XP SP2 Firewall...is it good?

  • Thread starter Thread starter Pinger
  • Start date Start date
P

Pinger

A friend of mine who is pretty computer smart has been using XP's security
center/firewall exclusively since downloading SP2.,. kept up with all
updates and says he's found it does as good of a job as his old firewalls
(Tiny and Zone Alarm) and his system has run much smoother since switching
over to using only XP's Security... any opinions on this guys??
 
/Pinger/ said:
A friend of mine who is pretty computer smart has been using XP's security
center/firewall exclusively since downloading SP2.,. kept up with all
updates and says he's found it does as good of a job as his old firewalls
(Tiny and Zone Alarm) and his system has run much smoother since switching
over to using only XP's Security... any opinions on this guys??
Click to expand...

It is capable, but does not screen OUTgoing packets as some others do.
Thus, if malware has been installed, the XP firewall will not alert you if
it is "calling home." Of course, malware checkers and virus programs may
unearth intruders.
 
Pinger said:
A friend of mine who is pretty computer smart has been using XP's security
center/firewall exclusively since downloading SP2.,. kept up with all
updates and says he's found it does as good of a job as his old firewalls
(Tiny and Zone Alarm) and his system has run much smoother since switching
over to using only XP's Security... any opinions on this guys??
Click to expand...
The caveat is, it doesn't stop any OUTGOING things.
 
Hi

The SP2 Firewall doesn't monitor outgoing access to the Internet, so a 3rd
party '2-way' Firewall is advisable.
 
I find it excellent, it is not as robust as many other firewalls but keeps
out most intruders. True that it does not scan outgoing packets so if you
have some adware or mal ware installed on your computer it does not alert you
to those out going packets but as a basic firewall it works very well.
 
It's like a number of accessories with Windows XP. Defrag,
CD-Burning & Firewall are all "Basic" functions, that are OK
for users that don't require additional functionality.
In each case, a 3rd party equivalent is better, but usually adds
cost & maintenance requirements.
Remember an Operating System is just a platform - Whatever
Microsoft adds (Media Player, etc) is just convenience to keep
users from having to manually select/install their own components.
-or- for the conspiracy enthusiasts, MS trying to take over the
world ( PC World).
 
So if I keep XP SP2 Security up to date and running along with my Norton's
AV, Lavasoft AdAware and Spybot Search & Destroy up to date and running all
should be ok.... Correct?
 
So if I keep XP SP2 Security up to date and running along with my Norton's
AV, Lavasoft AdAware and Spybot Search & Destroy up to date and running all
should be ok.... Correct?
Click to expand...

As long as you are not direct cabled to the internet.
 
I find it ok, but does not alert you of Port Scanning and Hacking from other
people (Like McAfee Firewall with Visual Trace)

I hope that microsoft will start doing a seperate firewall program (because
Bill Gates has got a few 20,0000000000000 dollar...
 
In
Pinger said:
A friend of mine who is pretty computer smart has been using
XP's
security center/firewall exclusively since downloading SP2.,.
kept up
with all updates and says he's found it does as good of a job
as his
old firewalls (Tiny and Zone Alarm) and his system has run much
smoother since switching over to using only XP's Security...
any
opinions on this guys??
Click to expand...


The Windows firewall monitors incoming traffic only. Almost any
third-party firewall will also monitor outbound traffic, stopping
rogue programs trying to call home, and is a better choice.

The nature of any kind of protection is such that you only find
out how good a job it does if and when a problem occurs. If your
friend has never had a rogue program try to call home, his
statement that the Windows firewall does as good a job as a
third-party on is meaningless. And if he has had a rogue program
program try to call home, it's succeeded, and he's just not aware
of the problem he has.

Saying that the Windows firewall does as good a job is like
saying that the "Fly-by-night Car Insurance Company" is just as
good as a real car insurance company, when you've never tried to
collect from them.

And in my experience, there's no improvement is running smoothly
by using only XP's firewall. I use the free version of ZoneAlarm
here; it works fine, and just as smoothly.
 
In
Pinger said:
So if I keep XP SP2 Security up to date and running along with
my
Norton's AV, Lavasoft AdAware and Spybot Search & Destroy up to
date
and running all should be ok.... Correct?
Click to expand...


I don't agree with that at all. All of those things decrease
risk. None of them, not even all of them together, eliminate the
risk entirely.

First of all, no anti-spyware program is perfect, and each finds
things others don't. Even Adaware and SS&D together don't find
everything.

Perhaps even more important, realize that no such anti-spyware
program or anti-virus progam, can *ever* be perfect. These things
get updated with new definitions in response to problems that are
out there. No matter how diligent you are at keeping up with the
latest definitions, by the time they reach you, some number of
people have already been burnt by the new things they protect
againt. And one of these people could be you.

For these reasons, I think it's very important to use a
multi-pronged defense against malware. You should protect
yourself on all fronts, and never say "if I do ..., all should be
OK." All is never OK, because perfection in these things doesn't
exist. You can only decrease risk, not eliminate it, and anything
that decreases risk further than what you've already done is
valuable.
 
In
Leythos said:
(e-mail address removed)
says...

As long as you are not direct cabled to the internet.
Click to expand...



I completely disagree. First, see the message I just sent in this
thread. Second, whether you are directly connected or have a
dial-up connection is irrelevant.

Whenever you are connected, there is risk. The longer you are
connected, the greater the risk. The nature of the connection
doesn't matter, and the assumption that a direct connection
exposes you more than a dial-up one is not valid. I know people
with dial-up connections who are connected almost all day, and I
know other people with DSL and cable connections who don't keep
their computers powered on as long as those with dial-up
connections. In those cases, the people with dial-up connections
have greater risk that those with always-on connections.
 
Pinger said:
A friend of mine who is pretty computer smart has been using XP's security
center/firewall exclusively since downloading SP2.,. kept up with all
updates and says he's found it does as good of a job as his old firewalls
(Tiny and Zone Alarm) and his system has run much smoother since switching
over to using only XP's Security... any opinions on this guys??
Click to expand...

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.



--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
I am....... Cable ISP
Click to expand...

Get a cheap Linksys BEFRS41 router that provides NAT. This does as well
as SP2's firewall and has nothing to do with the OS or any flaws in
security. It also means that any open ports will not be a factor as the
NAT device will not permit unrequested inbound to your computer.

A BEFSR41 is about $50 most places.
 
In



I completely disagree. First, see the message I just sent in this
thread. Second, whether you are directly connected or have a
dial-up connection is irrelevant.

Whenever you are connected, there is risk. The longer you are
connected, the greater the risk. The nature of the connection
doesn't matter, and the assumption that a direct connection
exposes you more than a dial-up one is not valid. I know people
with dial-up connections who are connected almost all day, and I
know other people with DSL and cable connections who don't keep
their computers powered on as long as those with dial-up
connections. In those cases, the people with dial-up connections
have greater risk that those with always-on connections.
Click to expand...

You are right, and I normally state that dialup/cable/dsl/etc is the
same, and I should have been more specific. What I meant by direct
connect included Dial-Up with is a direct connection via modem.

I see people on Dial-Up, even through the great (kidding) AOL dialup,
compromised.
 
WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes.
Click to expand...

No, not by default on every install. Many times I've seen a single
computer with a cable connection that has File/Printer sharing enabled,
and an exception for File/Printer sharing in the firewall and the user
has no clue.
 
I forgot to mention I also have a router which supposedly has a firewall
built in (Netgear), so that along with XP's firewall would make 2 firewalls
running.. Safe enough??
 
Pinger said:
A friend of mine who is pretty computer smart has been using XP's security
center/firewall exclusively since downloading SP2.,. kept up with all
updates and says he's found it does as good of a job as his old firewalls
(Tiny and Zone Alarm) and his system has run much smoother since switching
over to using only XP's Security...
Click to expand...

It will stop incoming probes effectively. It can be a little tricky to
set up for some specific applications (eg to allow files to be sent in
Windows/MSN Messenger). But if you let a trojan or spyware onto the
machine it will do nothing to stop that phoning out
 
Back
Top