Re: SP2 Windows Firewall good or bad ?

From: Bruce Chambers (bruce_a_chambers_at_h0tmail.com)
Date: 09/05/04 

Date: Sun, 5 Sep 2004 08:34:09 -0600

Ahmed Anis wrote:
> Is it true that the SP2 Firewall only checks incoming, but not
> outgoing? I recently uninstalled Norton Firewall and planning to
> contiue with just the built in XP SP2 firewall. Am I in greater
> danger now?
> Please help in these issues, thanx in advance!

   WinXP's built-in firewall is _adequate_ at stopping incoming
attacks, and hiding your ports from probes. What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other
than to check for IP-spoofing, much less block (or at even ask you
about) the bad or the questionable out-going signals. It assumes that
any application you have on your hard drive is there because you want
it there, and therefore has your "permission" to access the Internet.
Further, because the Windows Firewall is a "stateful" firewall, it
will also assume that any incoming traffic that's a direct response to
a Trojan's or spyware's out-going signal is also authorized.

    ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate. 

-- 
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

Relevant Pages

  • Re: Dont understand the Fax
    ... fax receiving that I asked about. ... Don...Additional info on the firewall. ... the fax console and it is a bit too confusing to me. ... Incoming fax calls to a local fax device can be answered in a number ...
    (microsoft.public.windowsxp.basics)
  • Re: Dont understand the Fax
    ... fax receiving that I asked about. ... Don...Additional info on the firewall. ... the fax console and it is a bit too confusing to me. ... Incoming fax calls to a local fax device can be answered in a number ...
    (microsoft.public.windowsxp.basics)
  • Re: Hardware router with firewall - how to configure?
    ... > 1) is the buil-in firewall enough to make my LAN safe? ... Outbound filter applies on all outbound packets. ... so on your end it appears that these are incoming. ...
    (comp.security.firewalls)
  • Re: UDP connection attempts
    ... notifications for incoming new mails to the comsat service (which by default ... Either adjust your firewall to allow such notifications (UDP packets ...
    (FreeBSD-Security)
  • Re: Incoming traffic in the Activity Monitor
    ... > I'm asking this because I've checked that, even with the OSX firewall ... > incoming traffic of about 6 to 10 KB/sec. ... I am far from an expert on network stuff like this, ... Likely it was just checking to see if my router was ...
    (comp.sys.mac.system)
Quantcast