SP2 And Firewalls

[Neo Anderson]

1 computer each with xp home and xp pro - both with sp2.

Both are behind a hardware firewall so I have the Windows firewalls disabled
on each.

I have the Security Center's Alert Setting disabled.

However - on a routine basis (1 - 2 times a day - maybe on a boot after an
extended off time - not sure) the Alert gets enabled but not be human hands.

What's the deal with this? Is that thing on a timer somehow?



--

 

[Mike H]

Regardless of router firewalls, the best way to protect a system is to run a
software firewall.. the SP2 firewall is included into XP such that users
connecting for the first time to the internet can have some protection.. as
with hardware firewalls, SP2 does its job to stop incoming dangers..
however, SP2 and hardware firewalls do not stop any outgoings..

It is generally recognized that having control over both incoming and
outgoing events will lead to a more secure system, and SP2 addresses this by
putting up a warning.. the warning can be switched off, but the best way to
deal with the problem is to install a software firewall..

Some software firewalls are even free in basic form.. Zonealarm, Sygate and
Kerio are all available from their respective websites..

 

[Neo Anderson]

I didn't ask for a sales pitch on the pros and cons of firewalls. It's
quite arrogant on your part to assume I'm not already aware of the issues
you state - BUT they are not relevant to my question.

You state: "the warning can be switched off, . . .?" NO SHIx!

You didn't even bother to read the post - did ya? It clearly states the
(firewall) Alert Setting is disabled.

--

Regardless of router firewalls, the best way to protect a system is to run
a software firewall.. the SP2 firewall is included into XP such that users
connecting for the first time to the internet can have some protection..
as with hardware firewalls, SP2 does its job to stop incoming dangers..
however, SP2 and hardware firewalls do not stop any outgoings..

It is generally recognized that having control over both incoming and
outgoing events will lead to a more secure system, and SP2 addresses this
by putting up a warning.. the warning can be switched off, but the best
way to deal with the problem is to install a software firewall..

Some software firewalls are even free in basic form.. Zonealarm, Sygate
and Kerio are all available from their respective websites..

 

[Phil]

Regardless of router firewalls, the best way to protect a system is
to run a software firewall.. the SP2 firewall is included into XP
such that users connecting for the first time to the internet can
have some protection.. as with hardware firewalls, SP2 does its job
to stop incoming dangers.. however, SP2 and hardware firewalls do not
stop any outgoings..

I have to disagree. Software firewalls are great, but a good hardware
firewall can give you just as much control on outbound traffic as any
software firewall. No it won't pop up a pretty warning box asking to let
connections or not, but a good hardware firewall, setup correctly, that does
SPI and NAT, and has out bound traffic control as well is just as good or
better than any software firewall. Outbound traffic can be controlled to
your liking in a good hardware firewall. You think corportations or even
small businesses protect their networks and servers with a software
firewall? Of course they don't, they use a good hardware firewall with
outbound traffic locked down by closing ports and such. (btw - the $30
router that has no firewall or does nat only isn't what I mean by a hardware
firewall)

 

[Mike H]

Actually, I did read your post.. the advice provided was given in good faith
and in the interests of the question asked.. many people do not fully
understand why the SP2 Security warning is given, and installing a software
firewall for most will subdue the warning..

The deal is that things don't always do what they should..

No, it is not on a timer..

So go to 'Administrative Tools - Services' and turn the appropriate service
off.. I will not be so arrogant this time by assuming that you do not know
which service to disable..

I will also remember not to answer any posts generated by you in the
future.. I am sure that we will both find that mutually acceptable..

Have a nice day..

Mike H

I didn't ask for a sales pitch on the pros and cons of firewalls. It's
quite arrogant on your part to assume I'm not already aware of the issues
you state - BUT they are not relevant to my question.

You state: "the warning can be switched off, . . .?" NO SHIx!

You didn't even bother to read the post - did ya? It clearly states the
(firewall) Alert Setting is disabled.

--

 

[Mike H]

Phil

The majority of people posting into these groups are not sitting behind
corporate Unix servers and enterprise firewalls.. they have Win 98 or XP,
dialup, DSL and cable modems.. they don't have the technical expertise or
equipment to be able to set up the kind of hardware firewall that you speak
about, so any advice will has to be based upon technology that they can
obtain and use.. that is what I was attempting to do..

Mike H

 

[Len]

It also appears that you may have a tendency to over react! You certainly
will gain little assistance here with that type of response. If Security
Center bothers you that much just turn off the service (Disable/Stop) which
is the method I used when the Firewall alert continued to come up.

FWIW,
Len

I didn't ask for a sales pitch on the pros and cons of firewalls. It's
quite arrogant on your part to assume I'm not already aware of the issues
you state - BUT they are not relevant to my question.

You state: "the warning can be switched off, . . .?" NO SHIx!

You didn't even bother to read the post - did ya? It clearly states the
(firewall) Alert Setting is disabled.

--

 

[Phil]

I understand that and agree that it is/was good advice. Just wanted to point
out that a software firewall is not always the best way to protect a system
as you stated in your first reply. A software firewall is a good way for the
novice to protect their machine, but it's not the best overall way. You can
get a good firewall/router that does spi and nat and lets you close outbound
ports, and has port forwarding, starting at about $100(maybe cheaper - with
rebates I just got a netgear wireless firewall/router that does all I
metioned for about $60). Pretty cheap for great security and they are easy
to setup now-a-days. ZA is no easier to setup correctly than a
firewall/router, so even a novice can do it. Although there are no "dummy
light" pop-ups to alert of outgoing attempts, like za or similar would have.
So basicly the technology can be obtained and used by normal home users, it
just that a hardware firewall/router does not have a free version.

 

[Phil]

Forgot to add that software firewalls can be disabled, broken, or can crash
leaving you unprotected. A hardware firewall will rarely fail or "crash".

 

[Neo Anderson]

Thank you.

So - It appears the Firewall Service overrides Windows Security Center
Firewall Alert enable/disable option.

That's one less Service bloating my systems.

It would seen that disabling an item (Firewall Alert) would do just that.
Alas - MS!


--