If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rating: | Display Modes |
#1
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
I've only been using Windows 8/64 for about a month now and I love it. But
I moved to this directly from Windows XP Home, on which I ran Sunbelt Personal Firewall because I liked the way it asked for my confirmation on every attempt a program made to communicate with the outside world, and it warned me of incoming traffic, too. I had used Kerio Personal Firewall and Tiny Personal Firewall. I think Kerio got it from Tiny and Sunbelt got it from Kerio. Now it's no longer being developed. Anyway, I've seen a few pop-ups from the default Windows 8 firewall, like when I used mIRC for the first time. But installing internet-capable programs and getting no confirmation popups makes me nervous. It makes me feel like I don't really have a firewall. That said, sometimes the popups in the old third-party firewalls I've used could be a little confusing when I hadn't initiated any action, and some legitimate background program started trying to communicate on the internet. One time I refused communication and immediately got a blue screen in WinXP. So really, how protective is the default Windows 8 firewall? Right now, my system is running smooth with no problems. I've read complaints from some people who installed a third-party firewall and they immediately started having problems. I basically don't want important files floating through a porous firewall, like my MS Money files, or my dream journals, or anything else, for that matter. Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Thanks, Damaeus |
Ads |
#2
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Damaeus wrote:
I've only been using Windows 8/64 for about a month now and I love it. But I moved to this directly from Windows XP Home, on which I ran Sunbelt Personal Firewall because I liked the way it asked for my confirmation on every attempt a program made to communicate with the outside world, and it warned me of incoming traffic, too. I had used Kerio Personal Firewall and Tiny Personal Firewall. I think Kerio got it from Tiny and Sunbelt got it from Kerio. Now it's no longer being developed. Anyway, I've seen a few pop-ups from the default Windows 8 firewall, like when I used mIRC for the first time. But installing internet-capable programs and getting no confirmation popups makes me nervous. It makes me feel like I don't really have a firewall. That said, sometimes the popups in the old third-party firewalls I've used could be a little confusing when I hadn't initiated any action, and some legitimate background program started trying to communicate on the internet. One time I refused communication and immediately got a blue screen in WinXP. So really, how protective is the default Windows 8 firewall? Right now, my system is running smooth with no problems. I've read complaints from some people who installed a third-party firewall and they immediately started having problems. I basically don't want important files floating through a porous firewall, like my MS Money files, or my dream journals, or anything else, for that matter. Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Thanks, Damaeus Maybe you could use an add-on like this, for the missing functionality ? http://www.howtogeek.com/113641/how-...g-connections/ Paul |
#3
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
"Paul" wrote in message ... Damaeus wrote: I've only been using Windows 8/64 for about a month now and I love it. But I moved to this directly from Windows XP Home, on which I ran Sunbelt Personal Firewall because I liked the way it asked for my confirmation on every attempt a program made to communicate with the outside world, and it warned me of incoming traffic, too. I had used Kerio Personal Firewall and Tiny Personal Firewall. I think Kerio got it from Tiny and Sunbelt got it from Kerio. Now it's no longer being developed. Anyway, I've seen a few pop-ups from the default Windows 8 firewall, like when I used mIRC for the first time. But installing internet-capable programs and getting no confirmation popups makes me nervous. It makes me feel like I don't really have a firewall. That said, sometimes the popups in the old third-party firewalls I've used could be a little confusing when I hadn't initiated any action, and some legitimate background program started trying to communicate on the internet. One time I refused communication and immediately got a blue screen in WinXP. So really, how protective is the default Windows 8 firewall? Right now, my system is running smooth with no problems. I've read complaints from some people who installed a third-party firewall and they immediately started having problems. I basically don't want important files floating through a porous firewall, like my MS Money files, or my dream journals, or anything else, for that matter. Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Thanks, Damaeus Maybe you could use an add-on like this, for the missing functionality ? http://www.howtogeek.com/113641/how-...g-connections/ Paul Unfortunately, for Win8: "Important: WFN is not fully compatible with Windows 8 as of now. The next version will be. Thank you for being patient..." It does sound like a good add-on, though. Reminds me of Zone Alarm when it was good :-) -- SC Tom |
#4
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Damaeus posted this
via : I've only been using Windows 8/64 for about a month now and I love it. But I moved to this directly from Windows XP Home, on which I ran Sunbelt Personal Firewall because I liked the way it asked for my confirmation on every attempt a program made to communicate with the outside world, and it warned me of incoming traffic, too. I had used Kerio Personal Firewall and Tiny Personal Firewall. I think Kerio got it from Tiny and Sunbelt got it from Kerio. Now it's no longer being developed. Anyway, I've seen a few pop-ups from the default Windows 8 firewall, like when I used mIRC for the first time. But installing internet-capable programs and getting no confirmation popups makes me nervous. It makes me feel like I don't really have a firewall. That said, sometimes the popups in the old third-party firewalls I've used could be a little confusing when I hadn't initiated any action, and some legitimate background program started trying to communicate on the internet. One time I refused communication and immediately got a blue screen in WinXP. So really, how protective is the default Windows 8 firewall? Right now, my system is running smooth with no problems. I've read complaints from some people who installed a third-party firewall and they immediately started having problems. I basically don't want important files floating through a porous firewall, like my MS Money files, or my dream journals, or anything else, for that matter. Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Thanks, Damaeus The people you should be worried about regarding "firewalls" is your ISP and the "trusted" programs of your OS along with the ones you have installed... to wit, with the onset of ".NET" programming tools, more and more "developers" are turning to "grey-area" exploits to "market" their wares - in collusion with their "partners". Your ISP is likely falling for the marketing paradigm of tracking your [Internet] movements and then targeting you with both spam of strange origin with dubious addressee and certain pop-ups and redirects... Google aready tries to direct you efforts using a regional server reference system. Of course, your best defense against that is clearing your cookies with a good cache cleaner; however, the exploiteers are getting more and more sophisticated within an enviornment void of meaningful regulation... All that being said [and arguable as "conspiracy theory" by the proponents of the misbehaviors and their sycophants], the best protection you can have from both incoming probes and unwanted outgoing connections is a 3rd-Party software firewall combined with the NAT protection of a hardware firewall as is standard in a good router. Of course, the "best" software firewall with poor settings/rules does not completely solve the problems... The better firewalls harbor no hidden agenda or independent marking motivations towards their users.... -- I AM Bucky Breeder, (*(^; and noooooo.... that is NOT a Tomahawk armed Predator drone in my pocket; but, I'm not particularly "happy" to see you either. |
#5
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
snip
fortunately, for Win8: "Important: WFN is not fully compatible with Windows 8 as of now. The next version will be. Thank you for being patient..." It does sound like a good add-on, though. Reminds me of Zone Alarm when it was good :-) damn right it's not fully compatible, it ****ed my PC up (I use win8 64 bit) long story, but I won't be using it again |
#6
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
In news:alt.comp.os.windows-8, usenetopian
posted on Fri, 10 May 2013 21:46:19 -0400 the following: fortunately, for Win8: "Important: WFN is not fully compatible with Windows 8 as of now. The next version will be. Thank you for being patient..." It does sound like a good add-on, though. Reminds me of Zone Alarm when it was good :-) damn right it's not fully compatible, it ****ed my PC up (I use win8 64 bit) long story, but I won't be using it again Yes, and that's exactly what I want to avoid ... ****ing up my PC. It's running smooth and stable now and I want to keep it that way. Damaeus |
#7
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
On 5/12/2013 7:59 PM, Damaeus wrote:
In news:alt.comp.os.windows-8, usenetopian posted on Fri, 10 May 2013 21:46:19 -0400 the following: fortunately, for Win8: "Important: WFN is not fully compatible with Windows 8 as of now. The next version will be. Thank you for being patient..." It does sound like a good add-on, though. Reminds me of Zone Alarm when it was good :-) damn right it's not fully compatible, it ****ed my PC up (I use win8 64 bit) long story, but I won't be using it again Yes, and that's exactly what I want to avoid ... ****ing up my PC. It's running smooth and stable now and I want to keep it that way. Damaeus now using Comodo firewall (not the suite, just the firewall) stellar performance and security, and free! |
#8
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Is anybody here concerned about the effectiveness of the
Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. You want all your ports to be in stealth mode (drop) when probed from the outside, unless you deliberately have a service open for something. With everything in stealth (drop) mode, the bad guys won't know you are even there when they probe you and they will go on to those who think they are smart enough that they don't have to run firewalls. If you "reject" traffic (in other words you send back the "**** off" command), then the bad guys will know you are there and probe you with reckless abandon. Not a good thing. If you have ports open on purpose, change then to other ports not used by the services you need to let through. Don't use the standard ports and when the bad guys find your open ports, if they even do, they won't know what they are used for. So I would recommend that you: 1) use a NAT router. Only the smartest bad guys know how to get around it. 2) on your NAT router, reprogram the addresses away from the default 192.168.0.x and 192.168.1.x. Use the third bunch above 100 or something. It really messes with the smartest bad guys. They think you are using the default numbers. 3) use a good third party firewall. Too much is known about M$ stuff and how to exploit it. I like the firewall that comes with Kaspersky Internet Security Suite. 4) if things are really critical, replace #1 above with a "real" firewall, such as a SonicWall. A Linux iptables firewall will work well too, depending on who programs it. You still have to do #2, even if you do #4. And, go take a trip to GRC and run your own test. Hope this help, -T |
#9
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Todd wrote:
Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. You want all your ports to be in stealth mode (drop) when probed from the outside, unless you deliberately have a service open for something. With everything in stealth (drop) mode, the bad guys won't know you are even there when they probe you and they will go on to those who think they are smart enough that they don't have to run firewalls. If you "reject" traffic (in other words you send back the "**** off" command), then the bad guys will know you are there and probe you with reckless abandon. Not a good thing. If you have ports open on purpose, change then to other ports not used by the services you need to let through. Don't use the standard ports and when the bad guys find your open ports, if they even do, they won't know what they are used for. So I would recommend that you: 1) use a NAT router. Only the smartest bad guys know how to get around it. 2) on your NAT router, reprogram the addresses away from the default 192.168.0.x and 192.168.1.x. Use the third bunch above 100 or something. It really messes with the smartest bad guys. They think you are using the default numbers. 3) use a good third party firewall. Too much is known about M$ stuff and how to exploit it. I like the firewall that comes with Kaspersky Internet Security Suite. 4) if things are really critical, replace #1 above with a "real" firewall, such as a SonicWall. A Linux iptables firewall will work well too, depending on who programs it. You still have to do #2, even if you do #4. And, go take a trip to GRC and run your own test. Hope this help, -T The only problem with the Shields Up test, when I used it in the past, was the router would reject packets with a "twinge attack" error message. This means that Shields Up can give you a stealth rating, even if your setup is not stealthy. To stop that, the Shields Up test would have to run slower, and perhaps probe ports in random order. Probing a router too fast, results in the router "seeing an attack" and rejecting legitimate attempts to determine how stealthy it is. I don't really know if my carefully constructed rules are stealthy, because my router is too clever for Shields Up to work right. Paul |
#10
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Todd has written on 6/8/2013 4:23 PM:
Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. How do you do that? You want all your ports to be in stealth mode (drop) when probed from the outside, unless you deliberately have a service open for something. With everything in stealth (drop) mode, the bad guys won't know you are even there when they probe you and they will go on to those who think they are smart enough that they don't have to run firewalls. If you "reject" traffic (in other words you send back the "**** off" command), then the bad guys will know you are there and probe you with reckless abandon. Not a good thing. If you have ports open on purpose, change then to other ports not used by the services you need to let through. Don't use the standard ports and when the bad guys find your open ports, if they even do, they won't know what they are used for. So I would recommend that you: 1) use a NAT router. Only the smartest bad guys know how to get around it. 2) on your NAT router, reprogram the addresses away from the default 192.168.0.x and 192.168.1.x. Use the third bunch above 100 or something. It really messes with the smartest bad guys. They think you are using the default numbers. How do you do that? 3) use a good third party firewall. Too much is known about M$ stuff and how to exploit it. I like the firewall that comes with Kaspersky Internet Security Suite. 4) if things are really critical, replace #1 above with a "real" firewall, such as a SonicWall. A Linux iptables firewall will work well too, depending on who programs it. You still have to do #2, even if you do #4. Thanks. |
#11
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
On 06/08/2013 02:12 PM, Paul wrote:
Todd wrote: Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. You want all your ports to be in stealth mode (drop) when probed from the outside, unless you deliberately have a service open for something. With everything in stealth (drop) mode, the bad guys won't know you are even there when they probe you and they will go on to those who think they are smart enough that they don't have to run firewalls. If you "reject" traffic (in other words you send back the "**** off" command), then the bad guys will know you are there and probe you with reckless abandon. Not a good thing. If you have ports open on purpose, change then to other ports not used by the services you need to let through. Don't use the standard ports and when the bad guys find your open ports, if they even do, they won't know what they are used for. So I would recommend that you: 1) use a NAT router. Only the smartest bad guys know how to get around it. 2) on your NAT router, reprogram the addresses away from the default 192.168.0.x and 192.168.1.x. Use the third bunch above 100 or something. It really messes with the smartest bad guys. They think you are using the default numbers. 3) use a good third party firewall. Too much is known about M$ stuff and how to exploit it. I like the firewall that comes with Kaspersky Internet Security Suite. 4) if things are really critical, replace #1 above with a "real" firewall, such as a SonicWall. A Linux iptables firewall will work well too, depending on who programs it. You still have to do #2, even if you do #4. And, go take a trip to GRC and run your own test. Hope this help, -T The only problem with the Shields Up test, when I used it in the past, was the router would reject packets with a "twinge attack" error message. This means that Shields Up can give you a stealth rating, even if your setup is not stealthy. To stop that, the Shields Up test would have to run slower, and perhaps probe ports in random order. Probing a router too fast, results in the router "seeing an attack" and rejecting legitimate attempts to determine how stealthy it is. I don't really know if my carefully constructed rules are stealthy, because my router is too clever for Shields Up to work right. Paul Hi Paul, GRC is a good first start. It ****es at me because I leave ping (ICMP) on. There are a few other sites out there that are better, but I have forgotten what they are. Maybe Google can point you at them. Remember that you need a firewall on both your entry point and each computer. If someone falls for a Human Engineering virus (something that got eMailed to them with a sob story and directions to install the virus), they can attack other computers on your local area network. As many fences that you can put up, the better. And, not to beat a dead horse, use only the number of Windows machines on your network as you are forced to. -T |
#12
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
On 06/08/2013 02:47 PM, Juan Wei wrote:
Todd has written on 6/8/2013 4:23 PM: Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. How do you do that? Install Firefox from http://mozilla.com Open a command prompt with "winr cmd" Type in "ipconfig /all" Find your "default router" (may also be called your "Gateway"). From Firefox, not Internet Explorer (it will screw you trying to get into your router), enter the I.P. address of your router. You will be prompted for a user name and password. User name: admin Password: nothing or admin or password If you can't get in, time to call someone. When you get in, you will find this setting over in LAN (Local Area Network). After you change it and save it, from your command prompt, enter ipconfig /release && ipconfig /renew If you get lost, you may have to call in a nerd like me. You want all your ports to be in stealth mode (drop) when probed from the outside, unless you deliberately have a service open for something. With everything in stealth (drop) mode, the bad guys won't know you are even there when they probe you and they will go on to those who think they are smart enough that they don't have to run firewalls. If you "reject" traffic (in other words you send back the "**** off" command), then the bad guys will know you are there and probe you with reckless abandon. Not a good thing. If you have ports open on purpose, change then to other ports not used by the services you need to let through. Don't use the standard ports and when the bad guys find your open ports, if they even do, they won't know what they are used for. So I would recommend that you: 1) use a NAT router. Only the smartest bad guys know how to get around it. 2) on your NAT router, reprogram the addresses away from the default 192.168.0.x and 192.168.1.x. Use the third bunch above 100 or something. It really messes with the smartest bad guys. They think you are using the default numbers. How do you do that? See the directions above. Change your local area network from 192.168.1.x or 192.168.0.x to something like 192.168.223.x 3) use a good third party firewall. Too much is known about M$ stuff and how to exploit it. I like the firewall that comes with Kaspersky Internet Security Suite. 4) if things are really critical, replace #1 above with a "real" firewall, such as a SonicWall. A Linux iptables firewall will work well too, depending on who programs it. You still have to do #2, even if you do #4. Thanks. |
#13
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
On Sat, 08 Jun 2013 17:47:35 -0400, Juan Wei wrote:
If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. How do you do that? And why? |
#14
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Todd has written on 6/8/2013 8:48 PM:
On 06/08/2013 02:47 PM, Juan Wei wrote: Todd has written on 6/8/2013 4:23 PM: Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. How do you do that? Install Firefox from http://mozilla.com Open a command prompt with "winr cmd" Type in "ipconfig /all" Find your "default router" (may also be called your "Gateway"). From Firefox, not Internet Explorer (it will screw you trying to get into your router), enter the I.P. address of your router. You will be prompted for a user name and password. User name: admin Password: nothing or admin or password If you can't get in, time to call someone. When you get in, you will find this setting over in LAN (Local Area Network). After you change it and save it, from your command prompt, enter ipconfig /release && ipconfig /renew Thanks. I have a Westell 327W. The setting -- Modem IP Address -- is under Private LAN under Advanced. |
#15
|
|||
|
|||
Windows 8 Firewall - How Good Is It?
Juan Wei has written on 6/8/2013 5:47 PM:
Todd has written on 6/8/2013 4:23 PM: Is anybody here concerned about the effectiveness of the Windows 8 firewall? Did you install a third-party one? Hi, I write iptables (Linux) firewalls for a living. One of the big issues with M$ is that they couldn't give a hoot about security. They are all about marketing. M$ has frequently left services open that can be easily exploited. Go look how your firewall performs for yourself at GRC. You are looking for the Shields Up test. https://www.grc.com/x/ne.dll?bh0bkyd2 If you are shooting through a NAT router (if your I.P. is 192.168.xxx.xxx, you have a NAT router), you will need to connect directly to the Internet. How do you do that? You want all your ports to be in stealth mode (drop) when probed from the outside, unless you deliberately have a service open for something. My Westell 327W has these firewall modes: 1. Maximum Security (High) The high security setting only allows basic Internet functionality. The High security setting guarantees to only pass Mail, News, Web, FTP, and IPSEC. All other traffic is not allowed. High security restricts modification by NAT configuration options. 2. Typical Security (Medium) The medium security setting only allows basic Internet functionality by default, just like High level security. Medium security, however, allows customization through Port Forwarding configuration so certain traffic can pass. 3. Minimum Security (Low) The low security setting will allow all traffic except for known attacks. With low, your modem is visible by other computers on the Internet. 4. No Security 5. Custom Security. Default "Inbound" rules: title [ Security Level Low IN rules ] begin RulesDropFrom192 drop from addr %LANADDR%:%LANMASK% done, alert 0 [WAN Traffic from LAN IP] RulesPass pass all RulesDropAddress drop from addr 0.0.0.0 done, alert 4 [ 0.0.0.0 Source IP Address] RulesPassUDP pass protocol udp, to port 53 done pass protocol udp, from port 53 done RulesDropICMP drop protocol icmp alert 4 [ICMP Message To WAN IP] RulesDropWANUDP drop protocol udp, to addr %WANADDR%:32 done, alert 4 [UDP WAN Traffic to WAN IP] RulesDropWANTCP drop protocol tcp, to addr %WANADDR%:32 done, alert 4 [TCP WAN Traffic to WAN IP] RulesPassGoodICMP pass protocol icmp, to addr %WANADDR%:32 done, alert 0 [Responding to WAN Ping] RulesPassGoodICMP pass protocol icmp, to addr %LANADDR%:%LANMASK% done, alert 0 [Nat'ed LOCAL PING] end Default "Outbound" rules: title [ Security Level Low OUT rules ] begin RulesDropNETBIOS drop to port = 135, to port = 139 done, alert 4 [Dropping NETBIOS Traffic] RulesPass pass all end What do you recommend? Many thanks. You're providing a very important service here. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|