B
B.W.
What is SP2 firewall? Is it all right to run more than one firewall?
TIA
B.W.
TIA
B.W.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
M
Malke
drop said:What is SP2 firewall? Is it all right to run more than one firewall?
TIA
B.W.
Understanding Windows Firewall -
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
No, don't run more than one firewall. Either use the Windows Firewall if
you have SP2 or a third-party one, but not both.
Malke
A
ANONYMOUS
SP2 Firewall is also known as Windows Firewall. It is quite alright to run more than one firewall as long as the second/other firewall(s) is/are hardware based and not any software based. I have found Windows Firewall quite adequate for my needs and I also have router based firewall which can be configured to your likings.
Hope this helps.
Hope this helps.
K
Ken Blake
In
It's the upgraded firewall that comes with SP2.
You'll find those with different points on view on this. Here's
mine: don't run two firewalls. You achieve no extra protection,
you incur the extra overhead of running two firewalls, and you
run the risk (probably small, but not zero) of conflicts between
them.
See
http://www.microsoft.com/athome/security/protect/firewall.mspx
which includes the following:
"Q. Should I use both the built-in firewall and a software
firewall from a different company on my Windows XP computer?
"A. No. Running multiple software firewalls is unnecessary for
typical home computers, home networking, and small-business
networking scenarios. Using two firewalls on the same connection
could cause issues with connectivity to the Internet or other
unexpected behavior. One firewall, whether it is the Windows XP
Internet Connection Firewall or a different software firewall,
can provide substantial protection for your computer."
Also note that if you update your third-party firewall to a new
version, the update routine will probably turn it off first. If
the Windows firewall isn't running, you will temporarily be left
with no running firewall, which is very dangerous. So turn on the
Windows firewall temporarily before doing maintenance on your
third-party firewall.
The Windows firewall monitors incoming traffic only. Almost any
third-party firewall will also monitor outbound traffic, stopping
rogue programs trying to call home, and is a better choice.
B.W. said:What is SP2 firewall?
It's the upgraded firewall that comes with SP2.
Is it all right to run more than one firewall?
You'll find those with different points on view on this. Here's
mine: don't run two firewalls. You achieve no extra protection,
you incur the extra overhead of running two firewalls, and you
run the risk (probably small, but not zero) of conflicts between
them.
See
http://www.microsoft.com/athome/security/protect/firewall.mspx
which includes the following:
"Q. Should I use both the built-in firewall and a software
firewall from a different company on my Windows XP computer?
"A. No. Running multiple software firewalls is unnecessary for
typical home computers, home networking, and small-business
networking scenarios. Using two firewalls on the same connection
could cause issues with connectivity to the Internet or other
unexpected behavior. One firewall, whether it is the Windows XP
Internet Connection Firewall or a different software firewall,
can provide substantial protection for your computer."
Also note that if you update your third-party firewall to a new
version, the update routine will probably turn it off first. If
the Windows firewall isn't running, you will temporarily be left
with no running firewall, which is very dangerous. So turn on the
Windows firewall temporarily before doing maintenance on your
third-party firewall.
The Windows firewall monitors incoming traffic only. Almost any
third-party firewall will also monitor outbound traffic, stopping
rogue programs trying to call home, and is a better choice.
R
-rwxrw-r--
SP2 Firewall is also known as Windows Firewall. It is quite alright to
run more than one firewall as long as the second/other firewall(s) is/are
hardware based and not any software based. I have found Windows Firewall
quite adequate for my needs and I also have router based firewall which
can be configured to your likings.
Hope this helps.
Could you explain to me why one would need to block a particular port twice
- once at a hardware firewall and then again on a software firewall? Is the
software one used to block the port(s) within your LAN to offer some sort
of security from other computers on your LAN?
A
ANONYMOUS
The idea of having an external FIREWALL is to stop some rogue programs calling home. In UK it is very common to find spyware progs installing self dialer to phone premium lines - mainly sex chats and what not!. Also, Windows Firewall does not check outgoing traffic so mass mailing (mainly spam) could be possible if the system was compromised before SP2 was installed.
Again as I said, Windows Firewall is enough for most people. I actually rely on Windows firewall. External router based is there because I use a router for my wireless connection. I would not otherwise go out of my way to buy one!!
Does this satisfy you?
Again as I said, Windows Firewall is enough for most people. I actually rely on Windows firewall. External router based is there because I use a router for my wireless connection. I would not otherwise go out of my way to buy one!!
Does this satisfy you?
D
David H. Lipman
From: "ANONYMOUS" <[email protected]>
|
| The idea of having an external FIREWALL is to stop some rogue programs calling home. In
| UK it is very common to find spyware progs installing self dialer to phone premium lines -
| mainly sex chats and what not!. Also, Windows Firewall does not check outgoing traffic so
| mass mailing (mainly spam) could be possible if the system was compromised before SP2 was
| installed.
|
| Again as I said, Windows Firewall is enough for most people. I actually rely on Windows
| firewall. External router based is there because I use a router for my wireless
| connection. I would not otherwise go out of my way to buy one!!
|
| Does this satisfy you?
Routers are not full FireWall implementations unless that are specifically Routers that have
a full FireWall implemented within. At best a Router's NAT cabaility to help to thwart
unbond connections. However, it will do nothing for outbound connections. That is where a
FireWall application comes into place. Most wireless Routers are just NAT devices and at
best may be considered a simplistic FireWall and will not help if you have a Trojan that
connected to say TCP 667 unless you specifically block TCP port 667 on the Router. You
didn't even mention the model of your wireless Router. Does this un-named device support
SPI ?
As always I suggest blocking both TCP and UDP ports 135 ~ 139 and 445 on *any* SOHO Router.
This will keep hackers and Internet worms from accessing MS Networking on the LAN side and
keep MS Networking from leaking out to the Internet.
Realize that the *best* place to discuss FireWalls is in a FireWall News Group.
|
| The idea of having an external FIREWALL is to stop some rogue programs calling home. In
| UK it is very common to find spyware progs installing self dialer to phone premium lines -
| mainly sex chats and what not!. Also, Windows Firewall does not check outgoing traffic so
| mass mailing (mainly spam) could be possible if the system was compromised before SP2 was
| installed.
|
| Again as I said, Windows Firewall is enough for most people. I actually rely on Windows
| firewall. External router based is there because I use a router for my wireless
| connection. I would not otherwise go out of my way to buy one!!
|
| Does this satisfy you?
Routers are not full FireWall implementations unless that are specifically Routers that have
a full FireWall implemented within. At best a Router's NAT cabaility to help to thwart
unbond connections. However, it will do nothing for outbound connections. That is where a
FireWall application comes into place. Most wireless Routers are just NAT devices and at
best may be considered a simplistic FireWall and will not help if you have a Trojan that
connected to say TCP 667 unless you specifically block TCP port 667 on the Router. You
didn't even mention the model of your wireless Router. Does this un-named device support
SPI ?
As always I suggest blocking both TCP and UDP ports 135 ~ 139 and 445 on *any* SOHO Router.
This will keep hackers and Internet worms from accessing MS Networking on the LAN side and
keep MS Networking from leaking out to the Internet.
Realize that the *best* place to discuss FireWalls is in a FireWall News Group.
Z
Z
-rwxrw-r-- said:Could you explain to me why one would need to block a particular port twice
- once at a hardware firewall and then again on a software firewall? Is the
software one used to block the port(s) within your LAN to offer some sort
of security from other computers on your LAN?
Once scenario: with the port blocked only at the router, any PC that's
on the LAN has access to the ports of the other systems on the LAN.
But, if you also block the ports at the f/w on each PC, you have better
LAN segmentation.
This is especially important if you have wireless enabled and are
running anything less secure than WPA. It's not that hard for someone to
simply pay a visit to your LAN via your WAP.
R
-rwxrw-r--
Would be easier to read your posts if you setup your newsreader to someThe idea of having an external FIREWALL is to stop some rogue programs
calling home. In UK it is very common to find spyware progs installing
self dialer to phone premium lines - mainly sex chats and what not!. Also,
Windows Firewall does not check outgoing traffic so mass mailing (mainly
spam) could be possible if the system was compromised before SP2 was
installed.
Again as I said, Windows Firewall is enough for most people. I actually
rely on Windows firewall. External router based is there because I use a
router for my wireless connection. I would not otherwise go out of my way
to buy one!!
Does this satisfy you?
acceptable fixed line length.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.