will
function, and maintain security, but it does have limits, and these
limits reside in not being able to configure directly on a port/protocol
level.
it does have the interesting effect of going stealth during a port scan.
give Shields Up a try at http://grc.com/default.htm, and then after
noting the results of an all service scan, run it again. in my
experience, it filters the Shields Up IP out and goes full stealth.
in this regard, if an attacker runs a portscan first, he/she may be
blocked when the attack goes into action. i use it as a first line of
defence (mainly because the computer on my network providing internet
access is not mine, so i have no real control over it as far as program
installation). but following that up, i have a router/firewall
(Shorewall running on Linux), and each of my windows workstations has a
copy of the free ZA installed (to give me real-time alerts so i can
configure Shorewall as the need arises).
but not everybody has to take the paranoid approach. for most users, the
XP ICF, or ZoneAlarm should be enough. just remember, security doesn't
stop at the perimeter, if you have a friend or relative that brings a
computer in and connects to your network, that poses a possible worm
threat from inside. the firewall is useless in that type of case, unless
you have something like the free ZA running on all of the connected
computers.