R
Riccardo
Can you suggest me good desktop firewall for Windows Xp, so I can
completing it with my Antivirus.
completing it with my Antivirus.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
M
Mark Adams
Use a router and turn on the Windows firewall.Riccardo said:Can you suggest me good desktop firewall for Windows Xp, so I can
completing it with my Antivirus.
S
SC Tom
Riccardo said:Can you suggest me good desktop firewall for Windows Xp, so I can
completing it with my Antivirus.
If you already have an AV program, you should be fine with XP's firewall.
SC Tom
K
Ken Blake, MVP
Can you suggest me good desktop firewall for Windows Xp, so I can
completing it with my Antivirus.
In my view the built-in Windows XP firewall is fine.
G
Guest
The Windows Firewall is not a good firewall
G
Guest
The best firewall I have ever used come with Symantec Client Security
3.1.6.6010 - awesome
The worst is the Windows Firewall as it only works one way & should always
be disabled
3.1.6.6010 - awesome
The worst is the Windows Firewall as it only works one way & should always
be disabled
U
Unknown
It's the best. What are your negatives against Windows Firewall???
Never a problem with it and it does an outstanding job.
Never a problem with it and it does an outstanding job.
U
Unknown
Shear hogwash. If nothing gets in, you needn't check what is going out.
What's more, most people
using the two way firewalls have to cripple outgoing scans due to problems.
What's more, most people
using the two way firewalls have to cripple outgoing scans due to problems.
S
smlunatick
The best firewall I have ever used come with Symantec Client Security
3.1.6.6010 - awesome
The worst is the Windows Firewall as it only works one way & should always
be disabled
You can use the Windows firewall if you are also using a network
router.
K
Kayman
The best firewall I have ever used come with Symantec Client Security
3.1.6.6010 - awesome
Really? Please elaborate!
The worst is the Windows Firewall as it only works one way
Correct!
& should always be disabled
Please provide technical reasons.
For the average homeuser, the Windows Firewall in XP does a fantastic job
at its core mission and is really all you need if you have an 'real-time'
anti-virus program, [another firewall on your router or] other edge
protection like SeconfigXP and practise Safe-Hex.
The windows firewall deals with inbound protection and therefore does not
give you a false sense of security. Best of all, it doesn't implement lots
of nonsense like pretending that outbound traffic needs to be monitored.
Activate and utilize the Win XP built-in Firewall; Uncheck *all* Programs
and Services under the Exception tab.
Windows XP: How to turn on your firewall.
http://www.microsoft.com/protect/computer/firewall/xp.mspx
How can I turn on or turn off the firewall in Windows XP Service Pack 2 or
later versions?
"Warning If you are running the release version of Windows XP or Windows XP
Service Pack 1,..."
http://support.microsoft.com/kb/283673
Read through:
Understanding Windows Firewall.
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
Using Windows Firewall.
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
PFW Criticism.
http://en.wikipedia.org/wiki/Personal_firewall#Criticisms
At Least This Snake Oil Is Free.
http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx
Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."
Exploring the windows Firewall.
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater¡Xit¡¦s a gimmick that only gives the
impression of improving your security without doing anything that actually
does improve your security."
In conjunction with WinXP SP2 Firewall use:
Seconfig XP 1.0
http://seconfig.sytes.net/
(http://www.softpedia.com/progDownload/Seconfig-XP-Download-39707.html)
Seconfig XP is able configure Windows not to use TCP/IP as transport
protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
and 445 (the most exploited Windows networking weak point) closed.
OR
Configuring NT-services much more secure.
http://www.ntsvcfg.de/ntsvcfg_eng.html
How Security Companies Sucker Us With Lemons.
http://www.wired.com/politics/security/commentary/securitymatters/2007/04/securitymatters_0419
http://www.schneier.com/index.html
Managing the Windows Vista Firewall *(read twice!)*
http://technet.microsoft.com/en-us/magazine/cc510323.aspx
K
Ken Blake, MVP
The worst is the Windows Firewall as it only works one way & should always
be disabled
I also used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.
I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that monitors
outbound traffic is more apparent than real.
Windows firewall is far from the worst. It's as good as any other one.
B
Bruce Chambers
Unknown said:It's the best.
Ah, but best "what," precisely? I only ask because it's only "half" of
a true firewall.
What are your negatives against Windows Firewall???
WinXP's built-in firewall is usually adequate at stopping incoming
attacks, and hiding your ports from probes. What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other than
to check for IP-spoofing, much less block (or at even ask you about) the
bad or the questionable out-going signals. It assumes that any
application you have on your hard drive is there because you want it
there, and therefore has your "permission" to access the Internet.
Further, because the Windows Firewall is a "stateful" firewall, it will
also assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.
ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.
Having said that, it's important to remember that firewalls and
anti-virus applications, which should always be used and should always
be running, while important components of "safe hex," cannot, and should
not be expected to, protect the computer user from him/herself.
Ultimately, it is incumbent upon each and every computer user to learn
how to secure his/her own computer.
--
Bruce Chambers
Help us help you:
http://support.microsoft.com/default.aspx/kb/555375
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin
Many people would rather die than think; in fact, most do. ~Bertrand Russell
The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot
B
Bruce Chambers
Unknown said:Shear hogwash. If nothing gets in...
.... Which is a completely unreasonable assumption to make.
--
Bruce Chambers
Help us help you:
http://support.microsoft.com/default.aspx/kb/555375
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin
Many people would rather die than think; in fact, most do. ~Bertrand Russell
The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot
B
Bruce Chambers
On Thu, 23 Apr 2009 19:54:32 +0100, "SPAMCOP User"
I also used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.
I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that monitors
outbound traffic is more apparent than real.
I'd have to disagree to a certain extent, Ken. Yes, some types of
malware can "subvert" a personal firewall and render out-bound checking
meaningless, but not all can malware do so. Some will leave a trail. I
think it's better to be warned about at least some of the out-going
suspicious traffic than none at all. No, it's not 100%, but nothing
ever is, after all. Further, investigation of identified problems may
well lead the user to discovering his/her other "vulnerabilities."
--
Bruce Chambers
Help us help you:
http://support.microsoft.com/default.aspx/kb/555375
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin
Many people would rather die than think; in fact, most do. ~Bertrand Russell
The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot
P
Paul
Ken Blake said:I also used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.
I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that monitors
outbound traffic is more apparent than real.
Windows firewall is far from the worst. It's as good as any other one.
Snipped
This thread has so far concentrated on malware. But what about
legitimate programs.
I have several dozen programs on my PC both purchased and freeware.
It annoys me that so many programs want to -
1. Load a program or service memory resident on boot up
2. Want to 'phone home' on a regular basis for various reasons.
Point 2 is the main reason I use a two-way firewall (currently Online
Armor free), to block their needless attempts to use my bandwidth.
I have a monthly usage limit and I will use it for what I want, when I
want. Not at some programmers whim.
A program may have an update, but I can check that when I next use the
program, which may be in two months time. I don't need this everytime I
start my PC.
cheers,
Paul
L
larrylaundry
Bruce said:I'd have to disagree to a certain extent, Ken. Yes, some types of
malware can "subvert" a personal firewall and render out-bound checking
meaningless, but not all can malware do so. Some will leave a trail. I
think it's better to be warned about at least some of the out-going
suspicious traffic than none at all. No, it's not 100%, but nothing
ever is, after all. Further, investigation of identified problems may
well lead the user to discovering his/her other "vulnerabilities."
A router is very important. I would rather use a router than any
software firewall, paid or free.
Firewall without a router, is asking for, what is is going on.
L
larrylaundry
I also used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.
I've become convinced, however, that outbound protection is
meaningless.
Back at a time we learned that a program could be named anything that
was a legit or trusted program, and easily pass out through a
firewall.
It was the name of the program, not the contents, that after having
inital outgoing acceptance, had outgoing
incoming rights.
Simpleton sounding for sure.
Then I think it's called hashs, in firewalls that could check for
changes, alterations in programs. And ask if the user would allow
outgoing connections.
Changes, like updates, would alert of possible problems.
L
Leythos
WinXP's built-in firewall is usually adequate at stopping incoming
attacks, and hiding your ports from probes.
And yet we still find home users computers with File and Printer Sharing
enabled without them knowing it.
What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently.
And lets not forget the MANY non-malware applications that put
exceptions in the Windows XP firewall without the users even being aware
of it.
U
Unknown
Sorry but that is only your opinion. Common sense and the Windows firewall
is FINE.
Notice all the installation problems posters are having due to others
firewalls?
is FINE.
Notice all the installation problems posters are having due to others
firewalls?
D
db
I don't always see
i2i with blake,
however, i also have
come to the same
conclusion and agree
with his responses on
the posting.
further, I would urge
people to set their
windows fw to
'no exceptions' when
ever the computer is
not be shared or
networked.
--
db·´¯`·...¸><)))º>
DatabaseBen, Retired Professional
- Systems Analyst
- Database Developer
- Accountancy
- Veteran of the Armed Forces
- @hotmail.com
"share the nirvana" - dbZen
~~~~~~~~~~~~~~~~~~
i2i with blake,
however, i also have
come to the same
conclusion and agree
with his responses on
the posting.
further, I would urge
people to set their
windows fw to
'no exceptions' when
ever the computer is
not be shared or
networked.
--
db·´¯`·...¸><)))º>
DatabaseBen, Retired Professional
- Systems Analyst
- Database Developer
- Accountancy
- Veteran of the Armed Forces
- @hotmail.com
"share the nirvana" - dbZen
~~~~~~~~~~~~~~~~~~