Windows Firewall
- Dale
- The Landlord
- Posts: 10293
- Joined: Wed May 16, 2001 6:00 pm
- Please enter the next number in sequence: 1
- Location: Chiff & Fipple's LearJet: DaleForce One
- Contact:
Windows Firewall
I think this has come up before, so let me raise it again.
For a couple of years or more I've used the free version of ZoneAlarm firewall. I have three computers at my house. Lately, it's annoyed me by what seems like constantly prompting me to update the thing. That's fine, except the updating it is essentially downloading and re-installing the whole thing. So, I think I'm going to try to just use the Windows Firewall for awhile. Does anyone have experience of using it and still having their computer breeched?
Dale
For a couple of years or more I've used the free version of ZoneAlarm firewall. I have three computers at my house. Lately, it's annoyed me by what seems like constantly prompting me to update the thing. That's fine, except the updating it is essentially downloading and re-installing the whole thing. So, I think I'm going to try to just use the Windows Firewall for awhile. Does anyone have experience of using it and still having their computer breeched?
Dale
- beowulf573
- Posts: 1084
- Joined: Mon Jan 07, 2002 6:00 pm
- Please enter the next number in sequence: 1
- Location: Houston, TX
- Contact:
I've not heard of any specific problems, I have it turned on on all my Windows boxes. However, I always recommend buying a dedicated router/firewall to sit between your boxes and your internet connection. You can get a good one for $50 or under.
Here are two recommendations:
Linksys WRT54GL
http://www.buy.com/retail/product.asp?s ... adid=17662
This is fun because it runs Linux and folks have hacked and alternate firmware for it with better capabilities. You may not care about that though. It is highly rated for reliability.
Netgear WGR614
http://www.buy.com/retail/product.asp?s ... adid=17662
The reviews for this aren't quite as good as for the Linksys box, but it is popular and cheaper.
One thing the Windows firewall doesn't do is limit outgoing connections. Personally I've never bothered with this but some folks do to limit the effectiveness of spyware which pings home.
Finally, none of these address virus' or trojans, I've been hearing good things about <a href="http://www.avast.com/">Avast!</a>, which is free for personal use.
Here are two recommendations:
Linksys WRT54GL
http://www.buy.com/retail/product.asp?s ... adid=17662
This is fun because it runs Linux and folks have hacked and alternate firmware for it with better capabilities. You may not care about that though. It is highly rated for reliability.
Netgear WGR614
http://www.buy.com/retail/product.asp?s ... adid=17662
The reviews for this aren't quite as good as for the Linksys box, but it is popular and cheaper.
One thing the Windows firewall doesn't do is limit outgoing connections. Personally I've never bothered with this but some folks do to limit the effectiveness of spyware which pings home.
Finally, none of these address virus' or trojans, I've been hearing good things about <a href="http://www.avast.com/">Avast!</a>, which is free for personal use.
Eddie
Outside of a dog, a book is a man's best friend. Inside of a dog, it's too dark to read. -Groucho Marx
Outside of a dog, a book is a man's best friend. Inside of a dog, it's too dark to read. -Groucho Marx
Re: Windows Firewall
I've done this several times, and it's very quick and easy. It picks upDale wrote:That's fine, except the updating it is essentially downloading and re-installing the whole thing.
your old preferences. It's really quite painless. That being said, I've
used just the Windows Firewall that came with Service Pack 2 for a
year now without any problems. My Anti-Virus (AVG) has picked up
a couple trojans, but those were probably flash-related, I'm sure I
invited them in.
-
- Posts: 467
- Joined: Tue Jul 19, 2005 6:52 am
- antispam: No
- Please enter the next number in sequence: 8
- Tell us something.: I've been a member of the forum for several years. Just poking my head to catch up on all the latest happenings, as well as checking out the FS/WTB page.
- Location: Florida
-
- Posts: 5146
- Joined: Wed Aug 08, 2001 6:00 pm
- antispam: No
- Please enter the next number in sequence: 8
- Tell us something.: I used to play pipes about 20 years ago and suddenly abducted by aliens.
Not sure why... but it's 2022 and I'm mysteriously baack... - Location: Surlyville
Someone please explain how a hardware router/firewall knows what to allow or block.
This past weekend my niece used my computer to download some 'free' wallpapers and a few trojans passed through. AdAware didn't see anything and Spyhunter couldn't remove it. Norton did the job to remove it very easily. How did it happen? I switched computers last week and didn't have updated virus protection.
This past weekend my niece used my computer to download some 'free' wallpapers and a few trojans passed through. AdAware didn't see anything and Spyhunter couldn't remove it. Norton did the job to remove it very easily. How did it happen? I switched computers last week and didn't have updated virus protection.
In many ways.Tony wrote:Someone please explain how a hardware router/firewall knows what to allow or block.
One is closing off ports that Windows leaves open. Ethernet
connections have the concept of a "port", which is a number
appended to the IP address. This is used on servers to tell which
service a client is requesting. So, if you try to go to www.yahoo.com,
your computer actually requests a page from the IP 66.94.230.49
and the port 80. But, your Windows machine is not a server, so it
really doesn't need those ports. A firewall usually closes all those
ports except the ones you need to browse, or that a program you
run specifically opens.
Another way is to ask you every time a program wants to connect
to the internet, or to your local network. This is how ZoneAlarm
works. You can set some programs, like Firefox or IE, to always
connect without asking, but for most programs ZoneAlarm will not
allow a connection until you give permission.
I'm not sure how Windows Firewall decides what to block. It
probably blocks any incoming connection that was not requested
by a program running on your machine. There are probably some
preset programs that always have access... I'll have to look at the
firewall setup when I get home.
A router essentially provides a level of obscurity to your network.
A hacker would have to get through your router before getting
access to your machine. So if the router is very secure, your
computer has another level of protection.
-
- Posts: 5146
- Joined: Wed Aug 08, 2001 6:00 pm
- antispam: No
- Please enter the next number in sequence: 8
- Tell us something.: I used to play pipes about 20 years ago and suddenly abducted by aliens.
Not sure why... but it's 2022 and I'm mysteriously baack... - Location: Surlyville
Gotcha... thanksfearfaoin wrote:A router essentially provides a level of obscurity to your network. A hacker would have to get through your router before getting access to your machine. So if the router is very secure, your computer has another level of protection.
I've used Zone Alarm before and it's works nicely.
My main computer has Panda firewall which I may remove and teach Norton what to block. Right now Panda is blocking Norton... Hmmmm maybe that's a good thing! I really don't like the idea of Norton doing updates 6 or 7 times a day.
- peeplj
- Posts: 9029
- Joined: Mon Jan 21, 2002 6:00 pm
- Please enter the next number in sequence: 1
- Location: forever in the old hills of Arkansas
- Contact:
I concur that a hardware firewall is, at minimum, the way to go.
I use a Netgear FR114P and have been extremely pleased with it.
There is nothing wrong with running a software firewall as well. ZoneAlarm is a good one, another is Kerio.
You should also be running a good antivirus, and on top of that an adware / malware blocker can't hurt.
The hardware firewall stops you from being targetted by hackers / crackers.
The software firewall, antivirus, and malware block are there to protect you from the results of things you do yourself; i.e. going to a webpage that tries to download something undesirable to your system, or of getting an email with an autoexec trojan attached.
The bad news is, even with all of this, you can still be hit. But you can drastically reduce your chances, and at the same time limit the damage done to your system, data, and personal information.
--James
I use a Netgear FR114P and have been extremely pleased with it.
There is nothing wrong with running a software firewall as well. ZoneAlarm is a good one, another is Kerio.
You should also be running a good antivirus, and on top of that an adware / malware blocker can't hurt.
The hardware firewall stops you from being targetted by hackers / crackers.
The software firewall, antivirus, and malware block are there to protect you from the results of things you do yourself; i.e. going to a webpage that tries to download something undesirable to your system, or of getting an email with an autoexec trojan attached.
The bad news is, even with all of this, you can still be hit. But you can drastically reduce your chances, and at the same time limit the damage done to your system, data, and personal information.
--James
-
- Posts: 24
- Joined: Thu Jun 22, 2006 11:45 pm
- Please enter the next number in sequence: 1
- Location: West of the Black Stump
I use a hardware firewall because it's a lot harder for any malware that ends up on your computer to disable it. Like anything else that runs on a PC, software firewalls can be modified by any other software that runs on the PC. You can't go without a firewall of some sort - my firewall logs show probes from other hacked PC's connected to my ISP coming in all the time.
However, most malware comes in via email and Web browsing so you will need to protect those areas, too. Anti-virus, anti-spyware and others of that ilk only protect after the fact. In other words, they help to clean up the mess once it has been created. Microsoft have taken steps to improve Outlook and Explorer to provide some protection against malware but I have chosen to use Pegasus and Firefox which I feel have better protection.
Disclaimer: Although I have worked in IT for over 22 years and currently look after hardware firewalls for a large client, you should seek a second opinion before following any or all of my advice. AFAIK. YMMV. IANAL. FWIW.
However, most malware comes in via email and Web browsing so you will need to protect those areas, too. Anti-virus, anti-spyware and others of that ilk only protect after the fact. In other words, they help to clean up the mess once it has been created. Microsoft have taken steps to improve Outlook and Explorer to provide some protection against malware but I have chosen to use Pegasus and Firefox which I feel have better protection.
Disclaimer: Although I have worked in IT for over 22 years and currently look after hardware firewalls for a large client, you should seek a second opinion before following any or all of my advice. AFAIK. YMMV. IANAL. FWIW.
- SteveShaw
- Posts: 10049
- Joined: Mon Mar 17, 2003 4:24 am
- antispam: No
- Location: Beautiful, beautiful north Cornwall. The Doom Bar is on me.
- Contact:
Re: Windows Firewall
I use the free Zone Alarm with Windows XP and I don't have to download the whole thing every time, just the update (you elect to do this - you don't need to click on "clean install" or whatever it says, just the update, and it remembers all your previous settings) which I save in my documents and then run. It does take you through its tedious attempt to get you to spend money on their upgrade, but that's just a few clicks, then a reboot.Dale wrote:I think this has come up before, so let me raise it again.
For a couple of years or more I've used the free version of ZoneAlarm firewall. I have three computers at my house. Lately, it's annoyed me by what seems like constantly prompting me to update the thing. That's fine, except the updating it is essentially downloading and re-installing the whole thing. So, I think I'm going to try to just use the Windows Firewall for awhile. Does anyone have experience of using it and still having their computer breeched?
Dale
"Last night, among his fellow roughs,
He jested, quaff'd and swore."
They cut me down and I leapt up high
I am the life that'll never, never die.
I'll live in you if you'll live in me -
I am the lord of the dance, said he!
He jested, quaff'd and swore."
They cut me down and I leapt up high
I am the life that'll never, never die.
I'll live in you if you'll live in me -
I am the lord of the dance, said he!
- rodfish
- Posts: 503
- Joined: Sat Jan 31, 2004 7:52 am
- antispam: No
- Location: Richmond, Virginia (close enough)
I've been using just the Windows XP firewall for a couple years now with no problems.
I also use AVG Free and Ad-Aware which both seem to at least notify me if anything gets through.
All said and done however, I only use dial-up (soooo slooowww) so if I used DSL and left my computer connected most of the time, I would probably opt for a hardware firewall. FWIW.
I also use AVG Free and Ad-Aware which both seem to at least notify me if anything gets through.
All said and done however, I only use dial-up (soooo slooowww) so if I used DSL and left my computer connected most of the time, I would probably opt for a hardware firewall. FWIW.
"A word aptly spoken is like apples of gold in settings of silver."