Windows XP SP2 firewall

[MagicFingers]

If you have Windows XP and have SP2, it loads a "Windows firewall". If your system already has an AOL or Norton firewall, either the Norton or windows should be turned off.

That is, there should never be 2 firewalls running at the same time because they confict with other.

So, should you always leave the Windows firewall turned on, because it is most compatible with the SP2 updates, or should you turn it off and depend on the AOL or Norton firewalls instead?

 

[fgarvb1]

Some people run two firewalls with no problems.

I have Microsoft's firewall turned because I run ZoneAlarm Pro.

 

[crazyivan]

i would go with the norton one personally. i think it is better than the windows one. i am not sure on the aol one though. pick the one that you feel most comfortable with.

the windows one is not that great though. sp2 improves it a lot, but still not that great. zonealarm is a good one or black ice has a good one as well.

 

[VSE]

Theres no particular reason why you can't run two firewalls from a technical viewpoint. From the view of actually administering your computer, running two firewalls has the potential to cause major headaches. If you've gone out and bought a third party firewall application (having read the relevant reviews to make sure it is actually worth paying money for I hope) and have spent a bit of time figuring out how it works and what you need to do to with it, then personally I'd disable the XP firewall.

For general home use, the XP firewall offers a reasonable level of protection but is far from bulletproof. Its primary function (like many other firewalls) is to "hide" your computer on the internet rather than protect or monitor the outgoing traffic from applications installed on it.

If you want to get some more detailed information on just how protected your computer is from common "hack" attempts at the moment, with plain english explanations of what it is trying to do and why it is important, you could do a lot worse than to check out: http://www.grc.com/x/ne.dll?rh1dkyd2
(the Windows XP firewall will pass these tests)

zonealarm is a good one or black ice has a good one as well.

The free version of Zonealarm is fine for standalone PC's once you understand what it is doing and how it works, but it's caused me major headaches on a networked PC. Black Ice has had a dodgy reputation in the past for being one of the worst and most expensive firewalls you can get, whether this has changed since I have no idea.

 

[MagicFingers]

Thanks for the good information guys

Here's what I saw, and why I asked:
I saw one computer where the old guy had AOL firewall and Windows firewall both. He could not get "Internet Backgammon" to run, which is an included game in XP-PRO. Turning off the Windows firewall let it run.

Another computer had Norton and Windows firewalls. With the Norton firewall turned on, he could not load Ad-Aware, nor get updates for it. I suppose it could have been tweaked to allow those downloads to happen, but the guy didn't know how to do that.

These are home users with cable or DSL internet connections.
I know Windows is probably not the best firewall, but when I see SP2 loading hundreds of new files and drivers, it makes me wonder if those others will work as well as the Windows for protecting the normal home computer.
At least the Windows firewall will be compatable.

Thanks again.

 

[MagicFingers]

What tests?

Theres no particular reason why you can't run two firewalls from a technical viewpoint. From the view of actually administering your computer, running two firewalls has the potential to cause major headaches. If you've gone out and bought a third party firewall application (having read the relevant reviews to make sure it is actually worth paying money for I hope) and have spent a bit of time figuring out how it works and what you need to do to with it, then personally I'd disable the XP firewall.

For general home use, the XP firewall offers a reasonable level of protection but is far from bulletproof. Its primary function (like many other firewalls) is to "hide" your computer on the internet rather than protect or monitor the outgoing traffic from applications installed on it.

If you want to get some more detailed information on just how protected your computer is from common "hack" attempts at the moment, with plain english explanations of what it is trying to do and why it is important, you could do a lot worse than to check out: http://www.grc.com/x/ne.dll?rh1dkyd2
(the Windows XP firewall will pass these tests)

What tests will it pass? Why do they disable my refresh when no one else has to do that? This site seems like one big commercial. Which part should I look at to learn something?

 

[Ljbonobo]

The best firewall I've come across hands down is in the linksys router. If it didn't request the packet, its not getting thru, a very nice system. However you asked about software firewalls. The best software firewall in the world won't do you any good nor be compatible with anything if you don't learn to use it, just like any other software. The two scenarios you mentioned both sound like users who did not know how to use their firewall. A crappy firewall but used correctly is going to protect you better than the best one money can buy that isn't set up correctly

I personally don't like the windows firewall. Why? Because it is windows and if it was made my Bill Gates it has that many more people trying to learn its security flaws. That's the same reason why I don't run Outlook or outlook express, I don't have to worry about half the viruses out there b/c they are only wrote for those programs.

I know nothing about the AOL firewall.

Norton, damn good company imho. I have not used their firewall all that much but it appears about as userfriendly as their antivirus. The few times I used it it appeared very similar to Zonealarm in the fact that it asked you each and every time a program asked to use the internet, and gave the options to allow or disallow and for just this once or always.

As far as that site....it was confusing a better link to exactly where he wanted us to look would help.

 

[VSE]

The site is essentially one big advert, but contains a test called shields up which attempts benign probes of most of the common exploits used.

Lets try a different link: http://www.grc.com/default.htm and follow the shields up link.

With regards to the other points, as I mentioned previously, the XP firewall is adequate rather than outstanding. It is designed to prevent casual attempts to locate and compromise your PC by blocking Unsolicited (ie network traffic that isn't in response to a request made by the PC) network traffic coming into the PC.

From a compatability point of view, the XP firewall should be no better than any other. What it is actually doing is completely unrelated to the OS that it is sat on top of.

If you want some more detailed analysis about how the XP firewall operates and hence whether it provides an adequate level of protection for your computer, heres a few links:

http://www.unixwiz.net/techtips/xp-sp2.html
http://www.depts.ttu.edu/helpcentral/general/WindowsXP_SP2/SP2_Firewall.php

The two scenarios you mentioned both sound like users who did not know how to use their firewall. A crappy firewall but used correctly is going to protect you better than the best one money can buy that isn't set up correctly

I second that.