Windows XP Firewall

[Lori]

I just upgrade to sp2. I am currently running Zone Alarm Firewall on my
computer with the Windows Firewall disabled. If I enabled the Windows
Firewall, would they conflict with each other or provide added security?

 

[Will Denny]

Hi

They 'may' conflict. There is no added security in running two Firewalls.
The XP Firewall doesn't monitor outgoing access to the Internet in any case.

 

[Jordan]

I just upgrade to sp2. I am currently running Zone Alarm Firewall on
my computer with the Windows Firewall disabled. If I enabled the
Windows Firewall, would they conflict with each other or provide
added security?

They very well could conflict with each other. Keep the setup you have.
ZoneAlarm provides both inbound and outbound protection. The Windows
firewall does *not* provide outbound protection.

 

[Bill Crocker]

Run one, or the other...no real advantage to run both, and if you do, it
will slow network/internet response.

Bill Crocker

 

[sgopus]

They could conflict, zonealarm is a much better firewall
anyway, just leave XP's firewall disabled

 

[Bruce Chambers]

Greetings --

SP2's Windows Firewall is intended to complement 3rd-party
firewalls, so it won't hurt anything to leave it enabled whilst using
another software firewall, but it also won't do much good, except as
extra "insurance."


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

 

[Charlie]

Microsoft clearly states why one should NOT use 2 software firewalls.

--
Charlie

- " Keepin' the Blues Alive "
4 9 2 A c o u s t i c B l u e s
www.492acousticblues.com
www.soundclick.com/pro/?BandID=200514

 

[Johnny Lingo]

And where is that statement?
Do you have a URL?

Microsoft clearly states why one should NOT use 2 software firewalls.

--
Charlie

- " Keepin' the Blues Alive "
4 9 2 A c o u s t i c B l u e s
www.492acousticblues.com
www.soundclick.com/pro/?BandID=200514

 

[Bruce Hagen]

Control Panel>Security Center>Windows Firewall>What else should I
know about Windows Firewall. See the last sentence.

In Microsoft Windows XP Service Pack 2 (SP2), Windows Firewall is
turned on by default. (However, some computer manufacturers and
network administrators might turn it off.) You do not have to use
Windows Firewall-you can install and run any firewall that you
choose. Evaluate the features of other firewalls and then decide
which firewall best meets your needs. ***you choose to install and
run another firewall, turn off Windows Firewall.***

It has long been known that running two firewalls cause problems.
--
Bruce Hagen
~IB-CA~

 

[Plato]

I just upgrade to sp2. I am currently running Zone Alarm Firewall on my
computer with the Windows Firewall disabled. If I enabled the Windows
Firewall, would they conflict with each other or provide added security?

Running two firewalls 24/7 is NOT recommended.

 

[CZ]

It has long been known that running two firewalls cause problems.

Bruce:

Strange, as I have been running two (or three) firewalls at the same time
for several years without any problems.

 

[Johnny Lingo]

Exactly. Many technicians and IT pros recommend home users to use Zone
Alarm AND the Windows XP built-in firewall.

 

[CZ]

Many technicians and IT pros recommend home users to use Zone Alarm AND
Johnny:

I agree. That is a good combination.

I am running Windows Firewall, ZA free, and BlackIce together without
problems on this computer (XP Pro SP2).

 

[Bruce Hagen]

Ask Norton, and McAfee, and they will both tell you two firewalls is
not a good conception. And as I posted earlier, if MS also agrees
that two firewalls are not a good configuration, then what is the
dispute?

 

[Bruce Chambers]

Greetings --

That's what they said regarding WinXP's original ICF. The
improved Windows Firewall provided by SP2 is more "tolerant."

Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

 

[CZ]

Ask Norton, and McAfee, and they will both tell you two firewalls is
not a good conception. And as I posted earlier, if MS also agrees
that two firewalls are not a good configuration, then what is the
dispute?

Bruce:

1) Experience.
It can work without problems per several years of usage. However, I know
not to run two ID f/ws together, and I would not run another f/w on an ISA
server. And I test and look for conflicts.

2) Knowledge.
In general, there is not any technical reason that you cannot run multiple
stateless packet filtering firewalls together.
First f/w to receive the packets makes a drop or forward decision. If the
packet is forwarded, the next firewall makes a drop or forward decision. In
general, they act on the packets sequentially.
However, IMO, for more advanced firewalls that use ID, stateful filtering
(not the router SPI thingy), circuit level filtering, and application level
filtering the chance for problems/conflicts can increase.

Also, since f/ws can use different technologies, there can be benefits to
using multiple firewalls.
And, as another user recently posted, a trojan disabled one of his two
firewalls, but he was still protected by the second firewall.

3) IMO, companies have been known to make recommendations primarily to
reduce their end user troubleshooting costs and bad end user experiences.

However, there is always a risk that you may encounter conflicts. If you
are not willing take the risk (and do your own testing to verify
compatibility), then do not do it.

BTW, I have run Norton with ZA free and BlackIce at the same time without
any problems.

 

[lashdown]

Hello gurus. I installed SP2 and have a couple of questions:

1. Like half of America, apparently, I want to disable the windows
firewall. The question is how to do it. I know I go into Control Panel
-> Windows Firewall and click the Off radio button. But if that's
enough to disable it, then why have I seen so many postings that
discuss running shell scripts and tweaking the registry?

2. The Network Setup Wizard now gives me the message: "The wizard
detected that this computer belongs to a domain" and forces me to
cancel, even though I log on to the computer locally. This is new
behavior since the SP2 installation, so I figure there is a causal
relationship. Anyone know how to handle this annoyance, er, I mean new
Windows feature?

Lance