WinXP service pack 2 ... FIREWALL

[C.J.]

Hi all,i just installed Service pack 2 and notice that it make positive
announcements that the FIREWALL is now ON.
Does oanyone know if its better than the original XP firewall,and,does it
now Block OUTGOING spyware as well???

Silly Question.....is it as good as Zonealarm please ?

 

[Will Denny]

Hi

The XP SP2 doesn't monitor outgoing access to the internet. You will need
to install a 3rd party '2-way' Firewall such ZoneAlarm.

 

[C.J.]

TY Will, Ill stick with ZoneAlarm.. other than this the install went
perfectly,but i would expect it too.

 

[kurttrail]

Hi all,i just installed Service pack 2 and notice that it make positive
announcements that the FIREWALL is now ON.
Does oanyone know if its better than the original XP firewall,

If you like it nagging you more, then it is better.

and,does it now Block OUTGOING spyware as well???

LOL! That would actually be a good firewall! MS likes adding middleware
that inbred.

Silly Question.....is it as good as Zonealarm please ?

Not even close.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[Edwin Davidson]

If Microsoft SP2 firewall was as featured as ZoneAlarm, Sygate,
McAfee, Norton, Panda, Trend, or any of the others then Microsoft
would be sued by said companys due to their *Monopolistic* activities.

So you can't blame Microsoft. They are in between a rock and a
hardplace here.

Microsoft bought RAV (antivirus.) http://www.ravantivirus.com/

Now there are rumors that Microsoft will be releasing an Antivirus
product.
http://zdnet.com.com/2100-1105_2-5287496.html
http://computerworld.co.nz/news.nsf...256EE0001B8EF4?OpenDocument&pub=Computerworld

If you read these you will see that Microsoft is being very cautious
not to step on the Antivirus vendors toes. Although Microsoft has the
IP to create a robust antivirus product, they will not. They will
release one that provides just enough features to help isolate the
extreme number of Windows Zombies on the internet, and such.

Either we want the to do everything, and force others out of buisiness
- or we want them to not act as a monopoly and leave these problems to
3rd party vendors. In reality they need/have to act somewhere in the
middle.

 

[Frank]

<http://support.microsoft.com/default.aspx?scid=kb;en-us;884130&Product=windowsxpsp2>

Why don't you do a little research before you make suggestions?
MVP as well.

 

[Bruce Chambers]

Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility, usability
and configurability, is still rather lacking, as a solid security
component. It still can't supplant 3rd-party solutions, nor is it
intended to do so; rather, it's intended to complement them. And, like
the original ICF, it will not monitor out-going traffic.

It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

SP2's Windows Firewall is intended to complement
3rd-party firewalls, so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

 

[root]

Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility, usability
and configurability, is still rather lacking,

Not true. Combined with a good AV and adware program it is entirely
sufficient. AND it supplants the need for a 3rd party OS support
utility(firewall). Getting rid of as many of those as possible is/should be
a goal for any PC user and is one of those great things that MS does for its
users.

as a solid security
component. It still can't supplant 3rd-party solutions,

That's FALSE. And your claim restated says that MS just wasted their time
on SP2. Wrong again.

nor is it
intended to do so;

That's FALSE.

rather, it's intended to complement them.
NO!

And, like
the original ICF, it will not monitor out-going traffic.

That's not essential and with a good AV and adware program such is unneeded.

It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP also
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently.

That's what AV and adware programs do.

It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals.

Not a high priority need.

It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall,

NO, they are 3rd party OS support apps whose time has past just like
Netroom and Stacker.

and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

SP2's Windows Firewall is intended to complement
3rd-party firewalls,

That's false. Cite anywhere MS says that.

so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."

The best SP2 install procedure is to uninstall ZA or equivalent. Disable AV
and then do the SP2 install. Enable the AV program.

 

[Greg R]

To whomever,

Greetings --

The "next generation" Windows Firewall included with SP2, while
vastly superior to the original ICF in terms of visibility, usability
and configurability, is still rather lacking, as a solid security
component.

I agree with Bruce on this.

====================

It still can't supplant 3rd-party solutions, nor is it
intended to do so; rather, it's intended to complement them.

I not sure what you meant with this statement above
====================

And, like the original ICF, it will not monitor out-going traffic.


It's most important virtues, I think, are it's improved
compatibility with internal LANs and its configurability via group
policies. Now, there's a simple, cheap tool that system admins can
use to protect the LAN workstations from that occasional - but not
rare enough - fool who manages to bypass the perimeter firewall and
manually install some malware that could then spread throughout the
LAN via shared drives.

Active x can install it.
==========================

WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes.
What WinXP also does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. >

I need to correct you on this. It does warn you when an active x is
trying to install.

================

It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the ICF is a "stateful" firewall, it will also assume
that any incoming traffic that's a direct response to a Trojan's or
spyware's out-going signal is also authorized.

When I installed msn messenger. It ask me to allow internet access
and that was with xp sp1.
===================

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.

I disagee with this. I use outpost 1.0 Norton is bad. Zonealarm is
ok, when they get it right.
====================

SP2's Windows Firewall is intended to complement
3rd-party firewalls, so it won't hurt anything to leave it enabled
whilst using another software firewall, but it also won't do much
good, except as extra "insurance."

That depends on the firewall, there could be conflicts with each
other.

====================
http://www.angelfire.com/in4/computertips/

 

[Shane]

And, like

That's not essential and with a good AV and adware program such is

unneeded.

They only stop what they know about.


Shane

 

[root]

unneeded.

They only stop what they know about.

Exactly and that is entirely sufficient for most all users. We PAY for good
AV programs and they DO reliably find out about all the new stuff quickly.
The world of personal computing is turning AWAY from having each user be a
virus researcher.
The advantage of eliminating another add-on OS support program for users's
PCs FAR outweighs any added advantage of turning everyone's PC into a DEW
line virus detection site.

 

[Les Herrman]

The best SP2 install procedure is to uninstall ZA or equivalent. Disable AV
and then do the SP2 install. Enable the AV program.

Are you intentionally this stupid or does it come naturally?

 

[Edwin Davidson]

Microsofts goal appears to be to provide protection without prompting
the user so many times as to cause them to disable the firewall. The
experience I have had with McAfee Firewall on my Mothers, Sisters, and
Fathers PCs tells me that this is a good idea, and Microsoft kept with
their goal.

Checkpoint Firewall-1, Microsoft ICA, Gauntlet, *nix IP tables/chains,
et al are all firewall products. They do not stop outgoing
connections from unknown programs such as what Checkpoints' ZoneAlarm,
or Sygate firewall do.

Does this make these name brand, very expensive firewall products bad?
No. This is simular to what the Microsoft Firewall SP2 does.

As a *free* upgrade to XP, I consider the Microsoft XP SP2 firewall a
great improvement. I just wish that it didn't block active FTP by
default, which breaks Inoculan AV updates.

I have yet to upgrade to XP at home. I am running Sygate personal
which has known security flaws per Secunia. To complement Sygate, I
run a hardware router/firewall device. I have eTrust, which contains
two antivirus engines, and I have Spybot and Ad-Aware installed. I
also run many other AV products free manual scans on my system
(www.acmenews.com/antivirus.html)

XP SP2 is a good first step at removing the need to spend so much time
servicing my home computer. Beyond the firewall, ActiveX controls are
harder to install. This is a good thing for all these spyware sites
that silently install their trojans.

If the Antivirus manufactures would step up to the plate, there is a
huge market for REALTIME anti-spyware. The "realtime" antispyware I
have looked at is not truely realtime, or requires ADMIN to be logged
in to work right. This type of software needs to be a device filter
just like Antivirus software. From what I have read, the
McAfee/Norton/Trend anti-spyware software pales in compairison to
Spybot or AdAware.

My opinions;

Edwin Davidson.