Greetings --
WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the Windows Firewall is a "stateful" firewall, it
will also assume that any incoming traffic that's a direct response to
a Trojan's or spyware's out-going signal is also authorized.
ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.
Now, if you use a so-called hardware firewall, which is most
likely just a router with NAT, it's still a good idea to use a 3rd
party software firewall. Like WinXP's firewall, NAT-capable routers
do nothing to protect the user from him/herself. Again -- and I
_cannot_ emphasize this enough -- almost all spyware and many Trojans
and worms are downloaded and installed deliberately (albeit
unknowingly) by the user. So a software firewall, such as Sygate or
ZoneAlarm, that can detect and warn the user of unauthorized out-going
traffic is an important element of protecting one's privacy and
security. Most antivirus applications do not scan for or protect you
from adware/spyware, because, after all, you've installed them
yourself, so you must want them there, right?
I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it
comes to computer security and protecting my privacy, I prefer the old
"belt and suspenders" approach.
The SP2 Firewall's most important virtues, I think, are it's
improved compatibility with internal LANs and its configurability via
group policies. Now, there's a simple, cheap tool that system admins
can use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH