what firewalls to use?

TheMSsForum.com: The Microsoft Software Forum

i am trying to read and research the best way to setup the firewalls you need
for your computer. Do certain firewalls conflict with each other where its
better to run one than the other. In my house we use a d-Link router, now
can than be considered a hardware firewall. On my computer I run Windows Xp
home edition with the service pack 2. that has the security center and
firewall does this replace the internet connection firewall. Is the serivce
pack sufficent enough and give you the best protection. I also have on my
computer Norton System works 2005 premier si there anything on there that
will conflict with the firewalls where I should disable one thing and enable
another. I would like it so the protection from things getting into my
computer is ias ggod as things on my computer being able to leak out for
people to see them. i am just trying to learn the best possible way to
protect everything if that is possible. I hope you can help me with some
knwledge

thanks
jake
Top

Re: what firewalls to use? by Modem

Modem
Tue Mar 15 15:45:42 CST 2005

The topic of firewalls is vast and far beyond the capacity of a newsgroup to
explain. You would do well to do your research on the web. To start you off,
here are some basic answers to your questions:

1. Windows Firewall, installed as part of SP 2, replaces the Internet
Connection Firewall that was included in the original release of Windows XP.

2. The difference between Windows Firewall and a third-party firewall is
that a third party firewall can alert you when an application installed on
your computer - including spyware, for example - is attempting to access the
internet. Windows Firewall doesn't perform that function.

3. The typical router designed for home or small network use can perform
some of the functions of a hardware firewall, depending on what features it
has and how those features are set up.

4. You should never run more than one software firewall at a time. However,
it's OK to run a hardware firewall and a software firewall at the same time.

5. Whether or not Norton SystemWorks conflicts with the security features of
Windows XP is a question for Symantec technical support, if you want an
authoritative answer. Since this newsgroup was setup to handle questions
about Windows XP, you are less likely to find someone here who knows about
another company's software.

Bravo to you on your interest in firewalls and internet security. If more
people took such an interest, the internet would be a safer place.

Modem Ani

"jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
> i am trying to read and research the best way to setup the firewalls you
need
> for your computer. Do certain firewalls conflict with each other where
its
> better to run one than the other. In my house we use a d-Link router, now
> can than be considered a hardware firewall. On my computer I run Windows
Xp
> home edition with the service pack 2. that has the security center and
> firewall does this replace the internet connection firewall. Is the
serivce
> pack sufficent enough and give you the best protection. I also have on my
> computer Norton System works 2005 premier si there anything on there that
> will conflict with the firewalls where I should disable one thing and
enable
> another. I would like it so the protection from things getting into my
> computer is ias ggod as things on my computer being able to leak out for
> people to see them. i am just trying to learn the best possible way to
> protect everything if that is possible. I hope you can help me with some
> knwledge
>
> thanks
> jake


Top

Re: what firewalls to use? by Matt

Matt
Tue Mar 15 15:54:41 CST 2005

Actually, the SP2 firewall DOES do outbound filtering.

Matt Gibson - GSEC

"Modem Ani" <notquinoas@notmyrealbox.com> wrote in message
news:efHjkgaKFHA.576@TK2MSFTNGP15.phx.gbl...
> The topic of firewalls is vast and far beyond the capacity of a newsgroup
> to
> explain. You would do well to do your research on the web. To start you
> off,
> here are some basic answers to your questions:
>
> 1. Windows Firewall, installed as part of SP 2, replaces the Internet
> Connection Firewall that was included in the original release of Windows
> XP.
>
> 2. The difference between Windows Firewall and a third-party firewall is
> that a third party firewall can alert you when an application installed on
> your computer - including spyware, for example - is attempting to access
> the
> internet. Windows Firewall doesn't perform that function.
>
> 3. The typical router designed for home or small network use can perform
> some of the functions of a hardware firewall, depending on what features
> it
> has and how those features are set up.
>
> 4. You should never run more than one software firewall at a time.
> However,
> it's OK to run a hardware firewall and a software firewall at the same
> time.
>
> 5. Whether or not Norton SystemWorks conflicts with the security features
> of
> Windows XP is a question for Symantec technical support, if you want an
> authoritative answer. Since this newsgroup was setup to handle questions
> about Windows XP, you are less likely to find someone here who knows about
> another company's software.
>
> Bravo to you on your interest in firewalls and internet security. If more
> people took such an interest, the internet would be a safer place.
>
> Modem Ani
>
> "jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
> news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
>> i am trying to read and research the best way to setup the firewalls you
> need
>> for your computer. Do certain firewalls conflict with each other where
> its
>> better to run one than the other. In my house we use a d-Link router,
>> now
>> can than be considered a hardware firewall. On my computer I run Windows
> Xp
>> home edition with the service pack 2. that has the security center and
>> firewall does this replace the internet connection firewall. Is the
> serivce
>> pack sufficent enough and give you the best protection. I also have on
>> my
>> computer Norton System works 2005 premier si there anything on there that
>> will conflict with the firewalls where I should disable one thing and
> enable
>> another. I would like it so the protection from things getting into my
>> computer is ias ggod as things on my computer being able to leak out for
>> people to see them. i am just trying to learn the best possible way to
>> protect everything if that is possible. I hope you can help me with some
>> knwledge
>>
>> thanks
>> jake
>
>


Top

Re: what firewalls to use? by Tom

Tom
Tue Mar 15 17:35:12 CST 2005

No, it does not, as has been discussed in this newsgroup many times. If you
think it does, please post a link to a legitimate source that cites that
information.

Tom
"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:%23Qs4YmaKFHA.436@TK2MSFTNGP09.phx.gbl...
| Actually, the SP2 firewall DOES do outbound filtering.
|
| Matt Gibson - GSEC
|
| "Modem Ani" <notquinoas@notmyrealbox.com> wrote in message
| news:efHjkgaKFHA.576@TK2MSFTNGP15.phx.gbl...
| > The topic of firewalls is vast and far beyond the capacity of a
newsgroup
| > to
| > explain. You would do well to do your research on the web. To start you
| > off,
| > here are some basic answers to your questions:
| >
| > 1. Windows Firewall, installed as part of SP 2, replaces the Internet
| > Connection Firewall that was included in the original release of Windows
| > XP.
| >
| > 2. The difference between Windows Firewall and a third-party firewall is
| > that a third party firewall can alert you when an application installed
on
| > your computer - including spyware, for example - is attempting to access
| > the
| > internet. Windows Firewall doesn't perform that function.
| >
| > 3. The typical router designed for home or small network use can perform
| > some of the functions of a hardware firewall, depending on what features
| > it
| > has and how those features are set up.
| >
| > 4. You should never run more than one software firewall at a time.
| > However,
| > it's OK to run a hardware firewall and a software firewall at the same
| > time.
| >
| > 5. Whether or not Norton SystemWorks conflicts with the security
features
| > of
| > Windows XP is a question for Symantec technical support, if you want an
| > authoritative answer. Since this newsgroup was setup to handle questions
| > about Windows XP, you are less likely to find someone here who knows
about
| > another company's software.
| >
| > Bravo to you on your interest in firewalls and internet security. If
more
| > people took such an interest, the internet would be a safer place.
| >
| > Modem Ani
| >
| > "jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
| > news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
| >> i am trying to read and research the best way to setup the firewalls
you
| > need
| >> for your computer. Do certain firewalls conflict with each other where
| > its
| >> better to run one than the other. In my house we use a d-Link router,
| >> now
| >> can than be considered a hardware firewall. On my computer I run
Windows
| > Xp
| >> home edition with the service pack 2. that has the security center and
| >> firewall does this replace the internet connection firewall. Is the
| > serivce
| >> pack sufficent enough and give you the best protection. I also have on
| >> my
| >> computer Norton System works 2005 premier si there anything on there
that
| >> will conflict with the firewalls where I should disable one thing and
| > enable
| >> another. I would like it so the protection from things getting into my
| >> computer is ias ggod as things on my computer being able to leak out
for
| >> people to see them. i am just trying to learn the best possible way to
| >> protect everything if that is possible. I hope you can help me with
some
| >> knwledge
| >>
| >> thanks
| >> jake
| >
| >
|
|


Top

Re: what firewalls to use? by Matt

Matt
Tue Mar 15 18:04:01 CST 2005

Gah.

You're right. I sit corrected.

I personally never use the XP Firewall, but the last workstation that I was
working on had Nav 2005 Internet Security on. I completly forgot about it
being installed, and was suprised that it was asking about outbound
programs.

My apologies. I hate other people spreading misinformation, and I've just
done it myself.

I'll go sit in the corner now.

Matt Gibson - GSEC


"Tom Pepper Willett" <tompepper@mvps.org> wrote in message
news:eMbIcfbKFHA.1528@TK2MSFTNGP09.phx.gbl...
> No, it does not, as has been discussed in this newsgroup many times. If
> you
> think it does, please post a link to a legitimate source that cites that
> information.
>
> Tom
> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> news:%23Qs4YmaKFHA.436@TK2MSFTNGP09.phx.gbl...
> | Actually, the SP2 firewall DOES do outbound filtering.
> |
> | Matt Gibson - GSEC
> |
> | "Modem Ani" <notquinoas@notmyrealbox.com> wrote in message
> | news:efHjkgaKFHA.576@TK2MSFTNGP15.phx.gbl...
> | > The topic of firewalls is vast and far beyond the capacity of a
> newsgroup
> | > to
> | > explain. You would do well to do your research on the web. To start
> you
> | > off,
> | > here are some basic answers to your questions:
> | >
> | > 1. Windows Firewall, installed as part of SP 2, replaces the Internet
> | > Connection Firewall that was included in the original release of
> Windows
> | > XP.
> | >
> | > 2. The difference between Windows Firewall and a third-party firewall
> is
> | > that a third party firewall can alert you when an application
> installed
> on
> | > your computer - including spyware, for example - is attempting to
> access
> | > the
> | > internet. Windows Firewall doesn't perform that function.
> | >
> | > 3. The typical router designed for home or small network use can
> perform
> | > some of the functions of a hardware firewall, depending on what
> features
> | > it
> | > has and how those features are set up.
> | >
> | > 4. You should never run more than one software firewall at a time.
> | > However,
> | > it's OK to run a hardware firewall and a software firewall at the same
> | > time.
> | >
> | > 5. Whether or not Norton SystemWorks conflicts with the security
> features
> | > of
> | > Windows XP is a question for Symantec technical support, if you want
> an
> | > authoritative answer. Since this newsgroup was setup to handle
> questions
> | > about Windows XP, you are less likely to find someone here who knows
> about
> | > another company's software.
> | >
> | > Bravo to you on your interest in firewalls and internet security. If
> more
> | > people took such an interest, the internet would be a safer place.
> | >
> | > Modem Ani
> | >
> | > "jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
> | > news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
> | >> i am trying to read and research the best way to setup the firewalls
> you
> | > need
> | >> for your computer. Do certain firewalls conflict with each other
> where
> | > its
> | >> better to run one than the other. In my house we use a d-Link
> router,
> | >> now
> | >> can than be considered a hardware firewall. On my computer I run
> Windows
> | > Xp
> | >> home edition with the service pack 2. that has the security center
> and
> | >> firewall does this replace the internet connection firewall. Is the
> | > serivce
> | >> pack sufficent enough and give you the best protection. I also have
> on
> | >> my
> | >> computer Norton System works 2005 premier si there anything on there
> that
> | >> will conflict with the firewalls where I should disable one thing
> and
> | > enable
> | >> another. I would like it so the protection from things getting into
> my
> | >> computer is ias ggod as things on my computer being able to leak out
> for
> | >> people to see them. i am just trying to learn the best possible way
> to
> | >> protect everything if that is possible. I hope you can help me with
> some
> | >> knwledge
> | >>
> | >> thanks
> | >> jake
> | >
> | >
> |
> |
>
>


Top

Re: what firewalls to use? by Tom

Tom
Tue Mar 15 18:09:42 CST 2005

;-)

Tom

"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:%23k13pubKFHA.2136@TK2MSFTNGP14.phx.gbl...
| Gah.
|
| You're right. I sit corrected.
|
| I personally never use the XP Firewall, but the last workstation that I
was
| working on had Nav 2005 Internet Security on. I completly forgot about it
| being installed, and was suprised that it was asking about outbound
| programs.
|
| My apologies. I hate other people spreading misinformation, and I've just
| done it myself.
|
| I'll go sit in the corner now.
|
| Matt Gibson - GSEC
|
|
| "Tom Pepper Willett" <tompepper@mvps.org> wrote in message
| news:eMbIcfbKFHA.1528@TK2MSFTNGP09.phx.gbl...
| > No, it does not, as has been discussed in this newsgroup many times. If
| > you
| > think it does, please post a link to a legitimate source that cites that
| > information.
| >
| > Tom
| > "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
| > news:%23Qs4YmaKFHA.436@TK2MSFTNGP09.phx.gbl...
| > | Actually, the SP2 firewall DOES do outbound filtering.
| > |
| > | Matt Gibson - GSEC
| > |
| > | "Modem Ani" <notquinoas@notmyrealbox.com> wrote in message
| > | news:efHjkgaKFHA.576@TK2MSFTNGP15.phx.gbl...
| > | > The topic of firewalls is vast and far beyond the capacity of a
| > newsgroup
| > | > to
| > | > explain. You would do well to do your research on the web. To start
| > you
| > | > off,
| > | > here are some basic answers to your questions:
| > | >
| > | > 1. Windows Firewall, installed as part of SP 2, replaces the
Internet
| > | > Connection Firewall that was included in the original release of
| > Windows
| > | > XP.
| > | >
| > | > 2. The difference between Windows Firewall and a third-party
firewall
| > is
| > | > that a third party firewall can alert you when an application
| > installed
| > on
| > | > your computer - including spyware, for example - is attempting to
| > access
| > | > the
| > | > internet. Windows Firewall doesn't perform that function.
| > | >
| > | > 3. The typical router designed for home or small network use can
| > perform
| > | > some of the functions of a hardware firewall, depending on what
| > features
| > | > it
| > | > has and how those features are set up.
| > | >
| > | > 4. You should never run more than one software firewall at a time.
| > | > However,
| > | > it's OK to run a hardware firewall and a software firewall at the
same
| > | > time.
| > | >
| > | > 5. Whether or not Norton SystemWorks conflicts with the security
| > features
| > | > of
| > | > Windows XP is a question for Symantec technical support, if you want
| > an
| > | > authoritative answer. Since this newsgroup was setup to handle
| > questions
| > | > about Windows XP, you are less likely to find someone here who knows
| > about
| > | > another company's software.
| > | >
| > | > Bravo to you on your interest in firewalls and internet security. If
| > more
| > | > people took such an interest, the internet would be a safer place.
| > | >
| > | > Modem Ani
| > | >
| > | > "jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
| > | > news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
| > | >> i am trying to read and research the best way to setup the
firewalls
| > you
| > | > need
| > | >> for your computer. Do certain firewalls conflict with each other
| > where
| > | > its
| > | >> better to run one than the other. In my house we use a d-Link
| > router,
| > | >> now
| > | >> can than be considered a hardware firewall. On my computer I run
| > Windows
| > | > Xp
| > | >> home edition with the service pack 2. that has the security center
| > and
| > | >> firewall does this replace the internet connection firewall. Is
the
| > | > serivce
| > | >> pack sufficent enough and give you the best protection. I also
have
| > on
| > | >> my
| > | >> computer Norton System works 2005 premier si there anything on
there
| > that
| > | >> will conflict with the firewalls where I should disable one thing
| > and
| > | > enable
| > | >> another. I would like it so the protection from things getting
into
| > my
| > | >> computer is ias ggod as things on my computer being able to leak
out
| > for
| > | >> people to see them. i am just trying to learn the best possible
way
| > to
| > | >> protect everything if that is possible. I hope you can help me
with
| > some
| > | >> knwledge
| > | >>
| > | >> thanks
| > | >> jake
| > | >
| > | >
| > |
| > |
| >
| >
|
|


Top

Re: what firewalls to use? by Stefan

Stefan
Wed Mar 16 00:22:38 CST 2005

"Matt Gibson" <mattg@blueedgetech.ca> wrote:

Top posting is nasty [not repaired this time]!

> Actually, the SP2 firewall DOES do outbound filtering.

NOPE, the Windows "firewall" a.k.a. ICF does inbound filtering only.
It but asks whether to allow inbound access when you start an
application that opens IP ports for listening and reconfigures itself
when acknowledged.

BTW: all those personal^Wpseudo firewall that claim to "control" outbound
access are snake oil, COMPLETELY. While they MAY detect outbound connection
attempts of applications no single one detects programs tunneling via
Internet Explorer for example. The german Chaos Computer Club conducted a
simple test where all of them failed miserably.

And: what should outbound control be good for?
If I don't want a program to connect to the Internet I don't start it (or
don't install it) in first place!

Since most of these firewalls implant themselves into the IP stack and add
code they make it more susceptible against attacks: Witty was successful
BECAUSE a firewall was in place and had an error that the IP stack had not!
Some of these toys will even perform a self DOS: "attack" them with packets
from the DNS servers and they'll start blocking DNS replies.

So if you want to harden and protect your system: identify ALL the
services and applications you don't need and turn them of or better
remove them. Then configure the remaining ones thoroughly.

nuff said
Stefan

> Matt Gibson - GSEC
>
> "Modem Ani" <notquinoas@notmyrealbox.com> wrote in message
> news:efHjkgaKFHA.576@TK2MSFTNGP15.phx.gbl...
> > The topic of firewalls is vast and far beyond the capacity of a newsgroup
> > to
> > explain. You would do well to do your research on the web. To start you
> > off,
> > here are some basic answers to your questions:
> >
> > 1. Windows Firewall, installed as part of SP 2, replaces the Internet
> > Connection Firewall that was included in the original release of Windows
> > XP.
> >
> > 2. The difference between Windows Firewall and a third-party firewall is
> > that a third party firewall can alert you when an application installed on
> > your computer - including spyware, for example - is attempting to access
> > the
> > internet. Windows Firewall doesn't perform that function.
> >
> > 3. The typical router designed for home or small network use can perform
> > some of the functions of a hardware firewall, depending on what features
> > it
> > has and how those features are set up.
> >
> > 4. You should never run more than one software firewall at a time.
> > However,
> > it's OK to run a hardware firewall and a software firewall at the same
> > time.
> >
> > 5. Whether or not Norton SystemWorks conflicts with the security features
> > of
> > Windows XP is a question for Symantec technical support, if you want an
> > authoritative answer. Since this newsgroup was setup to handle questions
> > about Windows XP, you are less likely to find someone here who knows about
> > another company's software.
> >
> > Bravo to you on your interest in firewalls and internet security. If more
> > people took such an interest, the internet would be a safer place.
> >
> > Modem Ani
> >
> > "jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
> > news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
> >> i am trying to read and research the best way to setup the firewalls you
> > need
> >> for your computer. Do certain firewalls conflict with each other where
> > its
> >> better to run one than the other. In my house we use a d-Link router,
> >> now
> >> can than be considered a hardware firewall. On my computer I run Windows
> > Xp
> >> home edition with the service pack 2. that has the security center and
> >> firewall does this replace the internet connection firewall. Is the
> > serivce
> >> pack sufficent enough and give you the best protection. I also have on
> >> my
> >> computer Norton System works 2005 premier si there anything on there that
> >> will conflict with the firewalls where I should disable one thing and
> > enable
> >> another. I would like it so the protection from things getting into my
> >> computer is ias ggod as things on my computer being able to leak out for
> >> people to see them. i am just trying to learn the best possible way to
> >> protect everything if that is possible. I hope you can help me with some
> >> knwledge
> >>
> >> thanks
> >> jake
> >
> >
>
>


Top

Re: what firewalls to use? by Galen

Galen
Wed Mar 16 03:37:10 CST 2005

In news:ewhMuybKFHA.132@TK2MSFTNGP10.phx.gbl,
Tom Pepper Willett <tompepper@mvps.org> had this to say:

My reply is at the bottom of your sent message:

> ;-)

I've always been willing to throw in a monkey wrench. The post (a couple up
from this one) requested a legit source... I had to think of one that I
thought we all might agree was legit.

http://www.pcworld.com/news/article/0,aid,114593,00.asp

Or, from the site:

"In addition, the new Windows Firewall is more powerful than the previous
version, with both inbound and outbound scanning capabilities similar to
those of third-party firewalls such as ZoneAlarm. For example, the first
time an application wants to access the Internet, Windows Firewall pops up a
dialog box in which you can configure the firewall to grant such access."

I don't want Matt in the corner :)

However! To be more exact!

From here:

http://www.microsoft.com/technet/prodtechnol/winxppro/plan/icf.mspx

Q: Does ICF do outbound packet inspection?

A: Other than checking the source IP address, ICF does not do any outbound
packet inspection.

So, in the real world? Yes, it does do outbound packet inspection
technically but in such a limited way that it's not worth claiming that it
does so. I say grab a copy of Outpost and make sure to configure it properly
or get a decent hardware firewall if you're really intent on protection.

Galen
--
Signature changed for a moment of silence.
Rest well Alex and we'll see you on the other side.


Top

Re: what firewalls to use? by Modem

Modem
Wed Mar 16 08:21:01 CST 2005

PC World used to be authoratative source for hard information about
computing. Alas, it has not been that way for several years.

Modem Ani

"Galen" <galennews@gmail.com> wrote in message
news:%23mJO9ugKFHA.2136@TK2MSFTNGP14.phx.gbl...
> In news:ewhMuybKFHA.132@TK2MSFTNGP10.phx.gbl,
> Tom Pepper Willett <tompepper@mvps.org> had this to say:
>
> My reply is at the bottom of your sent message:
>
> > ;-)
>
> I've always been willing to throw in a monkey wrench. The post (a couple
up
> from this one) requested a legit source... I had to think of one that I
> thought we all might agree was legit.
>
> http://www.pcworld.com/news/article/0,aid,114593,00.asp
>
> Or, from the site:
>
> "In addition, the new Windows Firewall is more powerful than the previous
> version, with both inbound and outbound scanning capabilities similar to
> those of third-party firewalls such as ZoneAlarm. For example, the first
> time an application wants to access the Internet, Windows Firewall pops up
a
> dialog box in which you can configure the firewall to grant such access."
>
> I don't want Matt in the corner :)
>
> However! To be more exact!
>
> From here:
>
> http://www.microsoft.com/technet/prodtechnol/winxppro/plan/icf.mspx
>
> Q: Does ICF do outbound packet inspection?
>
> A: Other than checking the source IP address, ICF does not do any outbound
> packet inspection.
>
> So, in the real world? Yes, it does do outbound packet inspection
> technically but in such a limited way that it's not worth claiming that it
> does so. I say grab a copy of Outpost and make sure to configure it
properly
> or get a decent hardware firewall if you're really intent on protection.
>
> Galen
> --
> Signature changed for a moment of silence.
> Rest well Alex and we'll see you on the other side.
>
>


Top

Re: what firewalls to use? by Pete

Pete
Wed Mar 16 09:08:57 CST 2005


"Stefan Kanthak" <postmaster@1.0.0.127.in-addr.arpa> wrote in message
news:%23QlG%23EfKFHA.2604@TK2MSFTNGP10.phx.gbl...
> "Matt Gibson" <mattg@blueedgetech.ca> wrote:
>
> Top posting is nasty [not repaired this time]!

Agreed, but don't even start that one again.

>
> > Actually, the SP2 firewall DOES do outbound filtering.
>
> NOPE, the Windows "firewall" a.k.a. ICF does inbound filtering only.
> It but asks whether to allow inbound access when you start an
> application that opens IP ports for listening and reconfigures itself
> when acknowledged.
>
> BTW: all those personal^Wpseudo firewall that claim to "control" outbound
> access are snake oil, COMPLETELY. While they MAY detect outbound
connection
> attempts of applications no single one detects programs tunneling via
> Internet Explorer for example. The german Chaos Computer Club conducted a
> simple test where all of them failed miserably.

Ok, I'll bite. Any pointers to the CCC's test results?

Or should we just take your word for it? ;-)


--
Pete



Top

Re: what firewalls to use? by Steven

Steven
Wed Mar 16 20:56:05 CST 2005

Since you already have a NAT router you have a great degree of protection
from uninitiated inbound traffic. A host/software firewall would be optional
depending on your needs. If you want to protect your computer from other
computers on YOUR local network then the Windows firewall is fine. If you
want to restrict which applications can access the internet from your
computer then use a firewall such as Zone Alarm/Sygate/Norton. This can be
particularly useful if you have multiple users that use the computer and you
want to restrict what they can access on the internet by application. I
personally don't use personal/host firewalls on my home network and rely on
my firewall device to protect my network BUT I make sure that I use an up to
date anti virus that also scans all emails, I keep my computers current with
critical security updates at Windows Updates, do not change IE security
settings to be less that default levels for XP Pro SP2, and use complex
passwords for my user accounts. Whatever you decide do not run more than one
personal/host firewall at a time on your computer. It is also a good idea to
not logon to your computer as an administrator for normal activities such as
browsing the internet. --- Steve



"jfreddie" <jfreddie@discussions.microsoft.com> wrote in message
news:F39BE86F-7170-4522-8190-48D472C5AA34@microsoft.com...
>i am trying to read and research the best way to setup the firewalls you
>need
> for your computer. Do certain firewalls conflict with each other where
> its
> better to run one than the other. In my house we use a d-Link router, now
> can than be considered a hardware firewall. On my computer I run Windows
> Xp
> home edition with the service pack 2. that has the security center and
> firewall does this replace the internet connection firewall. Is the
> serivce
> pack sufficent enough and give you the best protection. I also have on my
> computer Norton System works 2005 premier si there anything on there that
> will conflict with the firewalls where I should disable one thing and
> enable
> another. I would like it so the protection from things getting into my
> computer is ias ggod as things on my computer being able to leak out for
> people to see them. i am just trying to learn the best possible way to
> protect everything if that is possible. I hope you can help me with some
> knwledge
>
> thanks
> jake


Top

Re: what firewalls to use? by Bigbruva

Bigbruva
Thu Mar 17 14:26:58 CST 2005

I think Stefan is quoting from a lecture given at the German University of
Ulm on Dec 13th last year:

http://www.ulm.ccc.de/chaos-seminar/personal-firewalls/

This report is only available in German but basically the lecture
demonstrated that a number of common personal firewalls
(Symantec's Norton Personal Firewall 2005, Tiny, Kerio, Outpost und Zone
Alarm) could be tricked into running a
remote shell session (Norton and Keio where the only 2 demo'd).

It is important to understand this is a proof of concept that is not in wide
circulation at this time.
Also it does not look as though the Windows Firewall included in SP2 was
subject to this test.

Finally, just for the record, "ICF" is the firewall that shipped with
Windows XP and "Windows Firewall" is the version that came in SP2.
They are NOT the same thing and should not be confused as the feature set of
the later is greatly improved over ICF (which was, to be polite, poor ;-)

HTH

BB


"Pete" <Pete@pete> wrote in message
news:eF9CanjKFHA.3832@TK2MSFTNGP12.phx.gbl...
>
> "Stefan Kanthak" <postmaster@1.0.0.127.in-addr.arpa> wrote in message
> news:%23QlG%23EfKFHA.2604@TK2MSFTNGP10.phx.gbl...
>> "Matt Gibson" <mattg@blueedgetech.ca> wrote:
>>
>> Top posting is nasty [not repaired this time]!
>
> Agreed, but don't even start that one again.
>
>>
>> > Actually, the SP2 firewall DOES do outbound filtering.
>>
>> NOPE, the Windows "firewall" a.k.a. ICF does inbound filtering only.
>> It but asks whether to allow inbound access when you start an
>> application that opens IP ports for listening and reconfigures itself
>> when acknowledged.
>>
>> BTW: all those personal^Wpseudo firewall that claim to "control" outbound
>> access are snake oil, COMPLETELY. While they MAY detect outbound
> connection
>> attempts of applications no single one detects programs tunneling via
>> Internet Explorer for example. The german Chaos Computer Club conducted a
>> simple test where all of them failed miserably.
>
> Ok, I'll bite. Any pointers to the CCC's test results?
>
> Or should we just take your word for it? ;-)
>
>
> --
> Pete
>
>
>


Top