sp2 firewall

[hardhead]

will the firewall in sp2 conflict with third party
firewalls such as zone alarm or outpost? i use xp's
connection firewall and outpost now, and no problems.

 

[Phil]

Why would you need two software firewalls running? One firewall is enough.
Running two does not give you any extra protection. I suggest you find one
firewall that has the options/features that you want and use just that. If
you use a third party firewall, then the xp firewall isn't needed.

 

[Max Burke]

Phil scribbled:

Why would you need two software firewalls running?

Because we can, and because ICF does not stop outbounds.....

One firewall is
enough.

Two is better than one; Consider it as a 'second opinion' option.

Running two does not give you any extra protection.

Yes it does. It fills a *glaring* gap in ICF protection.

I suggest
you find one firewall that has the options/features that you want and
use just that. If you use a third party firewall, then the xp
firewall isn't needed.

But it's there, and it works, so why not use it.

 

[robert]

Just because its there doesnt mean u HAVE to use it.
a combination of hardware and software firewalls make sense, but have two
software firewalls. makes configuration complicated and as mentioned before
one properly configured firewall is better than two.

 

[Max Burke]

robert scribbled:

Just because its there doesnt mean u HAVE to use it.

Doesn't mean to say I/we shouldn't use both....

a combination of hardware and software firewalls make sense, but have
two software firewalls makes configuration complicated

Only if you make it complicated.
Me, I just activated ICF on my internet conections, and turned on and
configured the firewall in my antivirus package. (Trend Micro's Internet
Security package) Prior to installing that I used ZAF and ICF.
Both work fine together....

Why do I use two firewalls? Because ICF does NOT block outbounds. Therefore
I use a firewall that does and ICF as a 'second opinion' for inbounds.

and as
mentioned before one properly configured firewall is better than two.

Not when the default firewall in XP does NOT block outbounds.

 

[EGR]

Why do I use two firewalls? Because ICF does NOT block outbounds.
Therefore
I use a firewall that does and ICF as a 'second opinion' for inbounds.

Logic Failure Alert!

The fact that ICF does not block outbound is not a reason for using two
firewalls, it's a reason for using an alternative firewall.
Running two firewalls just adds an additional load to your machine, and
serves no practical purpose.

 

[CZ]

Logic Failure Alert! The fact that ICF does not block outbound is not afirewalls, it's a reason for using an alternative firewall.
Running two firewalls just adds an additional load to your machine, and
serves no practical purpose.

EGR:

Logic Failure Alert! Since firewalls can use different technologies, it can
be desirable to run more than one firewall.
This computer is running XP SP2 RTM with the following:
SP2's Firewall (ICF2): is stateful, does inbound control
BlackIce v3.6: is an ID
ZA free v5.1.011: is an application gate for outbound control of
applications

 

[Ken Blake]

In

will the firewall in sp2 conflict with third party
firewalls such as zone alarm or outpost? i use xp's
connection firewall and outpost now, and no problems.

You'll find those with different points on view on this. Here's
mine: don't run both. You achieve no extra protection, you incur
the extra overhead of running two firewalls, and you run the risk
(probably small, but not zero) of conflicts between them.

 

[Phil]

Because we can, and because ICF does not stop outbounds.....

I wouldn't use ICF anyway. Like I said find one that does what you need and
use only that one. I use ZA for the outbound protection and BTW, it does
inbound to. So if ZA does outbound and inbound then that's all you need.

Two is better than one; Consider it as a 'second opinion' option.

It can't give a "second opinion. a firewall is a firewall, they all
eseentially do the same thing, open/close/block ports. Two firewalls would
give you the same "opinion".

Yes it does. It fills a *glaring* gap in ICF protection.

No it doesn't. If you want outbound then use something like zone alarm. It
does in bound and out bound. There is no reason to have to inbound blockers.
If you want to fill the gap that icf has(no outbound), then like I said a
few times already, use one that does both and be done with it.

But it's there, and it works, so why not use it.

Already answered, there no reason to, except to use resources and possibly
cause conflicts.
Having two firewalls running is like having two locks on your door, but they
both use the same key to open them.

 

[Phil]

firewalls, it's a reason for using an alternative firewall.
Running two firewalls just adds an additional load to your machine,
and serves no practical purpose.

EGR:

Logic Failure Alert! Since firewalls can use different technologies,
it can be desirable to run more than one firewall.
This computer is running XP SP2 RTM with the following:
SP2's Firewall (ICF2): is stateful, does inbound control
BlackIce v3.6: is an ID
ZA free v5.1.011: is an application gate for outbound control of
applications

Not different technologies, just different options and ways of functioning.
But a firewall, is a firewall, they all open/close/block/hide ports. If a
port is blocked or hidden, it's blocked or hidden, doesn't matter how it got
that way. So since all firewalls do the same thing, they just have different
features, it makes no sense to run two. Just find one that has the features
you want. You can run two if you want, but your not better protected having
the two running.

 

[CZ]

Not different technologies, just different options and ways ofBut a firewall, is a firewall, they all open/close/block/hide ports. If a
port is blocked or hidden, it's blocked or hidden, doesn't matter how it got
that way. So since all firewalls do the same thing, they just have different
features, it makes no sense to run two. Just find one that has the features
you want. You can run two if you want, but your not better protected having
the two running.

Phil:

You posted some very uninformed comments.
(ever hear of the OSI model of networking?)

Firewall technologies:
Packet filtering:
Stateless
Stateful
Circuit level filtering
Application level filtering

ID
Gateway vs proxy server

 

[Phil]

But a firewall, is a firewall, they all open/close/block/hide ports.
If a port is blocked or hidden, it's blocked or hidden, doesn't
matter how it got that way. So since all firewalls do the same thing,
they just have different features, it makes no sense to run two. Just
find one that has the features you want. You can run two if you want,
but your not better protected having the two running.

Phil:

You posted some very uninformed comments.
(ever hear of the OSI model of networking?)

Firewall technologies:
Packet filtering:
Stateless
Stateful
Circuit level filtering
Application level filtering

ID
Gateway vs proxy server

Bottom line, they all do essentially the same thing. There's no need to run
two software firewalls. If you want to, go right ahead, I won't. We could go
back and forth all day long here, so you do what you want and I'll do what I
want. I will never tell anyone that running two software firewalls is a good
idea, because it is not. This is my opinion and you'll never change my mind
on this one, so I will end this thread as there are more important things to
do.

 

[CZ]

Bottom line, they all do essentially the same thing. There's no need totwo software firewalls. If you want to, go right ahead, I won't. We could go
back and forth all day long here, so you do what you want and I'll do what I
want. I will never tell anyone that running two software firewalls is a good
idea, because it is not. This is my opinion and you'll never change my mind
on this one, so I will end this thread as there are more important things to
do.


Phil:

Do you what works for you, but stating that all firewalls do the same thing
is a very uninformed comment. Unfortunately, it is the norm for this NG,
including many MVPs.

From http://webopedia.internet.com/TERM/f/firewall.html

"There are several types of firewall techniques:
Packet filter: Looks at each packet entering or leaving the network and
accepts or rejects it based on user-defined rules. Packet filtering is
fairly effective and transparent to users, but it is difficult to configure.
In addition, it is susceptible to IP spoofing.
Application gateway: Applies security mechanisms to specific applications,
such as FTP and Telnet servers. This is very effective, but can impose a
performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP
connection is established. Once the connection has been made, packets can
flow between the hosts without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The
proxy server effectively hides the true network addresses. "

 

[hardhead]

thanks ken, i've had no problems.

-----Original Message-----
In

You'll find those with different points on view on this. Here's
mine: don't run both. You achieve no extra protection, you incur
the extra overhead of running two firewalls, and you run the risk
(probably small, but not zero) of conflicts between them.



--
Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup


.

 

[hardhead]

cause i turned it on when i first got the pc, and left it
on. and if the third party firewall should have a problem
at least i have some protection.

 

[hard head]

i agree max.

-----Original Message-----

Because we can, and because ICF does not stop outbounds.....

Two is better than one; Consider it as a 'second opinion' option.


Yes it does. It fills a *glaring* gap in ICF protection.


But it's there, and it works, so why not use it.

--
(e-mail address removed)
Replace the obvious with paradise.net to email me
Found Images
http://homepages.paradise.net.nz/~mlvburke
.

 

[hardhead]

not so, i know people who run avg and nortons w/o the
mail check and they work good.

 

[hardhead]

don't agree, there is no too much.

-----Original Message-----

opinion' for inbounds.

Logic Failure Alert!

The fact that ICF does not block outbound is not a reason for using two
firewalls, it's a reason for using an alternative firewall.
Running two firewalls just adds an additional load to your machine, and
serves no practical purpose.
.

 

[hardhead]

i think outpost that i run kinda takes over from xp's
firewall at least for out bound. and the inbound never
gets to the xp wall.

 

[hardhead]

don't mean to debate, but not long ago my third party
firewall was disabled by a trojan, but my xp wall still
worked for inbound. it's like having a seatbelt and
brakes too.