J
JohnH
How good is windows firewall. I have Zone Alarm free at the moment.
Thanks
John
Thanks
John
G
Guest
Software firewalls do something that SP2's firewall does not do--block and
filter outbound connections.
When you install Zone alarm windows firewall geyts disabled. You can't have
two firewalls running at the same time.
filter outbound connections.
When you install Zone alarm windows firewall geyts disabled. You can't have
two firewalls running at the same time.
R
Rock
JohnH said:
Windows firewall works ok. It doesn't block outbound connections, and it
isn't very configurable for inbound issues. What outbound block does is
stop malware that's on the system from "phoning home", but the better
approach is to not let malware on the system in the first place, and
sophisticated malware can find it's way around outbound blocking. The
latest versions of zone alarm are bloated. You might want to look at Comodo
personal firewall or the free offering of Sunbelt Software's Kerio Personal
firewall as an alternative or just go with the Windows firewall.
K
Kayman
How good is windows firewall. I have Zone Alarm free at the moment.
Thanks
John
The Windows Firewall in XP SP2 does a fantastic job at its core mission and
is really all you need if you have a *good* anti-virus program. (There are
*very good* FREE AV apllications available).
Use/activate Win XP SP2 built-in Firewall and uncheck *all* Programs and
Services under the Exception tab.
Read through:
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
http://support.microsoft.com/kb/308127
Additionally, if you are on Broadband Internet get a Cable/DSL Router such
as the Linksys BEFSR41. It will help protect against such Pop-Ups, Hackers
and Internet worms. (They are pretty inexpensive nowadays).
If you on dial-up connection download Seconfig XP 1.0
http://seconfig.sytes.net/
IMHO Outbound application filtering as a meassure against malware is an
illusion. PFW vendors are offering you snake-oil
Ensure that you OS is current/updated/patched.
http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us
Also, practice Safe-Hex
http://www.claymania.com/safe-hex.html
Consider utilizing:
SUPERAntiSpyware Free Edition
http://www.superantispyware.com/download.html
Spybot Search & Destroy
http://www.safer-networking.org/en/download/index.html
(I don't use the Immunisation function and TeaTimer application)
Windows Defender
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Spyware Blaster
http://www.javacoolsoftware.com/spywareblaster.html
Rootkit Revealer
http://www.sysinternals.com
http://www.microsoft.com/technet/sysinternals/utilities/sysinternalssuite.mspx
Crap Cleaner
http://www.filehippo.com/download_ccleaner/
CW Shredder
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml
Read this also:
So How Did I Get Infected Anyway?
http://www.wilderssecurity.com/showthread.php?t=27971
Thanks
John
The Windows Firewall in XP SP2 does a fantastic job at its core mission and
is really all you need if you have a *good* anti-virus program. (There are
*very good* FREE AV apllications available).
Use/activate Win XP SP2 built-in Firewall and uncheck *all* Programs and
Services under the Exception tab.
Read through:
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
http://support.microsoft.com/kb/308127
Additionally, if you are on Broadband Internet get a Cable/DSL Router such
as the Linksys BEFSR41. It will help protect against such Pop-Ups, Hackers
and Internet worms. (They are pretty inexpensive nowadays).
If you on dial-up connection download Seconfig XP 1.0
http://seconfig.sytes.net/
IMHO Outbound application filtering as a meassure against malware is an
illusion. PFW vendors are offering you snake-oil
Ensure that you OS is current/updated/patched.
http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us
Also, practice Safe-Hex
http://www.claymania.com/safe-hex.html
Consider utilizing:
SUPERAntiSpyware Free Edition
http://www.superantispyware.com/download.html
Spybot Search & Destroy
http://www.safer-networking.org/en/download/index.html
(I don't use the Immunisation function and TeaTimer application)
Windows Defender
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Spyware Blaster
http://www.javacoolsoftware.com/spywareblaster.html
Rootkit Revealer
http://www.sysinternals.com
http://www.microsoft.com/technet/sysinternals/utilities/sysinternalssuite.mspx
Crap Cleaner
http://www.filehippo.com/download_ccleaner/
CW Shredder
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml
Read this also:
So How Did I Get Infected Anyway?
http://www.wilderssecurity.com/showthread.php?t=27971
P
Phisherman
Disable MS Windows firewall. Keep Zone Alarm.
K
Ken Blake, MVP
Actually you can. But you shouldn't.
A
Alan Illeman
Phisherman said:
How does one disable the xp firewall? (I'm helping a
neighbour who has xp; I have win2k pro)
tia
Alan
B
Bruce Chambers
JohnH said:
WinXP's built-in firewall is usually adequate at stopping incoming
attacks, and hiding your ports from probes. What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other than
to check for IP-spoofing, much less block (or at even ask you about) the
bad or the questionable out-going signals. It assumes that any
application you have on your hard drive is there because you want it
there, and therefore has your "permission" to access the Internet.
Further, because the Windows Firewall is a "stateful" firewall, it will
also assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.
ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.
Having said that, it's important to remember that firewalls and
anti-virus applications, which should always be used and should always
be running, while important components of "safe hex," cannot, and should
not be expected to, protect the computer user from him/herself.
Ultimately, it is incumbent upon each and every computer user to learn
how to secure his/her own computer.
--
Bruce Chambers
Help us help you:
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
B
Bruce Chambers
Kayman said:
What about the varities of malware that anti-virus applications aren't
designed to detect?
IMHO Outbound application filtering as a meassure against malware is an
illusion. PFW vendors are offering you snake-oil
How is being alerted to unauthorized outbound traffic "snake oil?"
--
Bruce Chambers
Help us help you:
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
K
Kayman
Not getting infected in the first place. it's called prevention. Works forBruce Chambers said:
me since 8/2004.
U
Uncle Grumpy
Kayman said:
And here since 9/1990
K
Kayman
Congratulations, UG. I knew I wasn't the only oneUncle Grumpy said:
It is unfortunate that (assumingly) intelligent persons fall for these
illusionware. But then again marketing is doing its job - how did Phineas
Taylor Barnum phrase it...?
Anybody with a little savvy can look-up non-advertisement driven
publications and find out very quickly that a system can be secure even
without any packet filters (firewall). But this is probably too hard and
it's easier to read glossy magazines who push the fantasyware, after all
advertising is big business
oh well.
K
Ken Blake, MVP
Exercising care, which helps lead to prevention, is great. I'm in
complete agreement with you that that's what everyone should do.
But I think relying on prevention is a terrible mistake. None of us is
perfect, and we can all make a mistake. Especially at times when we
may be busy, tired, annoyed at something, had too much to drink, etc.,
things can get past our guard. That's why having a second string to
our bows is always a good idea.
K
Kayman
I think relying on illusionware is much more terrible; Advocating theKen Blake said:
employ such fantasyware is condemnable and is nothing but a dis-service to
the uninitiated. Monitoring outbound traffic is
nonsense in terms of security.
I understand that ZA itself phones home, and that more recent versions
contain rootkit functionality to restrict administrative accounts. This
doesn't sound right, to me anyway.
The illusion ware is running on the same system that it's supposed to
protect. It ask you numerous times to click 'yes' to allow a certain
function to work and the user trigger-happily complies even without
understanding the question; IMO it's a flawed concept.
My preventative measures include a number of 'second strings' and hardening
of OS.
Phoney-baloney software aren't included
B
Bruce Chambers
Kayman said:
If we were recommending registry cleaners, I'd agree with you on this.
But the plain fact is that you're very, very wrong.
"There is none so blind as he who will not see." You're not in the IT
profession, are you? (At least I certainly hope not!)
--
Bruce Chambers
Help us help you:
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
K
Kayman
Marketing is doing its job, no doubt about that - oh well.
- oh well.
P
Plato
=?Utf-8?B?UmV5IFNhbnRvcw==?= said:
Actually, yes you can, tho it's NOT reommended to have 2 or more
software firewalls running at the same time as it will, eventually,
cause you either a minor or even a major niggle.
However, one can easily, no problem, have a NAT router installed which
has a build in "incoming" firewall, then you can add a second software
firewall that addresses both incoming and outgoing traffic running 24/7
no problem at all.
P
Plato
JohnH said:
I like and still use Zone Alarm free firewall. Never had a problem with
it. Plus, it lets me know when a new app I install wants to access the
internet. For example, I just installed a new printer and it wanted to
axs the Internet, I said no, there is no reason I personally need for my
printer software to axs the internet.
J
John Corliss
This is what's commonly known as a "red herring."
There's only one reason anybody would attempt to discourage monitoring
outbound connections, and that's if they want to get others to run
malware that does so.
In the alt.comp.freeware newsgroup, often when somebody is discussing
firewalls, somebody always jumps in from nowhere and says similar things
about two way monitoring.
As for getting around outbound monitoring, about the only way this can
be done is to use a rootkit AFAIK (note Kayman, now is your chance to
prove me wrong by clearly explaining how it's possible to get around
what you so scathingly refer to as a "*Toy* firewall."
There's only one reason anybody would attempt to discourage monitoring
outbound connections, and that's if they want to get others to run
malware that does so.
In the alt.comp.freeware newsgroup, often when somebody is discussing
firewalls, somebody always jumps in from nowhere and says similar things
about two way monitoring.
As for getting around outbound monitoring, about the only way this can
be done is to use a rootkit AFAIK (note Kayman, now is your chance to
prove me wrong by clearly explaining how it's possible to get around
what you so scathingly refer to as a "*Toy* firewall."