XP firewall

  • Thread starter Thread starter Don
  • Start date Start date
Purely out of interest, is it necessary to disable the XP firewall if you're also running another. I installed McAfee firewall but I have not disabled the XP. Does it matter? I stand ready to be advised!
 
coliboy said:
Purely out of interest, is it necessary to disable the XP firewall if
Click to expand...
you're also running another. I installed McAfee firewall but I have not
disabled the XP. Does it matter? I stand ready to be advised!

I am no expert to say the least but I did read that having 2 or more
different firewalls running at the same time can cause problems. The article
went into detail and you might try a google search. My Norton PF 2002 just
went out on me today after getting an update yesterday. Contacting Symantec
is like getting a 'root canal'. My ISP cable tested my system and determined
it was my firewall. After that I installed XP Homes firewall (a little
reading and couple mouse clicks) and it's been working like a charm. My only
question is XP protects from incoming but not outgoing. My big problem now
is removing NPF2002 since it is linked with Norton System Works 2002 which I
like and is my AV program.
Dan
 
Hi,

Two firewalls can often cause conflicts, and there are known issues running
both the internal one and a third-party one when you try to access Windows
Update. Basically, it's overkill and unnecessary.

--
Best of Luck,

Rick Rogers aka "Nutcase" MS-MVP - Windows
Windows isn't rocket science! That's my other hobby!

Associate Expert - WinXP - Expert Zone
 
Rick "Nutcase" Rogers said:
Hi,

Two firewalls can often cause conflicts, and there are known issues running
both the internal one and a third-party one when you try to access Windows
Update. Basically, it's overkill and unnecessary.

--
Best of Luck,

Rick Rogers aka "Nutcase" MS-MVP - Windows
Windows isn't rocket science! That's my other hobby!

Associate Expert - WinXP - Expert Zone
Click to expand...
Hi Rick. I'm using XP Home Firewall but heard it does not stop outgoing. Can
you recommend a firewall? My Norton PF2002 went out on me and while I have
always stood by the Norton products, I'm somewhat miffed as to their
support. Then again I guess one can't expect support forever.
 
No, you can leave the XP firewall running or not
-
guy
Computers only work with the info you give them. If you don't feed the
and protect them they die
 
Dannie said in news:[email protected]:
Hi Rick. I'm using XP Home Firewall but heard it does not stop
outgoing. Can you recommend a firewall? My Norton PF2002 went out on
me and while I have always stood by the Norton products, I'm somewhat
miffed as to their support. Then again I guess one can't expect
support forever.
Click to expand...

Until Rick answers, here mine:

I've use Norton stuff for years. Unfortunately Symantec is a software
predatore first and a software developer second. Their products wane
over time. I suspect I'm on my last version of Norton Internet Security
(firewall) but Norton AntiVirus is still okay although if I replace one
(after their subscriptions expire) then I'll probably replace both.

If you're looking for cheap (i.e., free) replacements, some folks
recommend ZoneAlarm. It's good but I personally don't like some of its
behavior. For example, I put it on my aunt's PC and there were popups
noting some application was attempting to make a connection to the
Internet but did not identify what was the application. We had to open
up ZoneAlarm's main page to see where a "?" showed up in the application
list to determine how to correctly configure its access. Other
firewalls that have gotten recommended by users is Sygate Personal
(smb.sygate.com) and Kerio (don't remember the URL) version
2.<something>, not the version 4 which is after the company split. AVG
has a freebie version for anti-virus checking but I don't know how it
rates in effectiveness compared to other products or how often it
performs updates (I think you can schedule when it scans but not when it
polls for new virus signature updates).

XP's firewall only monitors your outbound connections to know what
inbound connections to allow (i.e., you made the connect to the inbound
traffic is what you wanted, like when connecting to a web site). It
only blocks unsolicited inbound connections. It does not block
unsolicited outbound connections, like a zombie that infected your host
from participating is a denial of service attack or spyware phoning
home. However, this is a misconception regarding this outbound
protection. If you enable your browser so it has Internet access then
you also enable any application that can use your browser to also get to
the Internet. There is a 'tooleaky' test that shows where another
application will use your browser to make an Internet connection (if you
run tooleaky, remember to use Task Manager to kill any remnant hidden
instance of your browser [i.e., it doesn't have a window]). You allowed
the browser to connect so you and anything else that runs the browser
can get to the Internet.

In Norton's Internet Security (and which I presume would also be in
their Personal Firewall), there are further options to watch when some
other program tries to coax an authorized program to make an Internet
connection. Under the firewall's options, under the Firewall tab, there
are the following 2 options:

Check access for external modules ...

When one program launches another , check ...

If can become quite daunting to decide what to do when all the
information is splashed in your face when you have both options enabled.
You'll get swamped and often not know what to do. I only have the
second option enabled. This may be more control than you care for.
However, unless you control a parent program that tries to use another
program that you have allowed access, you have no control. All this
hoopla about monitoring outbound connections is of little value since
you will be authorizing many applications to have access. Internet
Explorer, Word, Outlook, Outlook Express, Help and Support, svchost.exe,
or whatever. You recognize those requests for a connection and permit
them. Then some other program uses one of those permitted programs
without you ever getting notified of such; i.e., a sneaksie has covertly
made a connection that you actually permitted.

As an example, and with the "When one program launches another" option
enabled, I might have previously used Help and Support which wants to
make an Internet connection to find KB articles related to my search. I
got a popup saying that it wanted Internet access which I allow because
I want it to look for those KB articles. Later I am in Disk Management
(diskmgmt.msc) and want to look something up about it, so I open its
help. I click on a link in its own help file but which results in using
Help and Support. Although I previously authorized Help and Support to
have Internet access, it is a program that is calling Help and Support
instead of me, so a popup appears showing me the calling program to
identify the covert call. I don't have to keep doing this. Apparently
after permitting it, Norton's remembers it and doesn't nag me again.
However, if I did not have the "When one program launches another"
enabled, I would have never been notified that a program wanted to use
an previously authorized program to make an Internet connection. While
I knew all of what was happening here, it is entirely possible that
spyware, trojans, or viruses would try to use the browser, rundll.exe,
or some other prior-authorized program to make a covert connection.

So consider the outbound protection (in its default configuration) more
like the border guard at the road checking for illegal immigrants. That
checkpoint does nothing about all the rest of them not using that road
and instead wandering over the countryside. It catches the dumb or good
programs. The nasties are getting smarter. The options mentioned above
are rarely used simply because most users never bother checking them
out. By default they are disabled. I'm sure some other firewalls also
have a similar feature to let you know when covert program A is trying
to use prior-authorized program B to make a connection. However, I
haven't bothered investigating the freebie firewalls to see if they
include such a feature. Then again, maybe you don't want to be bothered
this much regarding what might be trying to make a connection, in which
case you really don't need to be concerned about outbound connection.
Most outbound connection protection in its default configuration is like
slapping a metal plate atop termite-infested wood.
 
AVG can schedule downloads. They update frequently.

--
----------------------------------------------------------
And the band played ....
http://www.livejournal.com/users/aldon/74121.html
*Vanguard* said:
Dannie said in news:[email protected]:
Hi Rick. I'm using XP Home Firewall but heard it does not stop
outgoing. Can you recommend a firewall? My Norton PF2002 went out on
me and while I have always stood by the Norton products, I'm somewhat
miffed as to their support. Then again I guess one can't expect
support forever.
Click to expand...

Until Rick answers, here mine:

I've use Norton stuff for years. Unfortunately Symantec is a software
predatore first and a software developer second. Their products wane
over time. I suspect I'm on my last version of Norton Internet Security
(firewall) but Norton AntiVirus is still okay although if I replace one
(after their subscriptions expire) then I'll probably replace both.

If you're looking for cheap (i.e., free) replacements, some folks
recommend ZoneAlarm. It's good but I personally don't like some of its
behavior. For example, I put it on my aunt's PC and there were popups
noting some application was attempting to make a connection to the
Internet but did not identify what was the application. We had to open
up ZoneAlarm's main page to see where a "?" showed up in the application
list to determine how to correctly configure its access. Other
firewalls that have gotten recommended by users is Sygate Personal
(smb.sygate.com) and Kerio (don't remember the URL) version
2.<something>, not the version 4 which is after the company split. AVG
has a freebie version for anti-virus checking but I don't know how it
rates in effectiveness compared to other products or how often it
performs updates (I think you can schedule when it scans but not when it
polls for new virus signature updates).

XP's firewall only monitors your outbound connections to know what
inbound connections to allow (i.e., you made the connect to the inbound
traffic is what you wanted, like when connecting to a web site). It
only blocks unsolicited inbound connections. It does not block
unsolicited outbound connections, like a zombie that infected your host
from participating is a denial of service attack or spyware phoning
home. However, this is a misconception regarding this outbound
protection. If you enable your browser so it has Internet access then
you also enable any application that can use your browser to also get to
the Internet. There is a 'tooleaky' test that shows where another
application will use your browser to make an Internet connection (if you
run tooleaky, remember to use Task Manager to kill any remnant hidden
instance of your browser [i.e., it doesn't have a window]). You allowed
the browser to connect so you and anything else that runs the browser
can get to the Internet.

In Norton's Internet Security (and which I presume would also be in
their Personal Firewall), there are further options to watch when some
other program tries to coax an authorized program to make an Internet
connection. Under the firewall's options, under the Firewall tab, there
are the following 2 options:

Check access for external modules ...

When one program launches another , check ...

If can become quite daunting to decide what to do when all the
information is splashed in your face when you have both options enabled.
You'll get swamped and often not know what to do. I only have the
second option enabled. This may be more control than you care for.
However, unless you control a parent program that tries to use another
program that you have allowed access, you have no control. All this
hoopla about monitoring outbound connections is of little value since
you will be authorizing many applications to have access. Internet
Explorer, Word, Outlook, Outlook Express, Help and Support, svchost.exe,
or whatever. You recognize those requests for a connection and permit
them. Then some other program uses one of those permitted programs
without you ever getting notified of such; i.e., a sneaksie has covertly
made a connection that you actually permitted.

As an example, and with the "When one program launches another" option
enabled, I might have previously used Help and Support which wants to
make an Internet connection to find KB articles related to my search. I
got a popup saying that it wanted Internet access which I allow because
I want it to look for those KB articles. Later I am in Disk Management
(diskmgmt.msc) and want to look something up about it, so I open its
help. I click on a link in its own help file but which results in using
Help and Support. Although I previously authorized Help and Support to
have Internet access, it is a program that is calling Help and Support
instead of me, so a popup appears showing me the calling program to
identify the covert call. I don't have to keep doing this. Apparently
after permitting it, Norton's remembers it and doesn't nag me again.
However, if I did not have the "When one program launches another"
enabled, I would have never been notified that a program wanted to use
an previously authorized program to make an Internet connection. While
I knew all of what was happening here, it is entirely possible that
spyware, trojans, or viruses would try to use the browser, rundll.exe,
or some other prior-authorized program to make a covert connection.

So consider the outbound protection (in its default configuration) more
like the border guard at the road checking for illegal immigrants. That
checkpoint does nothing about all the rest of them not using that road
and instead wandering over the countryside. It catches the dumb or good
programs. The nasties are getting smarter. The options mentioned above
are rarely used simply because most users never bother checking them
out. By default they are disabled. I'm sure some other firewalls also
have a similar feature to let you know when covert program A is trying
to use prior-authorized program B to make a connection. However, I
haven't bothered investigating the freebie firewalls to see if they
include such a feature. Then again, maybe you don't want to be bothered
this much regarding what might be trying to make a connection, in which
case you really don't need to be concerned about outbound connection.
Most outbound connection protection in its default configuration is like
slapping a metal plate atop termite-infested wood.

--
____________________________________________________________
*** Post replies to newsgroup. Share with others.
*** Email: domain = ".com" and append "=NEWS=" to Subject.
____________________________________________________________
Click to expand...
 
Hi Dannie,

You heard correctly, WinXP's firewall does not block outgoing traffic, which
is useful if you get some malicious stuff installed on the system. Here are
some third-party firewalls:

http://www.kerio.com/kpf_home.html
http://www.my-etrust.com/downloads.cfm
http://www.zonelabs.com/store/content/home.jsp
http://www.tinysoftware.com/home/tiny2?la=EN

I like Kerio, but also use the one from e-trust. Nothing from Symantec is
allowed on any system I own.

--
Best of Luck,

Rick Rogers aka "Nutcase" MS-MVP - Windows
Windows isn't rocket science! That's my other hobby!

Associate Expert - WinXP - Expert Zone
 
Q. Should I use both Internet Connection Firewall and a software firewall
from a different company on my Windows XP computer?
A. No. Running multiple software firewalls is unnecessary for typical home
computers, home networking, and small business networking scenarios. Using
two firewalls on the same connection could cause issues with connectivity to
the Internet or other unexpected behavior. One firewall, whether it is the
Windows XP Internet Connection Firewall or different software firewall, can
provide substantial protection for your computer.

Frequently Asked Questions About Internet Firewalls
http://www.microsoft.com/security/protect/firewall.asp
 
We are on a Router, with our 2 computers, and Norton Security's firewall
would not work with it on our Cable access. I am glad to have the XP
Firewall, but like the ZoneAlarm that I had tried once, it is very confusing
to those of us barely computer literate. Even Registry Mechanic keeps asking
for me to "allow" or "deny" changes in the Registry from something being
added or subtracted. The trouble with all of the requests, is that it is
very hard to figure out exactly what is being added or subtracted; or at
least what program they belong to. The file names are given, but they look
like a foreign language to most of us.
My question is: Even though the firewall asks us about each requested entry
to our computer, how do we really know what we are saying 'yes' to? Right
now, I am having to just guess at what program is requesting, based on what I
think I'm doing on the computer at the time. Most of the time I never really
know if I should allow or deny. It gets in my way, and I don't really have
the extra time to try to figure it out, so I just click 'allow'.

cksdjs
 
Back
Top