Re: Firewall Confusion

From: NeoSadist (neosad1st_at_charter.net)
Date: 02/28/04

• Next message: Master: "Need help with my modemsetup"
• Previous message: rhamnose: "Need help"
• In reply to: Steve Gibbs: "Firewall Confusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 27 Feb 2004 22:32:50 -0700

Steve Gibbs wrote:

> I'm hoping that you could give some guidance on my firewall setup.
>
> I'm running a Dynalink RTA300 Router/Modem. It has a firewall, which I
> can switch on and configure as necessary.
> My computer has Zonealarm running.
> I'm also running XP, which has the option of the ICF firewall.

Ok, way too many firewalls already. First off, use only one firewall on the
windows box itself, so either use ICF and uninstall ZA, or use ZA and shut
off ICF. That's my opinion so far.

>
> My primary requirement is to be protected from the outside world, so my
> question is:
> 1. Does the RTA300 protect me because its a router, or should I turn on
> the firewall that comes with it?

Never hurts to have an extra layer of security, if that's what you want.

>
> My secondary requirement is to be protected from applications that sneakly
> connect to the Internet.

That's best done on the windows box, and ZA is quite good at it.

> 2. Will the Windows XP firewall do this for me or should I be running
> Zonealarm or in fact the Dyanlink firewall?

WinXP ICF is, in my opinion, a very basic firewall. It has no specific
program blocking/filtering like ZA does, as far as I know.

>
> When I run Zonealarm, I never get bothered by incoming requests, so I
> presume that the answer to question 1 is 'Yes'.

Probably, but the only way to know is to use a packet sniffer like ethereal
or something to listen in.

>
> Many thanks for you assistance.

-- 
Human beings were created by water to transport it uphill.

• Next message: Master: "Need help with my modemsetup"
• Previous message: rhamnose: "Need help"
• In reply to: Steve Gibbs: "Firewall Confusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ZoneAlarm Pro, Sygate Personal Firewall, or built in xp firewall? ... ICF monitors outbound ports to know what inbound ports to block/open. ... blocks unsolicited connection attempts. ... connect to the Internet but would not normally purchase a firewall from the ... baseline intrusion prevention mechanism in Windows XP. ... (microsoft.public.windowsxp.security_admin) Re: Proposed Internet Connection Firewall change in WinXP SP2 ... Of course a firewall is totally ineffectual against unintelligent ... I would advise you to look at alternatives to DCOM based ... Microsoft MVP ... >> available for management for ICF from group policy. ... (microsoft.public.windowsxp.security_admin) Re: Speaking of XP Firewall...... ... So I also use the ICF from winXP-And if I havent gotten ZoneAlarn it is ... Why is it necessary to firewall outgoing stuff as well?? ... > ZoneAlarm, Kerio, or Sygate are all much better than WinXP's ... (microsoft.public.windowsxp.basics) Re: Baseline script (disable services etc.) ... > If anyone could give me any tips (as to turning on the ICF and disabling ... Disabling of services: ... Connection Firewall on a connection, ... Note that when using the EnableInternetFirewall/DisableInternetFirewall ... (microsoft.public.scripting.vbscript) SBS 2003 security policy... ... I just discovered an amazing new feature of SBS 2003 security policy: ... computers without at least a simple firewall like the one from Microsoft ... they simply disable ICF altogether *while* its connected to the domain. ... (NT-Bugtraq)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint