If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
xp sp2 built-in firewall
I read all posted answers regarding this subjet and some
say that the buil-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks |
Ads |
#2
|
|||
|
|||
xp sp2 built-in firewall
Additionally, make it a point to regularly download critical/security
updates from Windows updates. -- HTH Meena "Clo" wrote in message ... I read all posted answers regarding this subjet and some say that the buil-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks |
#3
|
|||
|
|||
xp sp2 built-in firewall
In ,
Clo had this to say: My reply is at the bottom of your sent message: I read all posted answers regarding this subjet and some say that the buil-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks The firewall with XP is fairly decent at preventing you from inbound attacks but does little to nothing for outbound protection. A properly configured software firewall is a good start towards protecting your data and keeping your computer running in decent shape. Try some of these if you'd like: Firewalls: www.agnitum.com - Outpost Personal Firewall http://smb.sygate.com/products/spf_standard.htm - Sygate Personal Firewall www.kerio.com/us/kpf_download.html - Kerio Personal Firewall All of these companies offer free versions. Galen -- Signature changed for a moment of silence. Rest well Alex and we'll see you on the other side. |
#4
|
|||
|
|||
xp sp2 built-in firewall
Clo
The benefit of using a third party software firewall is that you will be alerted to unauthorised outgoing and incoming events.. SP2 firewall does a good job stopping unauthorised incoming events only.. -- Mike Hall MVP - Windows Shell/user http://dts-l.org/goodpost.htm "Clo" wrote in message ... I read all posted answers regarding this subjet and some say that the buil-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks |
#5
|
|||
|
|||
xp sp2 built-in firewall
"Clo" wrote:
I read all posted answers regarding this subjet and some say that the built-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks In my opinion, yes. Although I have experimented with third party firewalls, I have mostly used the Windows firewall (and its predecessor ICF firewall in pre-SP2 days) since XP came out and have NEVER had a problem with it. Conversely, I have had had minor problems with the Norton firewall and major problems with the Zone Alarm firewall. To be sure, other people have claimed to have used these products, and others like them, without problems. Every system is different, and every user is different. In response to the people who claim that you should get a third party firewall, I would observe that if you read these newsgroups regularly enough, you will find that most of the people who are having firewall-related problems are using third party firewalls, especially as part of so-called "Internet Security Suites." Very few people have had problems with the Windows firewall, and invariably the problems that do come up are either associated with bad installs or uninstalls of third party firewalls or Internet Security Suites (the most common cause) or are due to unusual or unique circumstances that don't apply to most users. The fundamental difference between the Windows firewall and a third party firewall is even though all firewalls do a more or less equally excellent job of blocking unauthorized inbound communications to your computer, the third party firewalls will also block certain programs already on your computer from communicating with the Internet. Because some of these programs may be trojans, worms, or spyware, sometimes this is a good thing. Because many other such programs are perfectly legitimate, sometimes this is a bad thing, although more an annoyance than an actual problem (these firewalls can be configured to stop blocking programs that you want to unblock). Unfortunately, the user isn't always able to tell the difference, and these programs often do not give the user adequate information or advice on what to allow and what to block. In my opinion, the slightly extra security (or, as I see it, bell and whistle) that comes with blocking crudware from "phoning home" isn't worth the additional problems or hassles of installing, configuring, and maintaining a third party firewall. My view is to use other lines of defenses to keep this crud off my machine in the first place. These other defenses -- up to date Windows XP with SP2, up to date antivirus software, up to date antispyware and antiadware software, and -- above all -- knowledge of how to avoid downloading and installing crudware in the first place, as well as the knowledge of how to recognize the signs that you have been compromised -- are more than adequate to do the job. They have worked for me for years. Going all the way back to 2001, no piece of crudware has ever darkened my hard drive during the years that I have used, and still use, the built-in XP firewall. Ken |
#6
|
|||
|
|||
xp sp2 built-in firewall
Thank you Ken, I will then leave everything as it is.
-----Original Message----- "Clo" wrote: I read all posted answers regarding this subjet and some say that the built-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks In my opinion, yes. Although I have experimented with third party firewalls, I have mostly used the Windows firewall (and its predecessor ICF firewall in pre-SP2 days) since XP came out and have NEVER had a problem with it. Conversely, I have had had minor problems with the Norton firewall and major problems with the Zone Alarm firewall. To be sure, other people have claimed to have used these products, and others like them, without problems. Every system is different, and every user is different. In response to the people who claim that you should get a third party firewall, I would observe that if you read these newsgroups regularly enough, you will find that most of the people who are having firewall-related problems are using third party firewalls, especially as part of so-called "Internet Security Suites." Very few people have had problems with the Windows firewall, and invariably the problems that do come up are either associated with bad installs or uninstalls of third party firewalls or Internet Security Suites (the most common cause) or are due to unusual or unique circumstances that don't apply to most users. The fundamental difference between the Windows firewall and a third party firewall is even though all firewalls do a more or less equally excellent job of blocking unauthorized inbound communications to your computer, the third party firewalls will also block certain programs already on your computer from communicating with the Internet. Because some of these programs may be trojans, worms, or spyware, sometimes this is a good thing. Because many other such programs are perfectly legitimate, sometimes this is a bad thing, although more an annoyance than an actual problem (these firewalls can be configured to stop blocking programs that you want to unblock). Unfortunately, the user isn't always able to tell the difference, and these programs often do not give the user adequate information or advice on what to allow and what to block. In my opinion, the slightly extra security (or, as I see it, bell and whistle) that comes with blocking crudware from "phoning home" isn't worth the additional problems or hassles of installing, configuring, and maintaining a third party firewall. My view is to use other lines of defenses to keep this crud off my machine in the first place. These other defenses -- up to date Windows XP with SP2, up to date antivirus software, up to date antispyware and antiadware software, and -- above all -- knowledge of how to avoid downloading and installing crudware in the first place, as well as the knowledge of how to recognize the signs that you have been compromised -- are more than adequate to do the job. They have worked for me for years. Going all the way back to 2001, no piece of crudware has ever darkened my hard drive during the years that I have used, and still use, the built-in XP firewall. Ken . |
#7
|
|||
|
|||
xp sp2 built-in firewall
My pleasure. Let me add a few things.
First, when people say that the Windows firewall is "not good enough," what they really mean is that it doesn't block outgoing communications -- not that it doesn't do an excellent job of what it is actually supposed to do: block unauthorized incoming communications and hide your computer from hackers on the Internet. Whether this is actually good or bad depends on what your security needs actually are. If you really need the additional capability to block outgoing communications with a firewall (e.g. you are a security novice, or you have teenagers who use the computer with Administrator privileges -- trust me, they know how to find Kazaa), then they are right: by this standard, the Windows firewall is not good enough. But if you don't need this additional capability because you already do everything else you need to do in order to secure your computer from crudware, then at best it is the functional equivalent of adding additional home security alarms to Fort Knox. Second, no one has ever explained why a third party firewall that blocks outgoing communications will make a computer more secure than a computer running Windows firewall. A third party firewall does not prevent a computer from becoming compromised, but only helps limit the damage and even then only with respect to crudware that attempts to "phone home" over the Internet (which is only a subset of crudware). This isn't my idea of a "more secure" computer at all. Third, you also need to back up your important data just in case the unthinkable happens regardless of how careful you are. It has never happened to me, but there is always potentially a first time. If it happened to me, a reinstall of XP, applications, and data, followed by research of what exactly went wrong, is a matter of 3 or 4 hours at most. Besides, would you trust a computer that has been compromised by crudware, but was apparently blocked from "phoning home" by a third party firewall? I wouldn't. And that's assuming the user even knows that the program is crudware and therefore elects to block it. Ken "Clo" wrote: Thank you Ken, I will then leave everything as it is. -----Original Message----- "Clo" wrote: I read all posted answers regarding this subjet and some say that the built-in firewall is not good enough and some say it is....really dont know what to do. For my firewall I use the built-in one, for my anti-virus I use Norton 2005 Corporate Edition and for anti-spyware I use Spybot and Ad-Aware SE personal edition, I also use the built-in popup blocker. Am I protected enough? Thanks In my opinion, yes. Although I have experimented with third party firewalls, I have mostly used the Windows firewall (and its predecessor ICF firewall in pre-SP2 days) since XP came out and have NEVER had a problem with it. Conversely, I have had had minor problems with the Norton firewall and major problems with the Zone Alarm firewall. To be sure, other people have claimed to have used these products, and others like them, without problems. Every system is different, and every user is different. In response to the people who claim that you should get a third party firewall, I would observe that if you read these newsgroups regularly enough, you will find that most of the people who are having firewall-related problems are using third party firewalls, especially as part of so-called "Internet Security Suites." Very few people have had problems with the Windows firewall, and invariably the problems that do come up are either associated with bad installs or uninstalls of third party firewalls or Internet Security Suites (the most common cause) or are due to unusual or unique circumstances that don't apply to most users. The fundamental difference between the Windows firewall and a third party firewall is even though all firewalls do a more or less equally excellent job of blocking unauthorized inbound communications to your computer, the third party firewalls will also block certain programs already on your computer from communicating with the Internet. Because some of these programs may be trojans, worms, or spyware, sometimes this is a good thing. Because many other such programs are perfectly legitimate, sometimes this is a bad thing, although more an annoyance than an actual problem (these firewalls can be configured to stop blocking programs that you want to unblock). Unfortunately, the user isn't always able to tell the difference, and these programs often do not give the user adequate information or advice on what to allow and what to block. In my opinion, the slightly extra security (or, as I see it, bell and whistle) that comes with blocking crudware from "phoning home" isn't worth the additional problems or hassles of installing, configuring, and maintaining a third party firewall. My view is to use other lines of defenses to keep this crud off my machine in the first place. These other defenses -- up to date Windows XP with SP2, up to date antivirus software, up to date antispyware and antiadware software, and -- above all -- knowledge of how to avoid downloading and installing crudware in the first place, as well as the knowledge of how to recognize the signs that you have been compromised -- are more than adequate to do the job. They have worked for me for years. Going all the way back to 2001, no piece of crudware has ever darkened my hard drive during the years that I have used, and still use, the built-in XP firewall. Ken . |
#8
|
|||
|
|||
xp sp2 built-in firewall
Ken
Extracts from your post are in parentheses.. "If you really need the additional capability to block outgoing communications with a firewall (e.g. you are a security novice, or you have teenagers who use the computer with Administrator privileges -- trust me, they know how to find Kazaa), then they are right: by this standard, the Windows firewall is not good enough." Most users would benefit from a firewall that warns of outgoing events, or be made aware of programs that will try to phone home.. it saves having to watch every single step that you make.. Crudware can be imported on the back of innocuous programs and files, and then do its work from inside.. the classic 'inside job'.. a third party firewall can stop this.. " Second, no one has ever explained why a third party firewall that blocks outgoing communications will make a computer more secure than a computer running Windows firewall." This is an easy one.. a third party software firewall will warn the user that unauthorised events are about to happen, and the user can say NO.. this action will prevent any information being sent out.. an example.. in a clothes store, you see gates at the entrance/exit that warn of unauthorised exits of stock.. "A third party firewall does not prevent a computer from becoming compromised, but only helps limit the damage ...... " How can you say this on the basis that a third party software firewall blocks incoming, as per Windows firewall, and outgoing too?.. of course, we all know that software firewalls of any type can be breached, but it takes a determined effort.. you can just type 'Open Sesame' "Besides, would you trust a computer that has been compromised by crudware, but was apparently blocked from "phoning home" by a third party firewall? I wouldn't. And that's assuming the user even knows that the program is crudware and therefore elects to block it." This assumes that third party firewalls only stop outgoing events, a statement that you know to be patently untrue.. All of the people that I support use McAfee Suite 8 firewall and anti-virus (not spam killer or privacy service).. none of them have had problems setting up or using the suite.. in fact, many forget it is even there, which is how it should be.. And what's with the 'security novice' jive?.. companies may not use a third party software firewall like Zonealarm, but the firewalls that they do use are configurable re. stopping access outbound.. do you think that a company like IBM just protects against incoming stuff?.. Microsoft don't have a full software firewall and anti-virus programs included in their OSes as protection against lawsuits, and come the day that they are allowed so to do, your words here are going to look a little stupid.. -- Mike Hall MVP - Windows Shell/user http://dts-l.org/goodpost.htm "Ken Gardner" wrote in message ... My pleasure. Let me add a few things. First, when people say that the Windows firewall is "not good enough," what they really mean is that it doesn't block outgoing communications -- not that it doesn't do an excellent job of what it is actually supposed to do: block unauthorized incoming communications and hide your computer from hackers on the Internet. Whether this is actually good or bad depends on what your security needs actually are. If you really need the additional capability to block outgoing communications with a firewall (e.g. you are a security novice, or you have teenagers who use the computer with Administrator privileges -- trust me, they know how to find Kazaa), then they are right: by this standard, the Windows firewall is not good enough. But if you don't need this additional capability because you already do everything else you need to do in order to secure your computer from crudware, then at best it is the functional equivalent of adding additional home security alarms to Fort Knox. Second, no one has ever explained why a third party firewall that blocks outgoing communications will make a computer more secure than a computer running Windows firewall. A third party firewall does not prevent a computer from becoming compromised, but only helps limit the damage and even then only with respect to crudware that attempts to "phone home" over the Internet (which is only a subset of crudware). This isn't my idea of a "more secure" computer at all. Third, you also need to back up your important data just in case the unthinkable happens regardless of how careful you are. It has never happened to me, but there is always potentially a first time. If it happened to me, a reinstall of XP, applications, and data, followed by research of what exactly went wrong, is a matter of 3 or 4 hours at most. Besides, would you trust a computer that has been compromised by crudware, but was apparently blocked from "phoning home" by a third party firewall? I wouldn't. And that's assuming the user even knows that the program is crudware and therefore elects to block it. |
#9
|
|||
|
|||
xp sp2 built-in firewall
"Mike Hall (MS-MVP)" wrote:
"If you really need the additional capability to block outgoing communications with a firewall (e.g. you are a security novice, or you have teenagers who use the computer with Administrator privileges -- trust me, they know how to find Kazaa), then they are right: by this standard, the Windows firewall is not good enough." Most users would benefit from a firewall that warns of outgoing events, or be made aware of programs that will try to phone home.. it saves having to watch every single step that you make.. I don't dispute that a third party firewall is effective in preventing crudware from phoning home. I do dispute that this capability, as a practical matter, is much of a security benefit, because it means that the user's machine has already been compromised -- otherwise, the crudware wouldn't be there in the first place. At best, this feature makes an insecure computer slightly less insecure, but they don't help an already secure computer be any more secure than it already is with the Windows firewall. Moreover, third party firewalls are harder to configure properly. A user who doesn't even know enough to prevent his computer from being compromised isn't going to know how to configure the firewall, either. See, e.g., my brother. Speaking of my brother -- and he doesn't even rise to the security novice level, "total security dumbass" best describes him -- he has been problem free since the day months ago when I wiped the crud off his hard drive, installed SP2 and the Microsoft beta antispyware program, showed him how to use Ad Aware, and -- most important -- set up his teenage daughter on a limited account. I shudder to think what would happen to him if, e.g., he ran into the same types of problems that I used to have with Zone Alarm. Crudware can be imported on the back of innocuous programs and files, and then do its work from inside.. the classic 'inside job'.. a third party firewall can stop this.. Right, but so can an up-to-date Windows XP with SP2 set to the default settings, an effective and up to date antivirus program, an effective and up to date antispyware program, an effective and up to date anti-adware program, and just a decent modicum of common sense and good judgment in downloading files and opening attachments. The difference is that if the user does all of these other things, his machine won't be compromised in the first place. " Second, no one has ever explained why a third party firewall that blocks outgoing communications will make a computer more secure than a computer running Windows firewall." This is an easy one.. a third party software firewall will warn the user that unauthorised events are about to happen, and the user can say NO.. this action will prevent any information being sent out.. an example.. in a clothes store, you see gates at the entrance/exit that warn of unauthorised exits of stock.. But how does this feature make me more secure? It tells me only that some program is trying to access the Internet, and purports to give me (usually inadequate) information and/or advice about the program. In the very best case scenario, it warns me that crudware is trying to phone home -- but this goes back to my point that these firewalls make insecure machines less insecure, but they do nothing to increase the security of an already secure machine. In the worst case scenario, legitimate outbound communications on an already secure machine are being blocked, often without my knowledge or consent. "A third party firewall does not prevent a computer from becoming compromised, but only helps limit the damage ...... " How can you say this on the basis that a third party software firewall blocks incoming, as per Windows firewall, and outgoing too?.. of course, we all know that software firewalls of any type can be breached, but it takes a determined effort.. you can just type 'Open Sesame' To the extent that it blocks incoming communications, well, all firewalls do that, and all of them do it well. To the extent that it blocks outgoing communications, either the communication is legitimate (in which case it is a hindrance) or illegitimate (in which case the machine is already compromised). Either way, it doesn't enhance security, although it does reduce the level of insecurity of an otherwise insecure machine. "Besides, would you trust a computer that has been compromised by crudware, but was apparently blocked from "phoning home" by a third party firewall? I wouldn't. And that's assuming the user even knows that the program is crudware and therefore elects to block it." This assumes that third party firewalls only stop outgoing events, a statement that you know to be patently untrue.. Again, I don't deny that they also stop incoming attacks, but so does Windows firewall. The issue here is not whether a firewall is better than no firewall, but whether, from a security standpoint, users who take a few simple steps to secure their machine really need the additional ability of a third party firewall to block certain outgoing communications. I haven't seen a compelling argument that they do. All of the people that I support use McAfee Suite 8 firewall and anti-virus (not spam killer or privacy service).. none of them have had problems setting up or using the suite.. in fact, many forget it is even there, which is how it should be.. That may be the case, although I have had enough bad experiences with MacAfee in the past never to use it again. The ideal third party firewall would be one that required as little user interaction as possible. This ideal state of affairs certainly doesn't describe the two third party firewalls I am most familiar with: Norton and Zone Alarm. And what's with the 'security novice' jive?.. companies may not use a third party software firewall like Zonealarm, but the firewalls that they do use are configurable re. stopping access outbound.. do you think that a company like IBM just protects against incoming stuff?.. I'm saying that people who pay little or no attention to computer security are much more likely to need a third party firewall. Even then, it is possible to set up their machines so that they don't need one -- as I did with my brother. Microsoft don't have a full software firewall and anti-virus programs included in their OSes as protection against lawsuits, and come the day that they are allowed so to do, your words here are going to look a little stupid.. I'm not following you here. Are you saying that Microsoft doesn't use outbound blocking in its Windows firewall because it fears litigation? As for antivirus, isn't Microsoft preparing to introduce its own antivirus software sometime this year or at least in the next version of Windows? I read something to that effect a month or so ago (I can probably find the link if I need to). Ken |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
xp sp2 | Jagdish Chandra | Windows Service Pack 2 | 4 | December 13th 04 09:33 AM |
Service Pak 2 uninstall? | Bruce | Windows XP Help and Support | 2 | November 11th 04 08:00 AM |
xp sp2 slows down pc and several other problems | crghous | Windows Service Pack 2 | 3 | October 6th 04 11:47 AM |
XP SP2 Firewall selects Standard profile when computer is properly connected to domain network | Bruce Sanderson | Windows Service Pack 2 | 3 | September 23rd 04 11:15 AM |
Firewall rant | Jerry | Security and Administration with Windows XP | 1 | September 5th 04 02:36 AM |