Firewall Choice

[Dick Reuben]

Running XP Hnme SP2 on standalone, single-user machine.

Can someone tell me if the Win Firewall is enough for my needs, or
would I be better off with Zone Alarm?

 

[Ken Blake]

In

Running XP Hnme SP2 on standalone, single-user machine.

Can someone tell me if the Win Firewall is enough for my needs,
or
would I be better off with Zone Alarm?

The XP firewall monitors incoming traffic, but does nothing to
stop spyware programs trying to call home. It also is much less
configurable than other choices (although it's much improved in
SP2).

For those reasons I recommend the free version of ZoneAlarm (or
almost any third-party firewall) instead.

 

[EBB]

Hi Dick,

the SP2 firewall does its job well, there really is no need to chang
to another one unless it comes built in with an antivirus software (i.
norton, bitdefender etc) if you have one in your antivirus then yo
should disable the SP2 one as running 2 firewalls can cause errors

EBB

 

[Jim]

Running XP Hnme SP2 on standalone, single-user machine.

Can someone tell me if the Win Firewall is enough for my needs, or
would I be better off with Zone Alarm?

Since I don't know what your needs are, the question is hard to answer.
I can say the the Windows Firewall is not good enough for my needs because
it does not prevent outbound messages that I didn't authorise.
Zone Alarm, however, does. It helps by keeping malware from my computer
invading others.
Jim

 

[Harry Ohrn]

I have a router, and run very good Antivirus and anti spyware software. I
have no need to have additional third party firewall software. I don't know
what your needs are but I manage 5 systems on a home network this way. Other
people in my home surf the web, chat on MSN, take e-mails, install
applications of their choice and so forth. I have no trouble that might
require running third party firewall software. In fact I've tried ZoneAlarm,
Norton Internet Security and several other firewall solutions and found them
to be more of a hassle than anything else.

 

[Leythos]

Running XP Hnme SP2 on standalone, single-user machine.

Can someone tell me if the Win Firewall is enough for my needs, or
would I be better off with Zone Alarm?

You should have a NAT router as your first barrier level, then any form
of personal firewall that you want, except Windows Firewall. Windows
Firewall is easily reprogrammed with exceptions by malicious code
without you knowing about it.

 

[Frank Saunders, MS-MVP OE]

Running XP Hnme SP2 on standalone, single-user machine.

Can someone tell me if the Win Firewall is enough for my needs, or
would I be better off with Zone Alarm?

IMHO the SP2 firewall is good enough. It's what I use.

--
Frank Saunders, MS-MVP OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com./athome/security/protect/default.aspx
http://defendingyourmachine.blogspot.com/

 

[Tony]

I have a router, and run very good Antivirus and anti spyware software. I
have no need to have additional third party firewall software. I don't
know
what your needs are but I manage 5 systems on a home network this way.
Other
people in my home surf the web, chat on MSN, take e-mails, install
applications of their choice and so forth. I have no trouble that might
require running third party firewall software. In fact I've tried
ZoneAlarm,
Norton Internet Security and several other firewall solutions and found
them
to be more of a hassle than anything else.

So if one PC in your network gets infected, chances are all five will. Have
a look at
http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html

I have a similar network all behind a smoothwall firewall but i still have
ZoneAlarm on each PC which also has antivirus, MS Antispyware, Spybot and
Spyware Blaster - none of which would be much good if a new worm or virus
hits the network before the virus/spyware definitions are updated. Looking
at the anti virus log on this PC, a virus was found as recent as 14th
September. Could of been there for a week or so before the antivirus
definition was updated to find it. But it was isolated to this one PC as
none of the others caught it.

And don't forget, some viruses can disable anti virus software and then reek
havoc on the network causing hours of work to get everything restored again.
I didn't think it would happen to me either - until it did.

 

[Bruce Chambers]

Running XP Hnme SP2 on standalone, single-user machine.

Can someone tell me if the Win Firewall is enough for my needs, or
would I be better off with Zone Alarm?

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Sharon F]

[4 quoted lines suppressed]

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

Not picking on your reply, Bruce. Just tagging onto this thread to refine a
point...

No firewall is going to protect you from resident spyware or other nasties.
It's already on the system and needs to be removed regardless of what
firewall is in place. Also, new malware can make its way onto the system
even with a one way or two way firewall in place - by stealth or as a
result of a user action. Not as easy of a feat but it can and does happen.

What two way firewalls provide is an early warning that the installed
antivirus and/or anti-spyware missed something when it made its way onto
the system. Even "good" antivirus and anti-spyware programs can miss new
variants. The notices of unexpected/unsolicited traffic enable the user to
address the *removal of otherwise undetected intrusions* (those that have
"outgoing traffic" as part of their behavior) sooner rather than later.

At the very least, the possible early warnings provided by outgoing
monitoring is a very nice plus in favor of two way firewalls.

 

[Pentium]

Yes, you want a deadbolt lock that requires a key on both sides. If the
thief is already in the house when you lock up, you don't want him to get
out to let others in. You then capture and delete from within.

[4 quoted lines suppressed]

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

Not picking on your reply, Bruce. Just tagging onto this thread to refine
a
point...

No firewall is going to protect you from resident spyware or other
nasties.
It's already on the system and needs to be removed regardless of what
firewall is in place. Also, new malware can make its way onto the system
even with a one way or two way firewall in place - by stealth or as a
result of a user action. Not as easy of a feat but it can and does happen.

What two way firewalls provide is an early warning that the installed
antivirus and/or anti-spyware missed something when it made its way onto
the system. Even "good" antivirus and anti-spyware programs can miss new
variants. The notices of unexpected/unsolicited traffic enable the user to
address the *removal of otherwise undetected intrusions* (those that have
"outgoing traffic" as part of their behavior) sooner rather than later.

At the very least, the possible early warnings provided by outgoing
monitoring is a very nice plus in favor of two way firewalls.

 

[Bruce Chambers]

Not picking on your reply, Bruce. Just tagging onto this thread to refine a
point...

And refined quite nicely, I might add.



--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH