Re: Firewall question.

From: Duane Arnold (notme_at_notme.com)
Date: 05/02/04


Date: Sun, 02 May 2004 08:47:47 GMT


"Bob" <ace-62@earthlinkNOSPAM.net> wrote in news:CA%kc.1527$a47.1023
@newsread3.news.atl.earthlink.net:

> Hello,
> I have a question for you all please.
>
> I have been running the XP firewall, but now have a firewall made by
> Sygate. Do I need to turn off the one in XP, or is it OK to run them
both
> for the added protection?
> I have heard both, but I thought that a few of you guy who seem to
really
> know your stuff in here might be able to give me the correct answer.
>
> Thanks,
> Bob
>
>
>

If you want to run two, then run one that has many of the FW like
features and does more than the XP ICF that's on the O/S. Malware can
take down any third party host based FW easily, but it's hard to take
down IPsec, since it's integrated with the O/S.

In addition to this, XP's FW upon the release of SP 2 will have
application control that will bring XP's FW on par with third party host
based FW(s).

Currently, IPsec will get to the TCP/IP connection first at boot and XP's
SP 2 FW will also get to the TCP/IP connection at boot.

At boot is a vulnerable situation for a machine with a third party FW
solution installed, since malware will beat any of them to the TCP/IP
connection and be done by the time any of them can get there and stop it.

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm

All you have to do is implement the AnalogX Secpol file and you're
covered. The POP3, HTTP etc, etc for the *client* are already configured.

You may want to look at *Protecting against Denial of Service Attacks*
being discussed in the link.

http://www.uksecurityonline.com/husdg/windowsxp.php

On the other hand, you may want to get a cheap NAT router and use Sygate
and IPsec behind it to supplement, like I do with the NAT router BlackIce
and IPsec on all machines.

A cheap NAT router cost as much as you have paid for Sygate, if not the
free one, because a NAT router stops everything in front of the machine
and the O/S and the FW will not react -- the true *stealth* part in a *I
am stealth* statement. :)

http://www.homenethelp.com/web/explain/about-NAT.asp

Duane :)

   



Relevant Pages

  • Re: Firewall- is it creating problems
    ... I have used Sygate before on a couple of computers without any problems. ... are using a NAT router you could disable it. ... I also recently installed Sygate free firewall. ... connectionevery 20-30 minutes, requiring a reboot. ...
    (microsoft.public.win2000.security)
  • Re: Hardware, software or both?
    ... > checking the Sygate Personal firewall and like it a lot. ... You can get a cheap NAT router that will catch most attacks before it ... Think layered protection and not depend on one single element is going to ...
    (comp.security.firewalls)
  • Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet
    ... Or go to IPsec that's on the ... > XP O/S to stop inbound and outbound connections by port, protocol, IP ... > etc. etc to supplemnt Sygate or a NAT router in that area. ...
    (comp.security.firewalls)
  • Re: firewalls
    ... but a cheap NAT router will do every ... thing that you need if your are using Sygate. ... Some NAT devices allow you to block ... If you want a real firewall, not just a NAT router, they start around ...
    (comp.security.misc)
  • Re: Starting firewall-service before net-service
    ... My Pc get viruses in that short time. ... how do i start the firewall before my pc goes into the ... You can use Sygate behind the NAT router if you like. ...
    (comp.security.firewalls)