two firewall programs

[LarryLOOK]

My Belkin router has a firewall which is enabled. Now I have sp2 with
firewall turned on. Anything wrong with having two firewalls running? Any
advantages to this. So far haven't noticed any problems, but it's only been
2 days.

 

[K Patrick McGee]

I highly recommend using only the Belkin router. Using both is redundant.
Plus, the software firewall can potentially slow down the system and uses
extra resources.

Pat McGee CompTIA A+

 

[Bruce Chambers]

My Belkin router has a firewall which is enabled. Now I have sp2 with
firewall turned on. Anything wrong with having two firewalls running? Any
advantages to this. So far haven't noticed any problems, but it's only been
2 days.

No, WinXP's built-in firewall won't provided any added protection.
However.... :

If you use a router with NAT, it's still a very good idea to use a
3rd party software firewall. Like WinXP's built-in firewall,
NAT-capable routers do nothing to protect the user from him/herself
(or any "curious," over-confident teenagers in the home). Again --
and I cannot emphasize this enough -- almost all spyware and many
Trojans and worms are downloaded and installed deliberately (albeit
unknowingly) by the user. So a software firewall, such as Sygate or
ZoneAlarm, that can detect and warn the user of unauthorized out-going
traffic is an important element of protecting one's privacy and
security. (Remember: Most antivirus applications do not even scan for
or protect you from adware/spyware, because, after all, you've
installed them yourself, so you must want them there, right?)

I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it
comes to computer security and protecting my privacy, I prefer the old
"belt and suspenders" approach. In the professional IT community,
this is also known as a "layered defense." Basically, it comes down
to never, ever "putting all of your eggs in one basket."

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Bruce Chambers]

I highly recommend using only the Belkin router. Using both is redundant.
Plus, the software firewall can potentially slow down the system and uses
extra resources.

Pat McGee CompTIA A+

Why would someone who claims CompTIA A+ certification be deliberately
offering bad advice? Granted, the A+ certification has _nothing_ to do
with security, but you should have picked up a little something beyond
the basic hardware knowledge while studying/reading for the certification.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Guest]

No, WinXP's built-in firewall won't provided any added protection.
However.... :

If you use a router with NAT, it's still a very good idea to use a
3rd party software firewall. Like WinXP's built-in firewall,
NAT-capable routers do nothing to protect the user from him/herself
(or any "curious," over-confident teenagers in the home). Again --
and I cannot emphasize this enough -- almost all spyware and many
Trojans and worms are downloaded and installed deliberately (albeit
unknowingly) by the user. So a software firewall, such as Sygate or
ZoneAlarm, that can detect and warn the user of unauthorized out-going
traffic is an important element of protecting one's privacy and
security. (Remember: Most antivirus applications do not even scan for
or protect you from adware/spyware, because, after all, you've
installed them yourself, so you must want them there, right?)

I use both a router with NAT and Sygate Personal Firewall, even
though I generally know better than to install scumware. When it
comes to computer security and protecting my privacy, I prefer the old
"belt and suspenders" approach. In the professional IT community,
this is also known as a "layered defense." Basically, it comes down
to never, ever "putting all of your eggs in one basket."

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

The router firewall may fail, and the Windows Firewall, will protect. I
found out that my router/firewall had failed during a phone conversation with
an ISP technician on an unrelated issue. He just casually noted that he had
access to my computers. Keep both. Third party, if you wish.

 

[Plato]

(or any "curious," over-confident teenagers in the home). Again --

Teens in the house is why I got Kerio running on _my pc_ in addition to
the Linksys Router. If I put Kerio on their boxes they'd just click
"yes" to any outgoing thinggy anyway After all, they got their own
personal free pc service.

 

[Tecknomage]

My Belkin router has a firewall which is enabled. Now I have sp2 with
firewall turned on. Anything wrong with having two firewalls running? Any
advantages to this. So far haven't noticed any problems, but it's only been
2 days.

Don't. Desktop firewalls are buggy at best. Hardware firewalls are
much better, they protect without interfering with software on your
system.


==== Tecknomage ====
All technology which is sufficiently advanced becomes
indistinguishable from magic.

 

[Yves Leclerc]

Teckonmage,

The OP can have one software firewall and his Belkin router firewall
running. There should not too much problems, as long as his is only running
ONE firewall. The small home routers (@ $40 to $100) are not true firewalls
and may not trap everything.

My Belkin router has a firewall which is enabled. Now I have sp2 with
firewall turned on. Anything wrong with having two firewalls running?
Any
advantages to this. So far haven't noticed any problems, but it's only
been
2 days.

Don't. Desktop firewalls are buggy at best. Hardware firewalls are
much better, they protect without interfering with software on your
system.


==== Tecknomage ====
All technology which is sufficiently advanced becomes
indistinguishable from magic.

 

[Plato]

The OP can have one software firewall and his Belkin router firewall
running. There should not too much problems, as long as his is only running
ONE firewall. The small home routers (@ $40 to $100) are not true firewalls
and may not trap everything.

Why isn't a small home router also a true firewall?

 

[Leythos]

Why isn't a small home router also a true firewall?

Because the home versions of those routers only implement NAT and SPI
(if you get one with SPI), there is much more to a firewall than NAT.

This happened with someone in marketing decided that NAT blocking of
unsolicited inbound traffic was the full definition of a Firewall. While
Firewalls block traffic, the do a lot more in many cases.

We ran into this same word game when vendors started talking about their
Tape Drives doing 4GB - it would really only do 2GB and assumed 2:1
compression to get 4GB of data on the tape. It happened a long time
before the tape crap with Disk Drive sizes.

 

[Kelly]

Did your 14 yr. old show up for the turkey carving? Shared your story over
Thanksgiving dinner because 12 of them sitting at the table had their
controllers in one hand and a fork in the other. )

--
All the Best,
Kelly (MS-MVP)

Troubleshooting Windows XP
http://www.kellys-korner-xp.com