If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
how good is the XP firewall
I've happily been running Zone Alarm as the firewall, Grisoft's AVG as my
virus scanner, Ad-Aware and Spy-Bot for other nasties on my Win ME setup. The last three presumably should be installed on a new XP machine? But does the XP SP2 firewall do as good a job as Zone-Alarm? Quite a few articles suggest that Microsoft offer 'cut-down' versions of 3rd party apps of this nature. If one has something like Partition Magic, is it preferable to use it? RoS |
Ads |
#2
|
|||
|
|||
RoS wrote:
nature. If one has something like Partition Magic, is it preferable to use it? You dont need partition magic to setup XP computers or add new hard drives. -- http://www.bootdisk.com/ |
#3
|
|||
|
|||
Hi,
The XP firewall only monitors/blocks incoming traffic. It's certainly *much* better than no firewall, but it can be useful to monitor/control outgoing traffic. It's nice to know which programs are "phoning home." Don [MS MVP- IE/OE] "RoS" kermitbaby[at]bigpond.com wrote in message ... does the XP SP2 firewall do as good a job as Zone-Alarm? |
#4
|
|||
|
|||
In ,
RoS respectfully replied ;-) I've happily been running Zone Alarm as the firewall, Grisoft's AVG as my virus scanner, Ad-Aware and Spy-Bot for other nasties on my Win ME setup. The last three presumably should be installed on a new XP machine? But does the XP SP2 firewall do as good a job as Zone-Alarm? Quite a few articles suggest that Microsoft offer 'cut-down' versions of 3rd party apps of this nature. If one has something like Partition Magic, is it preferable to use it? RoS XP firewall is intended to protect users from exploits that exist with the initial internet connection after setup and users that do not want to purchase, or have not purchased a third party firewall. As with all non-OS additions included with Windows XP or any previous Windows, they are basic applications that have the limitations a basic application would have. The XP firewall blocks incoming traffic only. -- Michael Stevens MS-MVP XP http://www.michaelstevenstech.com For a better newsgroup experience. Setup a newsreader. http://www.michaelstevenstech.com/ou...snewreader.htm |
#5
|
|||
|
|||
"RoS" wrote in message ... I've happily been running Zone Alarm as the firewall, Grisoft's AVG as my virus scanner, Ad-Aware and Spy-Bot for other nasties on my Win ME setup. The last three presumably should be installed on a new XP machine? But does the XP SP2 firewall do as good a job as Zone-Alarm? Quite a few articles suggest that Microsoft offer 'cut-down' versions of 3rd party apps of this nature. If one has something like Partition Magic, is it preferable to use it? RoS As has been pointed out the XP firewall can block incoming traffic only. It does so by only allowing incoming traffic that has been initiated by your PC which means if you get a Trojan, keyboard logger or other mass mail virus on your PC the XP firewall will not stop them from turning your PC into a zombie and sending out loads of spam, info etc. So saying, I am running the XP firewall and Zone Alarm together without any conflicts although I probably don't need the XP one any more. Rob |
#6
|
|||
|
|||
The XP Firewall may have one advantage to other 3rd Party firewall
programs. During XP's boot up there is a "Small" time during Network initialization that the PC is exposed. Excerpt from a MS Document on XP Firewall In earlier versions of Windows, there was a small window of time between the network starting and the firewall becoming active, leaving your computer vulnerable for that brief period time.In Service Pack 2, during startup and shutdown, the firewall driver uses a rule called a boot-time filter to help prevent attacks during those brief periods. Once Windows Firewall is up and running, it loads your custom firewall settings and removes the boot-time filters. This makes your computer less vulnerable to attacks during startup and shutdown operations. I've never checked to see if Zone Alarm and other 3rd party firewalls have provisions to protect the system during these times, but it would be worth knowing. "Canopus" wrote in message ... "RoS" wrote in message ... I've happily been running Zone Alarm as the firewall, Grisoft's AVG as my virus scanner, Ad-Aware and Spy-Bot for other nasties on my Win ME setup. The last three presumably should be installed on a new XP machine? But does the XP SP2 firewall do as good a job as Zone-Alarm? Quite a few articles suggest that Microsoft offer 'cut-down' versions of 3rd party apps of this nature. If one has something like Partition Magic, is it preferable to use it? RoS As has been pointed out the XP firewall can block incoming traffic only. It does so by only allowing incoming traffic that has been initiated by your PC which means if you get a Trojan, keyboard logger or other mass mail virus on your PC the XP firewall will not stop them from turning your PC into a zombie and sending out loads of spam, info etc. So saying, I am running the XP firewall and Zone Alarm together without any conflicts although I probably don't need the XP one any more. Rob |
#7
|
|||
|
|||
In message "Canopus"
wrote: As has been pointed out the XP firewall can block incoming traffic only. It does so by only allowing incoming traffic that has been initiated by your PC which means if you get a Trojan, keyboard logger or other mass mail virus on your PC the XP firewall will not stop them from turning your PC into a zombie and sending out loads of spam, info etc. So saying, I am running the XP firewall and Zone Alarm together without any conflicts although I probably don't need the XP one any more. It's worth noting that if you are running XP using an administrator account, any malware you install on your system can bypass your firewall to connect out anyway. -- They call it "PMS" because "Mad Cow Disease" was already taken |
#8
|
|||
|
|||
"DevilsPGD" wrote in message
reenews.net In message "Canopus" wrote: As has been pointed out the XP firewall can block incoming traffic only. It does so by only allowing incoming traffic that has been initiated by your PC which means if you get a Trojan, keyboard logger or other mass mail virus on your PC the XP firewall will not stop them from turning your PC into a zombie and sending out loads of spam, info etc. So saying, I am running the XP firewall and Zone Alarm together without any conflicts although I probably don't need the XP one any more. It's worth noting that if you are running XP using an administrator account, any malware you install on your system can bypass your firewall to connect out anyway. No matter what the firewall. -- Frank Saunders, MS-MVP, IE/OE Please respond in Newsgroup only. Do not send email http://www.fjsmjs.com Protect your PC http://www.microsoft.com./athome/sec...t/default.aspx http://defendingyourmachine.blogspot.com/ |
#9
|
|||
|
|||
"RoS" wrote:
The last three presumably should be installed on a new XP machine? But does the XP SP2 firewall do as good a job as Zone-Alarm? Quite a few articles suggest that Microsoft offer 'cut-down' versions of 3rd party apps of this nature. In my opinion, based on extensive personal experience as well as regularly reading firewall-related posts on these newsgroups, is that the Windows firewall is better than third party firewalls -- better from the standpoint of overall performance, reliability, and even security. If you feel like you need to depend on a third party firewall to prevent crudware already on your machine from phoning home, then you already don't know what you really need to know about security in the first place. Knowledge is power. Learn what crudware actually is, how some POS attempts to install it on your machine, and how to avoid downloading and installing crudware in the first place, and then implement what you have learned. One of the things you'll learn is that all you need is an up-to-date Windows XP system with SP2 set to default settings, any good standalone antivirus program, and a good antispyware program that runs in real time (I use Microsoft Antispyware -- it's the best one of many that I have tried). Think of it this way. If your computer is already secure enough, installing a third party firewall is redundant and unnecessary -- it would be like adding a few more burglar alarms to Fort Knox. If it is insecure, installing a third party firewall will, at best, help you minimize any resulting damage. You are, therefore, much better off devoting your time, energy, and money to making your system secure than making an insecure system slightly less insecure. Even more generally, a good rule of thumb about XP is that the less you mess with how it was designed to run, the better it will operate. It is currently designed to run with the Windows firewall, working in conjunction with an antivirus program that the user must install separately. It is a good design. Don't mess with it. Ken |
#10
|
|||
|
|||
R. McCarty wrote:
The XP Firewall may have one advantage to other 3rd Party firewall programs. During XP's boot up there is a "Small" time during Network initialization that the PC is exposed. Excerpt from a MS Document on XP Firewall In earlier versions of Windows, there was a small window of time between the network starting and the firewall becoming active, leaving your computer vulnerable for that brief period time.In Service Pack 2, during startup and shutdown, the firewall driver uses a rule called a boot-time filter to help prevent attacks during those brief periods. Once Windows Firewall is up and running, it loads your custom firewall settings and removes the boot-time filters. This makes your computer less vulnerable to attacks during startup and shutdown operations. I've never checked to see if Zone Alarm and other 3rd party firewalls have provisions to protect the system during these times, but it would be worth knowing. The Sygate firewall has a setting to block all traffic when the firewall service is not loaded including during shutdown and boot up. |
#11
|
|||
|
|||
Thanks Rock, I'll have to check with Zone Alarm's forum and see if
the same protection exists in their product. "Rock" wrote in message ... R. McCarty wrote: The XP Firewall may have one advantage to other 3rd Party firewall programs. During XP's boot up there is a "Small" time during Network initialization that the PC is exposed. Excerpt from a MS Document on XP Firewall In earlier versions of Windows, there was a small window of time between the network starting and the firewall becoming active, leaving your computer vulnerable for that brief period time.In Service Pack 2, during startup and shutdown, the firewall driver uses a rule called a boot-time filter to help prevent attacks during those brief periods. Once Windows Firewall is up and running, it loads your custom firewall settings and removes the boot-time filters. This makes your computer less vulnerable to attacks during startup and shutdown operations. I've never checked to see if Zone Alarm and other 3rd party firewalls have provisions to protect the system during these times, but it would be worth knowing. The Sygate firewall has a setting to block all traffic when the firewall service is not loaded including during shutdown and boot up. |
#12
|
|||
|
|||
In ,
Ken Gardner typed: In my opinion, based on extensive personal experience as well as regularly reading firewall-related posts on these newsgroups, is that the Windows firewall is better than third party firewalls -- better from the standpoint of overall performance, reliability, and even security. You certainly have a right to that opinion, but I wanted to point out that most of us here disagree with you completely. Not only that, but Microsoft also disagrees with you. Read http://www.microsoft.com/athome/secu.../firewall.mspx which includes the following: "Q. Should I use a non-Microsoft personal firewall instead of the built-in Internet Connection Firewall? A. If you already have a non-Microsoft firewall on your computer, you should continue to use it. If you do not have a firewall, then you have a choice. If you want a simple firewall that is very easy to configure, then you should use the Windows XP Internet Connection Firewall. If you want more advanced control over the traffic that passes through your computer and you also want to block outgoing traffic (that is the traffic from your computer out to the Internet) then choose a personal firewall from another company." Think of it this way. If your computer is already secure enough, installing a third party firewall is redundant and unnecessary Yes, but what does "secure enough" mean? The problem is that you never really know. I have a lock on my front door, and no burglar has ever broken in. Does that mean I am "secure enough"? How do I know that tomorrow a more skilled burglar won't come along and pick my lock? So I were given the opportunity to easily install a better lock, and one that cost me nothing, I would take it. I may protect me against that better burglar, or he may never come along and it may not. But I don't care. There's no downside to enhancing my security for free, whether or not it turns out that it's necessary. -- Ken Blake - Microsoft MVP Windows: Shell/User Please reply to the newsgroup |
#13
|
|||
|
|||
On Tue, 29 Mar 2005 10:15:03 -0800, "Ken Gardner"
wrote: and how to avoid downloading and installing crudware in the first place, and then implement what you have learned. One of the things you'll learn is that all you need is an up-to-date Windows XP system with SP2 set to default settings, any good standalone antivirus program, and a good antispyware program that runs in real time (I use Microsoft Antispyware -- it's the best one of many that I have tried). Having a good program watching for your 'crudware' is just a stop gap measure. You need to be able to identify WHEN you've been compromised. All the backup virus software, firewall's, adware removers popup killers etc.. don't mean diddly if something gets past them. And something WILL get past them. That's when you need to know when something's wrong and go after it the best you can. You might have to run several different NEW virus scanners or adware programs cause not all of them are equal. Trend might find 98%. Then you might need mcaffee, Norton or any others to find what's causing trouble. something calling itself desktop xxxx made it to my system ages ago. Trend had no idea what it was, Adaware didn't. I had to search the web for desktop xxx to find someone else that had been hit by it and find out how to dump it. I never found it in time. I just did a reformat and reinstall of the OS. Just reinstalling the OS and rollbacks was doing nothing. That right there is the only guaranteed solution to a virus. Think of it this way. If your computer is already secure enough, installing a third party firewall is redundant and unnecessary -- it would be like adding a few more burglar alarms to Fort Knox. If it is insecure, installing a third party firewall will, at best, help you minimize any resulting damage. More eyes open, better chance of survival, but adding software isn't the same comparison. Identical software will wind up fighting each other for resources, and cause more trouble than it solves. IIRC The XP OS specifically says ONLY use 1. If you have a 3rd party either disable that one or XP's but don't run both. You are, therefore, much better off devoting your time, energy, and money to making your system secure than making an insecure system slightly less insecure. Even more generally, a good rule of thumb about XP is that the less you mess with how it was designed to run, the better it will operate. It is currently designed to run with the Windows firewall, working in conjunction with an antivirus program that the user must install separately. It is a good design. Don't mess with it. Ken -- more pix @ http://members.toast.net/cbminfo/index.html |
#14
|
|||
|
|||
"Ken Blake" wrote:
In my opinion, based on extensive personal experience as well as regularly reading firewall-related posts on these newsgroups, is that the Windows firewall is better than third party firewalls -- better from the standpoint of overall performance, reliability, and even security. You certainly have a right to that opinion, but I wanted to point out that most of us here disagree with you completely. Sure. I don't deny it. Usually when I give this speech, I throw in the caveat that many people, including people like you whose opinions I greatly respect, disagree with me. This time I simply forgot to do it. Not only that, but Microsoft also disagrees with you. Read http://www.microsoft.com/athome/secu.../firewall.mspx which includes the following: "Q. Should I use a non-Microsoft personal firewall instead of the built-in Internet Connection Firewall? A. If you already have a non-Microsoft firewall on your computer, you should continue to use it. If you do not have a firewall, then you have a choice. If you want a simple firewall that is very easy to configure, then you should use the Windows XP Internet Connection Firewall. If you want more advanced control over the traffic that passes through your computer and you also want to block outgoing traffic (that is the traffic from your computer out to the Internet) then choose a personal firewall from another company." I could respond, in hypertechnical fashion, that this blurb refers to ICF, not the (much improved) Windows firewall. But despite the first sentence, it is unclear to me what it is really saying because the user always has the choice to uninstall the third party firewall -- which then puts him in the same position as the person who must choose between one or the other (which is what the rest of the blurb addresses). Why would Microsoft do this? My guess is that there are separate problems that are likely to come up if the user uninstalls a third party firewall that don't exist if the firewall was never installed in the first place. I have experienced some of these problems myself, especially with Zone Alarm (admittedly a very popular choice, but one that, for some reason, always seems to constipate my system), and we can read about the problems others have experienced right here in these newsgroups. So of course it would make sense for Microsoft to advise a person who is already using a third party firewall to keep using it and thereby avoid these types of problems. But leaving all this aside, I completely agree with the rest of what Microsoft wrote, even if you substitute the (improved) Windows Firewall for ICF. However, I have no desire or need to monitor outgoing communications or otherwise take "more advanced control" (or what I would call using additional bells and whistles). I use other software and related security measures to keep crudware off my system in the first place, and otherwise I don't want anything obstructing legitimate outbound communications even long enough to bother me to make decisions on which legitimate communications I should block when the answer will almost always be "none." I would rather have the simpler firewall that is much easier to configure -- and which has never caused me a single problem or security breach going all the way back to the day Microsoft introduced XP in 2001. I agree that others may prefer the "more advanced" features. I'm simply not one of them. Think of it this way. If your computer is already secure enough, installing a third party firewall is redundant and unnecessary Yes, but what does "secure enough" mean? The problem is that you never really know. I can never know with 100 percent certainty. I also don't know with 100 percent certainty that I won't be killed in an automobile accident the next time I drive to work, but this uncertainty will not stop me from ever again driving to work. I do know with pretty much 100 percent certainty when something is wrong with my computer or with someone else's computer, including the signs of crudware. I don't need a third party firewall to tell me that something is wrong. I have a lock on my front door, and no burglar has ever broken in. Does that mean I am "secure enough"? How do I know that tomorrow a more skilled burglar won't come along and pick my lock? Well, I can also increase the number of locks on the door, install an electric fence, get some guard dogs, booby-trap my front yard, etc. But at some point the law of diminishing returns kicks in. The locks and electric fence costs money, the guard dogs need to be feed and then they mess up your yard, booby traps can also injure young children, etc., etc. So I were given the opportunity to easily install a better lock, and one that cost me nothing, I would take it. I may protect me against that better burglar, or he may never come along and it may not. But I don't care. There's no downside to enhancing my security for free, whether or not it turns out that it's necessary. Even with the best of third party firewalls, there is some downside. There may be compatibility issues (especially as Microsoft continues to update Windows), they may sometimes make mistakes in deciding which outbound communications to block, there is a small hit on resources and memory, these programs have to be maintained and updated from time to time, etc. Ken |
#15
|
|||
|
|||
On Tue, 29 Mar 2005 13:55:01 -0800, "Ken Gardner"
wrote: But leaving all this aside, I completely agree with the rest of what Microsoft wrote, even if you substitute the (improved) Windows Firewall for ICF. However, I have no desire or need to monitor outgoing communications or otherwise take "more advanced control" (or what I would call using additional bells and whistles). I use other software and related security measures to Ask yourself what is outgoing ? Normally once the burglars entered, he TAKES the stuff OUT. Your passwords, social security number, home address, children's ages, anything personal you've stuck on a drive could be included in the OUTGOING that you don't feel a need to monitor. You sound like one of those commercials now, Nostradamus didn't predict Trojans or computer virus, so I'm protected. I want my machine to make a sound like a Yeti, AAAOOOOOOWWWWWWW!!! keep crudware off my system in the first place, and otherwise I don't want anything obstructing legitimate outbound communications even long enough to bother me to make decisions on which legitimate communications I should block when the answer will almost always be "none." I would rather have the simpler firewall that is much easier to configure -- and which has never caused me a single problem or security breach going all the way back to the day Microsoft introduced XP in 2001. I agree that others may prefer the "more advanced" features. I'm simply not one of them. You've been lucky so far. I see on average at least 5 attempts daily to compromise my computer. The kiddie scripts are still out there. And if they can turn your machine into a slave for forwarding their spam [you'll never know if they do], or even better, turning your machine into a source for pirate ware. You could benefit from www.dshield.org and help others. It'd increase your web paranoia, but it'd make you think about how much traffic you want to ignore. Think of it this way. If your computer is already secure enough, installing a third party firewall is redundant and unnecessary Yes, but what does "secure enough" mean? The problem is that you never really know. I can never know with 100 percent certainty. I also don't know with 100 percent certainty that I won't be killed in an automobile accident the next time I drive to work, but this uncertainty will not stop me from ever again driving to work. I do know with pretty much 100 percent certainty when something is wrong with my computer or with someone else's computer, including the signs of crudware. I don't need a third party firewall to tell me that something is wrong. But you still keep your seat belts and other safety devices [brakes] in working order. If one starts to fail, and a weak firewall you can almost guarantee will fail, you wouldn't stay with it. M$ has already said it's not the best out there. You can't stop the burglar, but you can make it hard enough to give you the breathing space to call 911. IOW: You don't post signs on your roof that you leave your doors unlocked and aren't home between the hours of xx and xx. If some kiddy script can identify you as an easy mark, they'll be back until they get thru. Check your security with XP at this site http://grc.com/intro.htm look for the Shields up page and then tell us just how secure you feel. Or go to Norton, they have something similar but it may take hours for results. GRC can tell you in minutes how vulnerable and where you aren't secure. It's sobering when they can tell you more about you than you know about you just by visiting their web site.. And for all you know the link I'm giving you above isn't sending you off to a malicious java script that won't have any problem dropping it's load on you. It isn't, but you don't know that unless you've been to GRC.com b4. I would say take a look at the counter I use, it grabs everything but blood type and mothers maiden name. That's way more info than a visit to a web site needs to know. But the technology exists to scan your entire machine and send it to Osama Bin Laden. I have a lock on my front door, and no burglar has ever broken in. Does that mean I am "secure enough"? How do I know that tomorrow a more skilled burglar won't come along and pick my lock? Well, I can also increase the number of locks on the door, install an electric fence, get some guard dogs, booby-trap my front yard, etc. But at Guard dogs and booby trapping your front yard, and you can kiss your freedom goodbye. It's ILLEGAL. And if you do catch a burglar in one, he'll own you, If he survives, if not his relatives will own you. some point the law of diminishing returns kicks in. The locks and electric fence costs money, the guard dogs need to be feed and then they mess up your yard, booby traps can also injure young children, etc., etc. So I were given the opportunity to easily install a better lock, and one that cost me nothing, I would take it. I may protect me against that better burglar, or he may never come along and it may not. But I don't care. There's no downside to enhancing my security for free, whether or not it turns out that it's necessary. Even with the best of third party firewalls, there is some downside. There may be compatibility issues (especially as Microsoft continues to update Windows), they may sometimes make mistakes in deciding which outbound communications to block, there is a small hit on resources and memory, these programs have to be maintained and updated from time to time, etc. Ken -- more pix @ http://members.toast.net/cbminfo/index.html |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
xp sp2 built-in firewall | Clo | Windows Service Pack 2 | 8 | March 17th 05 11:17 PM |
How can I kill IE?!?!?!!? | Galen | General XP issues or comments | 75 | February 16th 05 08:57 PM |
Is software firewall nessasery if hardware is available? | paul dallaire | Security and Administration with Windows XP | 18 | February 16th 05 03:15 AM |
Life is beautiful pps | Henry Stable | General XP issues or comments | 11 | January 29th 05 12:40 PM |
XP2 and the Firewall | Simon Hughes | Windows XP Help and Support | 5 | January 25th 05 02:02 PM |