Windows XP Firewall on or off?

[Guest]

I am getting conflicting information when I talk to techies about turning my
windows xp firewall off or on. I am currently running on my pc Norton
AntiVirus and Webroot Spy Sweeper and Pop-Up Blocker. I was told that if I
turn the firewall on it could significantly slow down my internet connection
(cable). Right now I have it off. Should I turn it back on?
Ruth

 

[Guest]

I am getting conflicting information when I talk to techies about turning my
windows xp firewall off or on. I am currently running on my pc Norton
AntiVirus and Webroot Spy Sweeper and Pop-Up Blocker. I was told that if I
turn the firewall on it could significantly slow down my internet connection
(cable). Right now I have it off. Should I turn it back on?
Ruth

Ruth - That information is blantly incorrect. That firewall should be
on! I hope you rmachine is fully patched too.

Good luck.

 

[Guest]

ok, i'll turn it on. you will have to give me more information on what you
mean by "fully patched". and how to do it if i'm 'unpatched'!
R

 

[Yves Leclerc]

Fully patched == Have Service Pack 2 installed and have all other critical
updates from Microsoft Windows Updates web site.

If you have Noroton AntiVirus version 2005 (or greater???) then turn of the
Worm protection. This is a simple firewall that Norton placed it it so as
to ONLY stop worm viruses from spreading. A ture firewall will protect you
from this also.

 

[Guest]

Well, i am fully patched then. i have sp2 and do windows updates on a
regular basis. You lost me though on the worm protection. Yes I have Norton
2005, do live updates all the time. Not sure what your asking me to do with
the worm protection and how it relates to the firewall? (no techie here)
R

 

[Bruce Chambers]

I am getting conflicting information when I talk to techies about turning my
windows xp firewall off or on. I am currently running on my pc Norton
AntiVirus and Webroot Spy Sweeper and Pop-Up Blocker. I was told that if I
turn the firewall on it could significantly slow down my internet connection
(cable). Right now I have it off. Should I turn it back on?
Ruth

You clearly haven't been talking to anyone with real technical
knowledge! You *need* to have a firewall installed and enabled, if you
connect to the Internet. Period.

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.



--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Bruce Chambers]

ok, i'll turn it on. you will have to give me more information on what you
mean by "fully patched". and how to do it if i'm 'unpatched'!
R

There are several essential components to computer security: a
knowledgeable and pro-active user, a properly configured firewall,
reliable and up-to-date antivirus software, and the prompt repair (via
patches, hotfixes, or service packs) of any known vulnerabilities.

The weakest link in this "equation" is, of course, the computer
user. No software manufacturer can -- nor should they be expected
to -- protect the computer user from him/herself. All too many people
have bought into the various PC/software manufacturers marketing
claims of easy computing. They believe that their computer should be
no harder to use than a toaster oven; they have neither the
inclination or desire to learn how to safely use their computer. All
too few people keep their antivirus software current, install patches
in a timely manner, or stop to really think about that cutesy link
they're about to click.

Firewalls and anti-virus applications, which should always be used
and should always be running, are important components of "safe hex,"
but they cannot, and should not be expected to, protect the computer
user from him/herself. Ultimately, it is incumbent upon each and
every computer user to learn how to secure his/her own computer.


To learn more about practicing "safe hex," start with these links:

Protect Your PC
http://www.microsoft.com/security/protect/default.asp

Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

List of Antivirus Software Vendors
http://support.microsoft.com/default.aspx?scid=kb;en-us;49500

Home PC Firewall Guide
http://www.firewallguide.com/

Scumware.com
http://www.scumware.com/




--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Guest]

Hi Bruce
Thanks for your response. And I agree that the safety of your computer lies
with the user first. My son clicked on an AOL IM link last night and my pc
started to go ballistic. Luckily the SpySweeper program I have caught it(i
think it was the elitebar adware and backdoor trojan to Internet Explorer).
After several sweeps of spyware/adware and norton, we are clean. I also
check for Windows updates regularly. I didn't mention before tho that my pc
is connected via cable ethernet on my end, and the other end is a LinkSys
router. It is a wireless router, but we don't use it as a wireless means to
connect to internet. My ethernet wire is in a port. We have updated all
current firmware and have put security codes in place. I'm thinking that is
another wall to penetrate. Plus I never leave my computer on when not in use.
So far so good, but i have turned on my windows firewall. Thanks for your
wise advice.
Ruth