2 firewall programs running?

Most likely, and running NIS causes problem for sure (since this is what it's supposed to do).

Does than mean I should turn off NIS?

David A.

Norton will cause problems all by itself.

Thanks to all for the prompt replies. I've turned off NIS. Is the basic hardware firewall that comes with my Linksys router plus the Windows firewall in XP sufficient or should I be looking at other programs?

David A.

No, it means that you should uninstall it. Turning it off isn't sufficient.

Since it's already sufficient without all of this, it's obviously sufficient with all of this. So why the question anyway?

Sufficient against what?

What are you trying to achieve?

What Linksys router do you have? The XP FW is performing the same function of the router, which is to stop unsolicited inbound traffic. If the router can stop outbound traffic by setting rules, then you can supplement the router with the XP FW. If the router cannot stop outbound traffic, then dump XP's FW and use Norton, because with Norton, you can set rules to stop outbound traffic from leaving the computer if you had to stop outbound traffic.

The retail version of Norton can play havoc with your pc. Uninstall it using Norton's own uninstall tool

get a refund :) As suggested on the site, you may wish to print out the directions before proceeding.

If this doesn't work use this: Revo Uninstaller Freeware - Remove unwanted programs and traces easily

and/or RegSeeker use NTREGOPT to compact the registry then do a reboot immediately. While Norton's removal tool usually gets the job done, you may also want to go to: download a copy of winsockxpfix just in case. Rarely, the removal of NIS breaks the networking components in XP to the point where internet access is impossible. This little utility will fix it back up.

Use/activate Win XP SP2 built-in Firewall and uncheck *all* Programs and Services under the Exception tab. Read through:

How to Configure Windows Firewall on a Single Computer Read these articles:

"Personal Firewalls" are mostly snake-oil

At Least This Snake Oil Is Free Deconstructing Common Security Myths. Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

Exploring the windows Firewall.

"Outbound protection is security theater-it's a gimmick that only gives the impression of improving your security without doing anything that actually does improve your security."

Yes. Compared to only having Windows-Firewall enabled, you don't gain any additional security effects, but you're adding the security holes Norton InSecurity brings with it.

Yours, VB.

Sufficient for what?

If we're talking about packet filtering for you at home, this usually is enough.

Yours, VB.

Thank you for the clarification. I'm reading up on uninstalling NIS. Apparently, there may be some problems with using the Windows uninstall option from the control panel. Some here have suggested downloading the Norton uninstall program from their website. That's probably what I'll do. Thanks again for your help.

David A.

If you want to be bold and beautiful, why don't you get rid of the XP FW too? Since you have a router setting there protecting the machine or machines from the Internet. What do you need the XP FW for, because it's buying you nothing -- no added protection.

The router and XP FW/packet filter are doing the same thing, and it's unclear amount your router, because you make no mention of the model of the Linksys router to determine if it can stop outbound traffic. If the router can't stop outbound traffic, XP's FW for sure cannot stop outbound traffic and both can only stop inbound traffic, then why do you need the XP FW enabled?

And as long as XP's FW is sitting behind that NAT router, because XP's FW can only stop inbound traffic just like the NAT router, then using the XP FW router behind the NAT router is pointless. It buys you nothing.

I see no reason why to do so.

This is wrong.

Following the "defense in depth" strategy, the heuristics used for packet filtering usually have holes, so a second filtering could help.

Of course, it would be better not to offer network services at all if one does not need to.

Yours, VB.

That's if he or she knows what he or she is doing. So, why not be bold and beautiful if one knows that or she doen't need a packet filter running on the machine due to he or she running machines behind a FW router.

You know, everyone is not as weak as you make them out to be.

You're going to have to come up with more than just wrong. If that router is using SPI, then how is Windows using the XP FW doing any more than that. The only thing the XP FW can do is stop inbound traffic no more than what a NAT router using SPI is doing. The only time using XP's FW makes any senese is when the machine has a direct connection to the modem and therefore a direct connection to the Internet or the machine is in a LAN setting like a wireless cafe.

I disagree. The only time it makes sense is if the first solution like a NAT router cannot stop outbound traffic, then a packet filtering solution at the machine level sitting behind a NAT router that cannot stop outbound makes sense.

Well of course, if the machine doesn't need to be in a network situation with other machines then why have the services enabled, period?

On the other hand, as long as my machines are behind a border device like a packet filtering FW router or FW appliance, then I have no need to for a filter running on the machines behind them Windows, Linux or otherwise.

Mr. Arnold and others,

I'm ignorant of much of what constitutes networking and of what "packet filtering" is. And I make an assumption that "outbound traffic" is anything I type on my computer while connected to the internet that goes out over the internet.

My main concern is attempting to discourage hackers from taking control of my computer while I'm on the internet.

My router is a Linksys model WRT54G. The disk that came with it may have an electronic users manual, but since I just plugged the thing in and it worked (I was able to get on the internet from the computers connected to it), I didn't see the need to go any further. Ignorance may not be bliss.

As for having both the basic (hardware?) firewall built into the router AND the Windows Firewall enabled, would that cause any problems? I really don't care if what they each do is redundant, if no harm is done.

David A.

I am not going to get into outbound traffic as opposed to inbound traffic. I made a post here in this NG a few weeks ago to another poster about what solicted and unsolicted traffic is about that a FW deals with and links about how a FW works. What is a FW? What is not a FW? What does a FW do? What are the differnt types of FW(s)? -- ETC ETC -- If you like, you can find that post based on my posting name and read-up.

The only way that's going to happen is if the machine gets compromised, which if it does, then *you* have contributed to it yourself in someway, by going to a Web Site that installed the malware/compromise or you opened an email with an attachment that installed something etc, etc.

You have a WRT54G packet filtering FW router there that can stop inbound and outbound traffic, and it can do a whole lot of other things too. You need to understand how that device works and how to use that device. You should be more concerned about how can someone hack the wireless network, join my network, and in doing so, be all over the top of my machines hacking them or use my network to do something illegal.

You'll need to change the frimware, which is free that's being talked about in the WW link for the 54G. That's if you know what frimware is about, look it up use Google. You shouldn't fly blind and not know the traffic coming to and leaving your network.

That 54G is NOT a basic router. It's more than that.

Windows XP firewall is NOT a FW. It is a machine level packet filter that protects at the machine level. A FW separates two networks and sits at the junction point between the two networks, with one network it's protecting from the WAN (Wide Area Network)/Internet, and the other network it's protecting the LAN (Local Area Network). A FW has at least two interfaces with one interface facing the WAN the untrusted zone and the other interface facing the LAN the trusted zone. The 54G is a FW solution and any software like XP's FW or a 3rd party (personal FW) solution is not a FW. They are machine level packet filters running at the machine level.

They are NOT doing the same thing and and ignorance is no excuse.

However, since you have a wireless solution, then it's best to have a machine level packet filter such as XP's FW/packet filter running in case someone hacks the wireless side of your network and starts hacking your machines.

If you don't know what War Driving is about, then look it up using Google.

The buck stops with the person sitting behind the keyboard and mouse and is doing the driving and not with the FW or packet filter. That also holds true for the Windows XP O/S. The buck stops at the O/S and not with some FW or packet filter.

Usually not.

Yours, VB.

Usually, such routers (as other packet filters, too) implement heuristics to implement protocols like FTP, which cannot be filtered easily.

Because of that, they're vulnerable.

This is why shutting down unwanted network services is much more secure than packet filtering.

Having two different packet filters can help with some issues, if you know exactly what you're doing.

I'm not requesting you to do so. I just wanted to point out, that you forgot some scenarios, where your original statement is not true.

Your mistake is to believe in NAT as a security feature. The opposite is true. The security comes from filtering, not from NAT.

Yours, VB.