firewall

  • Thread starter Thread starter annlyon \(anon\)
  • Start date Start date
A

annlyon \(anon\)

I have the firewall on with sp2 and my mcafee
firewall.No problems so far but do i need to turn one off
and if so which one would you suggest to turn off.Thanks
 
From all I have read, the new XP firewall is perfectly adequate.
Click to expand...

Not if you want ANY protection from spyware or a trojan hijacking your
computer and "dialing out" to the Internet through it. XP's firewall
provides ABSOLUTELY NO protection in that instance. Why they left that
out is beyond me, but it's the way of life.
I have unistalled my 3rd party firewall and running on SP2 for several
months [using pre-release version] without any concerns.



annlyon (anon) @hotmail.com said:
I have the firewall on with sp2 and my mcafee
firewall.No problems so far but do i need to turn one off
and if so which one would you suggest to turn off.Thanks
Click to expand...
Click to expand...
 
Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility, usability
and configurability, is still rather lacking, as a solid security
component. It still can't supplant 3rd-party solutions, nor is it
intended to do so; rather, it's intended to complement them. And, like
the original ICF, it will not monitor out-going traffic.

It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

SP2's Windows Firewall is intended to complement
3rd-party firewalls, so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 
Back
Top