Re: Is additional firewall necessary?

Juergen Nieveler wrote:
Super Lemon <fruit@xxxxxxxxxxxxxx> wrote:

Xp fw only protects you from incoming packets.

Just like any other software packet filter running on the same machine.

If the malware is active on your machine, it can deactivate any
"Desktop Firewall".

Sorry, all this "outgoing traffic checking with desktop firewalls is
useless or detrimental" is *plain bullshit*.

Yes, a *well written* malware already installed on the PC *COULD*
deactivate any desktop firewall, but by not using such a firewall you
open the door even to *simpler malware written by kids* ...

That objection excepted against desktop firewalls applies exactly to
antivirus software, too.
The "strange" thing is that nobody goes around blabbing about
"antivirus software is useless"! :-D

Admitting that a well-written malicious application could circumvent
security software is no excuse for taking any care at all (yes, there
is the additional "false sense of security" bullshit, when the
expression is inappropriately used ...).

Moreover, using a (real) desktop firewall allows you to be alerted when
not-malware applications try to connect with outside, letting you the
option to deny this (you can think at many circumstances for it, some
legitimate, some much less but ...).

My advice: turn off the much-limited Windows XP SP2 firewall and
install a good desktop firewall.
ZoneAlarm is quite easy to configure and use and in recent releases I
haven't found any incompatibility with any other software nor any
detectable loss in performances.
Maybe other desktop firewalls, like Kerio or Sygate, could be as much
as good or even better.