I have a PC built for me, and I installed Windows XP SP2 on it. I presume I need to put a firewall and antivirus on it to ward off worms and viruses. I am more concerned about the firewall. I installed ZoneAlarm Free Edition, and it worked al'right. However, it always bothered me by asking me to pay up, so that I uninstalled it. My computer is currently running on the in-built Windows firewall. Is this OK ?
As an antivurus, I am using AVG Free Edition, and it seems doing its job. Also, I can get a corporate edition of Trend Micro's PC-cillin from my employer for little money; should I get it ? Thanks.
A simple NAT router will do more and better than ZAP or Windows XP Firewall in most all cases. Linksys BEFSR41 or a wireless version is under $50 and provides protection from inbound attacks.
My early experience with connecting a PC with no firwall to the Internet (via dial up) shows that it gets infected with a worm within
20 minutes. So that now I always put a firewall between my PC and the Internet. Now my PC is connected to the Internet via a NetComm NB5 ADSL2+ modem router. You think this will repel the worms ?
The NAT router blocks "unsolicited" connections to the PC, it's sort of a 1 way filter - it lets you out, but only lets external sites talk/reach your PC if you contact them first.
Many people use NAT routers are their primary protection method with no firewall at all and have no problems.
Security is more than the firewall, it's not using easy to compromise apps, keeping updates installed, not doing things that put you in harms way, monitoring your firewall logs (as you can easily monitor the Linksys devices for in/out traffic), and many other things.
If your address is not a private address then your Modem is not doing NAT, and if you have a live public IP then you're screwed without a barrier device.
Check out ghostwall. It resembles a rule based router-firewall more than a bloatware internet protection package. If you are savy enough to set it up, it works as advertised.
Then you did something wrong during setup: mine never asks that.
It's satisfactory, unless something manages to get inside and call out. Then you're stuffed.
I use that, it's good. I'm thinking of upgrading to the full version on at least one of my home systems to make use of the extended features. It's pretty cheap to do so as their licenses are two years for the price of one from competitors (IIRC).
How does that licensing work? If you're happy with AVG Free edition, why change?
It's locally exploitable - look at anyone running as a local admin, and any software that wants to create an exception in the WF. Even AOL will create exceptions without you knowing about it. All you have to do is google.
A proper Usenet Client would snip the signature lines when you reply, consider getting one.
Any software that runs on the users computer is a security risk, even ZAP and others, if it's on a non-dedicated firewall computer then it's a risk. A NAT Router is transparent, doesn't ask the user anything, and does its work without exploits when properly setup - this is not the case for most PC based firewall solutions.
Any local FW is exploitable when running as local admin.
Anyone running arbitrary code as local admin is likely to get screwed. You seem to advocate keep doing so and then have a barrier to minimize the damage instead of advocating doing the right thing, which would be to run a LUA in which case the WF can't be exploited the way you're thinking of.
No, I don't advocate what you are talking about, but I'm also not aware that many programs won't run under Windows unless the user is an admin, and I also understand that many users don't have a clue about security.
In the case of a NAT Router, while it doesn't stop stupid people from infecting their computers, it does stop external sources from directly accessing the users computer without an invite. Windows ships from many vendors with lots of exceptions and that makes it a threat to the ignorant, a NAT Router would mean that exceptions are meaningless.
I a user is going to run as an admin, and most are, even with warnings, then they need some means to protect them - if ALL ISP were to implement NAT at the internet device provided to the users, allowing exceptions for those smart enough to ask for an exception, it would eliminate a LOT of problems for users.
There are many free firewalls out there. google for "free firewall".
ZoneALarm Free should never ask you to "pay up"; you have it setup wrong somehow. I would recommend version 6.1.744, it was small and stable.
6.5.737 was the last version 6, but it was flakey (on my system at least). The latest version 7 is bloated (IMO).
formatting link
Comodo Firewall Free is also highly regarded:
formatting link
And the XP built-in isn't totally worthless. It simply doesn't try to stop "baddies" installed in your system from calling home (but then the others won't stop a SMART bad guy either; the smart bad guys can get past many outgoing firewalls, you need to scan regularly to make sure they don't get on your system in the first place).
If you are connecting directly via a modem (dialup/cable/dsl) you NEED a firewall, for sure. You are exposed directly to the internet, and the firewall log will confirm for you that it is blocking packets all the time (the estimate in prev post of
You have no idea of what you're talking about. Regular scanning does not prevent malware from being installed. It merely may detect maleware once it already is installed. Which is something any decent virus scanner will do just fine. It's not a task for a firewall.
What a personal firewall can do reliably is blocking inbound connections and preventing applications run by users from opening listening sockets. The Windows Fireall does either of these just fine.
So? Just don't provide any services towards the internet. And now? What more protection will a firewall offer? It will just add more code with additional (potentially exploitable) bugs.
Granted, Windows makes it rather difficult to unbind services from interfaces, so a firewall is the easiest and least error-prone way to make services unavailable on a given interface, but that's about it.
Any *DECENT* spyware, malware, or virus scanner does more than just "scan" for already installed viruses and Trojans. They also SCAN any incoming data, whether from the Internet, Email, or installation-program for containing known threats; and announcing to the user if any are found BEFORE they get installed.
"Protection" programs that DON'T do this are pretty much useless; as there are all too many vicious programs out there, that the first thing they do is disable known virus-scanners from noticing them at all, once they do get installed.
A *good* one blocks outbound connections too; except from programs you specifically authorize.
It really ain't worth *shit* on outbound connections, where (for example) a Trojan starts connecting and sending everything from your personal information to mailbombs to anybody, everybody, or specifically targeted DOS addresses.
It seems you don't really know what a good firewall does or even what it's intended use is.
And Windows Firewall is NOT a good example ... Nor even a real example of a true firewall at all.
A good firewall does FAR more than that. It not only prevents attacks; but stops them when they happen and notify users when they try. Sometimes obnoxiously; but that's often the only way to get lusers to stop things when they go bad ... and sometimes not even then.
All too often I've seen idiots go ahead and install known viruses when AV software tells them its bad, defeat firewalls when told that an unauthorized program is trying to send garbage, and even turn off either or both when the complaints start coming every minute or so.
Then they wonder why their computer slows down, and eventually craps out. "Well, how was I supposed to know that would happen?"
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.