I just installed latest version of Agnitum Outpost Fireawll, and
rebooted my winXP sp3 machine, and although a tray icon loads, when I
click on it it says (greyed out)service not ready. I then try to start
the said program and it says I don't have sufficient rights to do that.
I am logged in as Admin, so whats wrong?
I'd uninstall this application and look for a much better alternative!
Keep on reading:
For the average homeuser, the Windows Firewall in XP does a fantastic job
at its core mission and is really all you need if you have an 'real-time'
anti-virus program, [another firewall on your router or] other edge
protection like SeconfigXP and practise safe-hex.
The windows firewall deals with inbound protection and therefore does not
give you a false sense of security. Best of all, it doesn't implement lots
of nonsense like pretending that outbound traffic needs to be monitored.
Activate and utilize the Win XP built-in Firewall; Uncheck *all* Programs
and Services under the Exception tab.
Read through:
Understanding Windows Firewall.
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
Using Windows Firewall.
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
PFW Criticism.
http://en.wikipedia.org/wiki/Personal_firewall#Criticisms
At Least This Snake Oil Is Free.
http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx
Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."
Exploring the windows Firewall.
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater¡Xit¡¦s a gimmick that only gives the
impression of improving your security without doing anything that actually
does improve your security."
In conjunction with WinXP SP2 Firewall use:
Seconfig XP 1.0
http://seconfig.sytes.net/
Seconfig XP is able configure Windows not to use TCP/IP as transport
protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
and 445 (the most exploited Windows networking weak point) closed.
If you're really serious about Internet Security:
1. Do not work as Administrator; For day-to-day work routinely use a
Limited User Account (LUA).
2. Secure (Harden) your operating system.
3. Don't expose services to public networks.
4. Keep your operating (OS) system (and all software on it)updated/patched.
5. Reconsider the usage of IE and OE.
5a.Secure (Harden) Internet Explorer.
6. Review your installed 3rd party software applications/utilities; Remove
clutter, *including* 3rd party software personal (so-called) firewall
application (PFW) - the one which claims: "It can stop/control malicious
outbound traffic".
7. If on dial-up Internet connection, activate the build-in firewall and
configure Windows not to use TCP/IP as transport protocol for NetBIOS,
SMB and RPC, thus leaving TCP/UDP ports 135,137-139 and 445 (the most
exploited Windows networking weak point) closed.
7a.If on high-speed Internet connection use a router.
For the average homeuser it is suggested blocking both TCP and UDP ports
135 ~ 139 and 445 on the router and implement countermeasures against
DNSChanger.
And (just in case) Wired Equivalent Privacy (WEP) has been
superseded by Wi-Fi Protected Access (WPA)
8. Routinely practice Safe-Hex.
Also, ensure you do:
a. Regularly back-up data/files.
b. Familiarize yourself with crash recovery tools and re-installing your
operating system (OS).
b. Utilize a good-quality real-time anti-virus application and some vital
system monitoring utilities/applications.
c. Keep abreast of the latest developments.
And finally:
Most computer magazines and/or (computer) specialized websites are *biased*
i.e. heavily weighted towards the (advertisement) dollar almighty!
Therefore:
a. Don't fall for software applications touted in publications relying on
advertisement revenue.
b. Do take their *test-results* of various software with a *considerable*
amount of salt!
c. Which also applies to their *investigative* in-depth test reports
related to any software applications.
d. Investigate claims made by software manufacturer *prior* downloading
their software; Subscribing to non-commercial type publications, (to
some extend) specialized newsgroups and/or fora are a great way to find
out the 'nitty-gritties' and to consider various options.
Wanna know details? Go ahead and ask
