J
Jeff T.
Do I need to install a firewall like COMODO or is Windows firewall enough?
Jeff
Jeff
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
G
Guest
Jeff T. said:Do I need to install a firewall like COMODO or is Windows firewall enough?
Jeff
But in the search Firewall and you will get more info?.
http://www.microsoft.com/communitie...&pt=&catlist=&dglist=&ptlist=&exp=&sloc=en-us
J
John Corliss
Jeff said:Do I need to install a firewall like COMODO or is Windows firewall enough?
AFAIK, XP's firewall only monitors incoming traffic. A good freeware
firewall will monitor both incoming as well as outgoing, so yes, you do
need a third party firewall. Here's where you can find one:
http://www.snapfiles.com/Freeware/security/fwfirewall.html
or:
http://www.oldversion.com/
(bottom of page)
I use Kerio 2.1.5 but YMMV.
Monitoring outgoing traffic can, for example, alert you to a newly
acquired Trojan calling out for its buddies to join the party. This
hopefully will cause you to unplug your modem without delay and deal
with the problem.
D
Detlev Dreyer
Jeff T. said:Do I need to install a firewall like COMODO or is Windows firewall enough?
The built-in WinXP Firewall is as good as any stateful packet filter.
Toy firewalls monitoring the outgoing traffic can be bypassed easily.
J
John Corliss
Detlev said:The built-in WinXP Firewall is as good as any stateful packet filter.
Toy firewalls monitoring the outgoing traffic can be bypassed easily.
But often are not. Better than not having any detection of outgoing traffic.
B
Bruce Chambers
Jeff said:Do I need to install a firewall like COMODO or is Windows firewall enough?
Jeff
WinXP's built-in firewall is usually adequate at stopping incoming
attacks, and hiding your ports from probes. What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other than
to check for IP-spoofing, much less block (or at even ask you about) the
bad or the questionable out-going signals. It assumes that any
application you have on your hard drive is there because you want it
there, and therefore has your "permission" to access the Internet.
Further, because the Windows Firewall is a "stateful" firewall, it will
also assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.
ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.
Having said that, it's important to remember that firewalls and
anti-virus applications, which should always be used and should always
be running, while important components of "safe hex," cannot, and should
not be expected to, protect the computer user from him/herself.
Ultimately, it is incumbent upon each and every computer user to learn
how to secure his/her own computer.
--
Bruce Chambers
Help us help you:
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
D
Detlev Dreyer
John Corliss said:But often are not. Better than not having any detection of outgoing traffic.
I could not disagree more - that's just fallacious security.
"Entering through the Exits" (Excerpt)
http://www.spirit.com/Network/net1103.html
| Trojans containing backdoors that make outgoing connections can pass
| right through most firewalls.
| ...
| The most sophisticated backdoors disguise their traffic as ordinary
| Web browsing.
Meanwhile, the latter is state of the art. All you can catch with these
toys is very old Malware showing up as "Hooligan.exe" or similar and
even old Malware was often showing up with names close to system files.
The standard user usually did not know if he should block "svch0st.exe"
or "svchost.exe". If you have a security concept enriched by "Brain 1.0",
there is no need to depend on snake-oil.
J
John Corliss
Detlev said:I could not disagree more - that's just fallacious security.
You disagree that Trojans don't bypass firewalls? Are you in a position
to actually prove that all Trojans bypass firewalls? I strongly doubt
that. And personal experience has shown otherwise.
"Entering through the Exits" (Excerpt)
http://www.spirit.com/Network/net1103.html
| Trojans containing backdoors that make outgoing connections can pass
| right through most firewalls.
| ...
| The most sophisticated backdoors disguise their traffic as ordinary
| Web browsing.
Meanwhile, the latter is state of the art. All you can catch with these
toys is very old Malware showing up as "Hooligan.exe" or similar and
even old Malware was often showing up with names close to system files.
The standard user usually did not know if he should block "svch0st.exe"
or "svchost.exe". If you have a security concept enriched by "Brain 1.0",
there is no need to depend on snake-oil.
Yes, there are certainly examples of Trojans getting around firewalls by
pulling such stunts, but some protection is better than none. In fact,
since you advocate avoiding third party firewalls, what do you propose
as a solution to such tactics??
XP's firewall is a half solution. They don't want people to know how
many of their OS modules are calling home, thus they don't monitor or
block outgoing calls.
J
John Corliss
John said:You disagree that Trojans don't bypass firewalls? Are you in a position
to actually prove that all Trojans bypass firewalls? I strongly doubt
that. And personal experience has shown otherwise.
Yes, there are certainly examples of Trojans getting around firewalls by
pulling such stunts, but some protection is better than none. In fact,
since you advocate avoiding third party firewalls, what do you propose
as a solution to such tactics??
XP's firewall is a half solution. They don't want people to know how
many of their OS modules are calling home, thus they don't monitor or
block outgoing calls.
By the way Detlev, I'm out of here. I just posted to this group to get a
solution and stuck around longer than I intended.
Have a good day.
F
Frank Saunders, MS-MVP OE/WM
Jeff T. said:Do I need to install a firewall like COMODO or is Windows firewall enough?
Jeff
Windows Firewall is enough.
R
Rock
Jeff T. said:Do I need to install a firewall like COMODO or is Windows firewall enough?
Windows firewall is adequate, particularly if you put the emphasis on
practicing safe hex in the first place, and not let malware onto the system.
Its drawbacks are that it doesn't monitor outbound traffic, such as malware
on the system "phoning home", and it's not very configurable.
3rd party firewalls monitor outbound traffic and are more configurable.
Sophisticated malware can get around outbound monitoring so having a two way
firewall can give you a false sense of security, but they can catch some
malware contacting outbound.
Comodo seems to work ok, as does the free offering from Sunbelt Software -
Kerio Personal firewall. Some like Zone Alarm.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.