Windows Firewall

[Dale]

I think this has come up before, so let me raise it again.

For a couple of years or more I've used the free version of ZoneAlarm firewall. I have three computers at my house. Lately, it's annoyed me by what seems like constantly prompting me to update the thing. That's fine, except the updating it is essentially downloading and re-installing the whole thing. So, I think I'm going to try to just use the Windows Firewall for awhile. Does anyone have experience of using it and still having their computer breeched?

Dale

[beowulf573]

I've not heard of any specific problems, I have it turned on on all my Windows boxes. However, I always recommend buying a dedicated router/firewall to sit between your boxes and your internet connection. You can get a good one for $50 or under.

Here are two recommendations:

Linksys WRT54GL
http://www.buy.com/retail/product.asp?s ... adid=17662

This is fun because it runs Linux and folks have hacked and alternate firmware for it with better capabilities. You may not care about that though. It is highly rated for reliability.

Netgear WGR614
http://www.buy.com/retail/product.asp?s ... adid=17662

The reviews for this aren't quite as good as for the Linksys box, but it is popular and cheaper.

One thing the Windows firewall doesn't do is limit outgoing connections. Personally I've never bothered with this but some folks do to limit the effectiveness of spyware which pings home.

Finally, none of these address virus' or trojans, I've been hearing good things about <a href="http://www.avast.com/">Avast!</a>, which is free for personal use.

[fearfaoin]

That's fine, except the updating it is essentially downloading and re-installing the whole thing.

I've done this several times, and it's very quick and easy. It picks up
your old preferences. It's really quite painless. That being said, I've
used just the Windows Firewall that came with Service Pack 2 for a
year now without any problems. My Anti-Virus (AVG) has picked up
a couple trojans, but those were probably flash-related, I'm sure I
invited them in.

[ShadowBG625]

I use the Win Firewall. No complaints here...helped me fight off that Blaster worm way back when. on top of that, I also use my PCcillin firewall.

Hey, this was my 400th post

[Tony]

Someone please explain how a hardware router/firewall knows what to allow or block.

This past weekend my niece used my computer to download some 'free' wallpapers and a few trojans passed through. AdAware didn't see anything and Spyhunter couldn't remove it. Norton did the job to remove it very easily. How did it happen? I switched computers last week and didn't have updated virus protection.

[fearfaoin]

Someone please explain how a hardware router/firewall knows what to allow or block.

In many ways.
One is closing off ports that Windows leaves open. Ethernet
connections have the concept of a "port", which is a number
appended to the IP address. This is used on servers to tell which
service a client is requesting. So, if you try to go to www.yahoo.com,
your computer actually requests a page from the IP 66.94.230.49
and the port 80. But, your Windows machine is not a server, so it
really doesn't need those ports. A firewall usually closes all those
ports except the ones you need to browse, or that a program you
run specifically opens.

Another way is to ask you every time a program wants to connect
to the internet, or to your local network. This is how ZoneAlarm
works. You can set some programs, like Firefox or IE, to always
connect without asking, but for most programs ZoneAlarm will not
allow a connection until you give permission.

I'm not sure how Windows Firewall decides what to block. It
probably blocks any incoming connection that was not requested
by a program running on your machine. There are probably some
preset programs that always have access... I'll have to look at the
firewall setup when I get home.

A router essentially provides a level of obscurity to your network.
A hacker would have to get through your router before getting
access to your machine. So if the router is very secure, your
computer has another level of protection.

[Tony]

A router essentially provides a level of obscurity to your network. A hacker would have to get through your router before getting access to your machine. So if the router is very secure, your computer has another level of protection.

Gotcha... thanks

I've used Zone Alarm before and it's works nicely.
My main computer has Panda firewall which I may remove and teach Norton what to block. Right now Panda is blocking Norton... Hmmmm maybe that's a good thing! I really don't like the idea of Norton doing updates 6 or 7 times a day.

[peeplj]

I concur that a hardware firewall is, at minimum, the way to go.

I use a Netgear FR114P and have been extremely pleased with it.

There is nothing wrong with running a software firewall as well. ZoneAlarm is a good one, another is Kerio.

You should also be running a good antivirus, and on top of that an adware / malware blocker can't hurt.

The hardware firewall stops you from being targetted by hackers / crackers.

The software firewall, antivirus, and malware block are there to protect you from the results of things you do yourself; i.e. going to a webpage that tries to download something undesirable to your system, or of getting an email with an autoexec trojan attached.

The bad news is, even with all of this, you can still be hit. But you can drastically reduce your chances, and at the same time limit the damage done to your system, data, and personal information.

--James

[ICohen]

I use a hardware firewall because it's a lot harder for any malware that ends up on your computer to disable it. Like anything else that runs on a PC, software firewalls can be modified by any other software that runs on the PC. You can't go without a firewall of some sort - my firewall logs show probes from other hacked PC's connected to my ISP coming in all the time.

However, most malware comes in via email and Web browsing so you will need to protect those areas, too. Anti-virus, anti-spyware and others of that ilk only protect after the fact. In other words, they help to clean up the mess once it has been created. Microsoft have taken steps to improve Outlook and Explorer to provide some protection against malware but I have chosen to use Pegasus and Firefox which I feel have better protection.

Disclaimer: Although I have worked in IT for over 22 years and currently look after hardware firewalls for a large client, you should seek a second opinion before following any or all of my advice. AFAIK. YMMV. IANAL. FWIW.

[SteveShaw]

I think this has come up before, so let me raise it again.

For a couple of years or more I've used the free version of ZoneAlarm firewall. I have three computers at my house. Lately, it's annoyed me by what seems like constantly prompting me to update the thing. That's fine, except the updating it is essentially downloading and re-installing the whole thing. So, I think I'm going to try to just use the Windows Firewall for awhile. Does anyone have experience of using it and still having their computer breeched?

Dale

I use the free Zone Alarm with Windows XP and I don't have to download the whole thing every time, just the update (you elect to do this - you don't need to click on "clean install" or whatever it says, just the update, and it remembers all your previous settings) which I save in my documents and then run. It does take you through its tedious attempt to get you to spend money on their upgrade, but that's just a few clicks, then a reboot.

[rodfish]

I've been using just the Windows XP firewall for a couple years now with no problems.
I also use AVG Free and Ad-Aware which both seem to at least notify me if anything gets through.
All said and done however, I only use dial-up (soooo slooowww) so if I used DSL and left my computer connected most of the time, I would probably opt for a hardware firewall. FWIW.