Re: I am sick of windows firewall



Sebastian Gottschalk wrote:
Duane Arnold wrote:

IPsec that's on the XP O/S too can be used to supplement the XP FW if
you need to stop outbound packets. And it can do it by port, protocol,
or IP.
[...]
I use the AnalogX IPsec rules to supplement BlackIce on the laptop.


That's bad. You're always open to IP/50, IP/51 and UDP/500, and your
rules will always let pass all Kerberos, NetBIOS, multicast and
broadcast traffic. Some of those excemptions can be disabled, some cannot.

I have made my adjustments to IPsec to supplement BlackIce to fit my needs. BlackIce is set to stop all unsolicited inbound traffic and is letting nothing through that's not solicited. In addition to that, I have set rules with BlackIce to block TCP and UDP ports from 1-65535, which means if I take BI off of it highest configuration rule of stopping all unsolicited inbound traffic, it's still blocking all unsolicited inbound traffic.

IPsec is only a supplement to BlackIce or to any PFW solution. It's not a front line defense solution. If I need IPsec to stop outbound that BlackIce cannot do by setting rules, then I'll do that.

In addition, the alters on BlackIce's highest threat level that I was getting that were happening on the attempts on the Windows networking ports even though BI was stopping the attempts came to a complete stop on the notification and logging, once I implemented the AnalogX rules for IPsec, activated IPsec and configured IPsec to start block packets amid at those ports.

Again, IPsec is a supplement solution behind the PFW solution and I am pleased with it's ability to be a supplemental packet filtering solution.

Ipsec is doing its job on this laptop. If it comes past IPsec and BlackIce on unsolicited inbound traffic, then I'll worry about it. :)

I need IPsec to stop outbound if I need it to do it. That's its purpose and why it is there.

Duane :)
.



Relevant Pages

  • Re: I am sick of windows firewall
    ... the XP FW if you need to stop outbound packets. ... I have made my adjustments to IPsec to supplement BlackIce ... the Windows networking ports even though BI was stopping ...
    (comp.security.firewalls)
  • Re: ZoneAlarm Pro vs Outpost Pro?
    ... I use IPsec to supplement BlackIce as a packet filter. ... Don't you web browse over standard http? ...
    (comp.security.firewalls)
  • Re: I am sick of windows firewall
    ... I use the AnalogX IPsec rules to supplement BlackIce ... need IPsec to stop outbound that BlackIce cannot do by ... attempts on the Windows networking ports even though BI ...
    (comp.security.firewalls)
  • Re: New XP user seeks Firewall advice
    ... >> implemented the AnalogX rules on my laptop here on the road behind ... I have not heard BI bark from the moment IPsec ... > Is Blackice similar to ZoneAlarm? ... I use IPsec to supplement BI on the ...
    (comp.security.firewalls)
  • Re: I am sick of windows firewall
    ... the XP FW if you need to stop outbound packets. ... I have made my adjustments to IPsec to supplement BlackIce ... the Windows networking ports even though BI was stopping ...
    (comp.security.firewalls)