WinXP SP2, firewall question

[Ken Blake]

In

Thanks for all the posts, I'm sorry I don't fully yet
understand
whether I can have both firewalls and have everything work ok
or not.
Original questions were:

Q1: (It's a given I have a Linksys firewall router,
however....) Is
there any problem with also checking [X] WINDOWS FIREWALL *ON*
( so
at least I'm covered if someone uses the dial-up connection
(which
goes around the router and would be exposed if there's no
Windows
firewall set up)...

No, there is no problem using both, other than the slight extra
overhead involved. However when the hardware firewall is being
used, the Windows firewall adds nothing to your protection.

If it were me, I wouldn't use the Windows firewall, but instead
use a third-party one like the free version of Zone Alarm. This
adds outbound protection, which your router doesn't have.

 

[Doug Kanter]

Seems like everyone around here does. I don't know
anyone who currently has RealPlayer on their PC.

There are news sites which provide media files only in that format. But for
the rare times I need it, I want it available.

 

[Guest]

If MS actually used their brains no piece of software,
newly installed, should be able to access anything
without the users turning them on

It's not just MS - most Operating Systems assume that the
software rights are the same as the user running it.

A resource rather than user-oriented approach does tend
to sound good to techie users until you realize that in
the case of many "typical users" it will go like:

Prompt: Would you like to install porn trojan spam
zombie.exe in order to view porn?

User: OK

(no change above but now we add

Prompt: Would you like to allow porn trojan spam
zombie.exe to modify the registry in order to view porn?

User: OK

Prompt: Would you like to allow porn trojan spam
zombie.exe to overwrite Windows files in order to view
porn?

User: OK

Prompt: Would you like to allow porn trojan spam
zombie.exe full access to the Internet in order to view
porn?

User: OK

Prompt: Would you like to allow porn trojan spam
zombie.exe sector level access to your disk in order to
view porn?

User: OK

Prompt: Would you like to allow porn trojan spam
zombie.exe to reflash your BIOS in order to view porn?

User: OK

User: Why do I have to keep clicking OK???? This is
even worse than Windows wanting me to login!

Unfortunately, as long as people aren't educated about
threats, the OS is only going to be able to get in their
way enough to annoy them.

 

[Ken Blake]

In

Seems like everyone around here does. I don't know
anyone who currently has RealPlayer on their PC.

There are news sites which provide media files only in that
format.
But for the rare times I need it, I want it available.[/QUOTE]


There is other software which can play Real Audio files, such as
JetAudio. I greatly prefer it, or any of the other choices, to
RealPlayer, which I wouldn't have on my machine.

 

[Guest]

Disk activity is normal for a PC with modest RAM. If you
feel you can't run Word and Excel at the same time I
recommend you ask for more memory.

I don't understand the reference to WMP. You say
it "wants" to phone home and thrashes yet you have ZAP
loaded which sounds like you're not letting it phone
home... ??? This sounds like a counter-example to what
you were saying but maybe I'm misunderstanding.

I suppose you could ask for more RAM to run WMP too but
your IT department might be less agreeable to that ;-)

 

[Doug Kanter]

Disk activity is normal for a PC with modest RAM. If you
feel you can't run Word and Excel at the same time I
recommend you ask for more memory.

I don't understand the reference to WMP. You say
it "wants" to phone home and thrashes yet you have ZAP
loaded which sounds like you're not letting it phone
home... ??? This sounds like a counter-example to what
you were saying but maybe I'm misunderstanding.

I suppose you could ask for more RAM to run WMP too but
your IT department might be less agreeable to that ;-)

1) Yes. Disk activity is normal. Disk thrashing is another subject. Do you
know the difference?

2) The machine already has its limit of RAM installed, and there is no
possibility of another machine.

3) Even if WMP is blocked by ZoneAlarm, it still runs code (and FAT code,
apparently) as it makes its first attempt.

 

[Doug Kanter]

In

There are news sites which provide media files only in that
format.
But for the rare times I need it, I want it available.

There is other software which can play Real Audio files, such as
JetAudio. I greatly prefer it, or any of the other choices, to
RealPlayer, which I wouldn't have on my machine.
[/QUOTE]

Thanks, Ken. I'll look into that. I used to be up on these alternatives, but
now, I have to wait till the end of the day when work's over before I can do
recreational things. By that point, the last thing I usually want to see is
the computer.

 

[Guest]

-----Original Message-----
1) Yes. Disk activity is normal. Disk thrashing is another subject. Do you
know the difference?

Yes. I have written two virtual memory systems but I was
wondering if an end-user could really tell the difference
between a "just lot of swapping", and true thrashing.
How did you measure it? Since Windows doesn't contain
one of the ones I wrote I'm not sure how I'd do it
without writing some instrumentation.

3) Even if WMP is blocked by ZoneAlarm, it still runs
code (and FAT code,
apparently) as it makes its first attempt.

That's what I thought - you appear to be unsuccessful in
preventing the extra use of resources even with ZAP doing
it's thing. That wasn't what I was expecting from your
earlier post. I thought you were going to show that ZAP
preventing the phone home prevented a failure on your
system.

 

[Doug Kanter]

It's not just MS - most Operating Systems assume that the
software rights are the same as the user running it.

Read Marko's statement again. He said by default, any behind-the-scenes
access should be turned OFF after software is installed. He's right. For
honest apps which really DO need to access the outside world, there's a
simple way to handle it. After you install many apps, you see a dialog box
asking if you want to view the README file at that moment. Provide the same
type of dialog box telling the user that the app is NOT set up yet to access
the outside world, and give the user the option at that point to make a yes
or no choice. End of problem.

Your example of a series of yes/no questions was unrealistic. Real software
with that many options would present them in a dialog with check boxes.

You might enjoy a book called "About Face", by Alan Cooper, who designed the
interface for the Visual Basic design environment.

 

[Doug Kanter]

Yes. I have written two virtual memory systems but I was
wondering if an end-user could really tell the difference
between a "just lot of swapping", and true thrashing.
How did you measure it? Since Windows doesn't contain
one of the ones I wrote I'm not sure how I'd do it
without writing some instrumentation.

After 10 years of reading about thrashing in various places, I define it
with this example:
Disk activity:
I start the machine, start Excel, and open a huge sheet. I notice a little
disk activity, and the sheet's open in 3-4 seconds, or whatever's normal for
that particular machine.

Alternative - disk thrashing:
I have a long list of apps running, as described earlier. I open the same
huge sheet in Excel. The disk light flashes constantly for a full minute.

That's what I thought - you appear to be unsuccessful in
preventing the extra use of resources even with ZAP doing
it's thing. That wasn't what I was expecting from your
earlier post. I thought you were going to show that ZAP
preventing the phone home prevented a failure on your
system.

I can't explain it. If it's blocked, the nonsense stops. If it's not, and
the machine's already taxed, it'll bog down the machine for long enough to
be annoying, if I need the thing to respond to something else.

You mentioned above that you've written virtual memory systems. That
qualifies you for this: Remember that the finished product is not invisible
to the user in many cases. It should be, but it's not. The user is your
customer, and his observations and experience are 100% valid, since he pays
your salary.

 

[Guest]

Read Marko's statement again. He said by default,

So did I. It was defaulted to off and it asked to be
turned on...

Your example of a series of yes/no questions was
unrealistic. Real software with that many options
would present them in a dialog with check boxes.

That's fine. Changing that trivial detail won't change
the answers. The repetition was meant to be funny. Most
people don't read that stuff. Presenting all of those on
a single dialog with the warning that selecting no on any
of them will prevent the desired porn results will just
make it quicker to select yes to all of them.

 

[Guest]

I distinguish swapping and real thrashing - the later
usually results in a total failure - as in computer
appears completely hung and someone eventually resets
it. It happens when your working set exceeds the memory
space and you pretty much execute every instruction at
disk speed. (rough description) But that's a technical
distinction which probably isn't needed. (Real thrashing
was more common when mult-user computers had ~ 8MB ;-))
In XP on very small systems I frequently see a lot of
swapping but it usually keeps up with the UI fairly well.

The user is your customer, and his observations and
experience are 100% valid, since he pays
your salary.

Yeah, that's when we'd throw the newbie marketing dweeb
out of the meeting ;-)

Seriously it's true that the customer/user matters but
fresh marketing guy often fails to understand that you
can't always optimize for most customers and every single
individual customer with the same product. Each customer
wants it to "just work" though each one has a different
definition of what that is. The successful marketing
guys were the ones that could help us determine the best
answer for most and the right set of options to cover the
largest base without compromising reliability/schedule
etc. etc.

That's really what you're talking about here. You load
up the machine with a bunch of stuff (some you've labeled
pigs and some I've seen labeled pigs by others) then you
load another program and try to partially prevent it from
doing its thing using another program you've loaded and
it still swaps a lot. Well maybe unload the program
that's preventing it? ;-)

By the way, I just fired up WMP on my system and never
saw it exceed 8MB. Kind of small compared to the other
GUI apps on my system but I suppose there are smaller
media players available. Funny thing is I changed the
options to make it do another update and it consumed more
additional RAM displaying the options dialog than doing
the update. I don't know what you have going on on your
system.

 

[jt3]

There's RealPlayer Alternative, which I have used for those things that
demand it. It's a little big, but otherwise unexceptionable. I can look
for the link if you want.

Joe

In

There are news sites which provide media files only in that
format.
But for the rare times I need it, I want it available.

There is other software which can play Real Audio files, such as
JetAudio. I greatly prefer it, or any of the other choices, to
RealPlayer, which I wouldn't have on my machine.
[/QUOTE]

 

[George]

Thanks Ken, I was wondering what the key differences in firewall inbound
protection and firewall outbound protection

-INBOUND protection. It sounds like ROUTER and WINXP-SP2 provide this,
which protects my PC from _____, and an example scenario would be ____.

-OUTBOUND protection. It sounds like *neither* ROUTER nor WINXP-SP2 provide
this, which protects my PC from _____, and an example scenario would be
____.

Thanks,
George

 

[Ken Blake]

In

Thanks, Ken. I'll look into that. I used to be up on these
alternatives, but now, I have to wait till the end of the day
when
work's over before I can do recreational things. By that point,
the
last thing I usually want to see is the computer.

You're welcome. Glad to help.

 

[Phil]

A good router/firewall can control outbound traffic to your liking. Outbound
access, on a good router/firewall, can be locked down completely or one port
at a time. There's no fancy popup warning like zone alarm, but the same
outbound control can be achieved.

 

[Alex Nichol]

1) a LOCAL connection (via Linksys VPN router, which HAS a firewall), and

2) a DIALUP connection as a backup...goes out back of PC through modem over
phone line (probably NEEDS a firewall)

Most folks say I don't need Windows firewall since I have a firewall router,
but when I went to Control Panel / Network Connections... it won't allow me
to set these two connections differently... whatever you set firewall to
(enabled or not enabled), it forces BOTH connections to the same thing.

In SP2 go to Control Panel - Windows Firewall, and on the Advanced page
you can check just the dialup networking to have it in use.

 

[Marko]

my point is not the myriad options, its the one to access the internet,
and windows should block it if you don't authorise it. Think of
zonealarm, you have to authorise it to let itself access the internet, once.

So did I. It was defaulted to off and it asked to be
turned on...




That's fine. Changing that trivial detail won't change
the answers. The repetition was meant to be funny. Most
people don't read that stuff. Presenting all of those on
a single dialog with the warning that selecting no on any
of them will prevent the desired porn results will just
make it quicker to select yes to all of them.

--
Marko Jotic
"Common sense is anything but common".
From the notebooks of Lazarus Long. Robert A. Heinlein.
Handmade knives, antique designs, exotic materials at
http://www.knifeforging.com/