XP SP2's Firewall

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi. Is XP SP2's Firewall as good as Mcafee's or
Norton's? So all you would need to add is just a
VirusScanner. Thanks, Craig.
 
Hi

The XP Firewall only monitors incoming access to your PC, not outgoing
access to the Internet. I would suggest that a 3rd party '2-way' Firewall
is installed as well as a Virus Scanning program.
 
In (e-mail address removed)
Hi. Is XP SP2's Firewall as good as Mcafee's or
Norton's?
Click to expand...


No.
The Windows firewall, although improved over the original
version, still monitors incoming traffic only. Almost any
third-party firewall will also monitor outbound traffic, stopping
rogue programs trying to call home, and is a better choice.
 
XP's Firewall is still lacking. It does not block outgoing traffic.
Meaning, if you should contract a trojan horse, you'll never know it's
phoning home. I have been using ZoneAlarm, but am thinking about trying out
a few others. Though, you can't pay me enough to use Nortons
Firewall.........
 
Greetings --

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 
It seems odd, to me, that Windows would release this huge major SP2 and not
address something as basic as outbound activity. I mean, I am constantly
reading description of "Critical" updates addressing "security issues" and
here we are saying run a third-party firewall for protection. But I guess
something IS better than nothing, *unless* it gives one a false sense of
security. ZA here. But since Windows never identifies the exact names of
components needing to pass ZA firewall, I had to trial and error my way
through priveliges to get ftp apps to connect. You have to "trust" you are
not allowing bogus apps that only pose as Microsoft elements. When will
they publish the *names* of component apps in "more info", not just describe
what they will do? i.e. "Application Layer Gateway Services", which needs
server priveliges before an ftp client will connect to the remote machine.
 
It seems odd, to me, that Windows would release this huge major SP2 and not
address something as basic as outbound activity. I mean, I am constantly
reading description of "Critical" updates addressing "security issues" and
here we are saying run a third-party firewall for protection. But I guess
something IS better than nothing, *unless* it gives one a false sense of
security. ZA here. But since Windows never identifies the exact names of
components needing to pass ZA firewall, I had to trial and error my way
through priveliges to get ftp apps to connect. You have to "trust" you are
not allowing bogus apps that only pose as Microsoft elements. When will
they publish the *names* of component apps in "more info", not just describe
what they will do? i.e. "Application Layer Gateway Services", which needs
server priveliges before an ftp client will connect to the remote machine.
Click to expand...

There's nothing wrong with installing a two way firewall. It's a belt and
suspenders approach. Just keep in mind that whatever is trying to get out
has already been allowed in -intentionally or not.

If your inbound traffic is monitored, you've already blocked most
intrusions. Most threats that remain are self-inflicted (double clicking
attachments, running downloaded files without scanning, hitchhiking malware
installed by some software, etc).

Using a two way firewall increases the chances of early detection of these
unwanted elements. Antivirus and anti-spyware programs should eventually
pick up the ball as the virus/malware definitions are updated.

It's also a good idea to block the installation of browser helpers in your
browser's security settings.
 
Hmmmm, that was not my experience with spyware I finally booted, with
Spybot-Search and Destroy. I must have hit a malicious site, but I know
that I never EVER install questionable "plug-ins" or the like, "required to
view this page". In the case I refer to, my homepage got hi-jacked,
repeatedly. It over-road my Google pop-up blocker, spawning window after
window of ads, added its own search bar, etc.. The thing was replicating
itself, changing it's filenames. When I finally hacked the
homepage-hijacking and searchbar out of my system, it was ZoneAlarm that
alerted me the same old malware was trying to phone home (outgoing). That's
when I installed Spybot. Did a complete job of removing the culprit. There
is an extremely remote possibility I accepted anything posing as a
legitimate plug-in... next to none.
 
If you install Zone Alarm Pro on XP do you have to disable the XP firewall?
If they can't run side by side how do you disable XPs?

Thanks
 
In
JMAX said:
If you install Zone Alarm Pro on XP do you have to disable the
XP
firewall? If they can't run side by side how do you disable
XPs?
Click to expand...



Have to? No, but my view is that you shouldn't run two firewalls.
You achieve no extra protection, you incur the extra overhead of
running two firewalls, and you run the risk (probably small, but
not zero) of conflicts between them.
 
Back
Top