Do any firewalls, especially the popular ZoneAlarm, provide firewall protection for multiple user accounts on a PC with Win XP?
We occasionally wish to switch between a user and Family account, but our Freedom security pkg (from ISP Adelphia cable) says it's not working when we fast-switch to a user account while another account is active.
Thanks!
Yes, the Windows-Firewall does, which is part of Windows XP.
Yours, VB.
Complain to your ISP. They won't do anything until the complaint count gets high enough (which probably means never, in this case) but you may as well be counted. Good luck getting through to someone who knows what fast user switching is.
Jason
Thanks VB, but I would restrict consideration to firewalls which also monitor, and block as prescribed, outbound traffic. My understanding is that Win XP's firewall fails to monitor or restrict outbound traffic.
Thanks, again. -- GeneM
true, there is a debate (see recent threads). Many are on te side that say blocking incoming is all you need and blocking outgoing is a nuisance.
All agree about blocking incoming. (though stealth mode is stupid - see recent threads)
Some Argumenets against blocking outgoing-
Firewalls that block outgoing will prompt you a lot , when any windows process sends anything or when there is communication on your LAN. This looks good for marketters, but is a nuisance to the user. (though, mosto f these nuisances should be over and done with once the firewall has been used once)
Apparently, from my reading of some posts, Smarter malicious program can make outgoing connections that appear very innocent. Might not trigger your personal firewall.
Average joe spyware that would make an outbound connection, you should spot it anyway, with a program like Active Ports. And your intenet connection wll prob slow down. These programs that don't hide themselves very well are probably nothnig to be afraid of. e.g. if you can stop a thief by putting a banana skin on your driveway, then you'll catch him with a burglar alarm. No need for the banana skin.
It's a bit like locking yourself in your own home. Very Very inconvenient. You should know when programs are making outgoing connections and not rely on a firewall!! So, they may send for 10 minutes before you notice. Do you keep your credit card information online?
Besides Active Ports, you can also do netstat -b And it will display established connections along with te process that is on your comp communicating.
You shouldn't rely solely on the firewall to save yourself from malware making outgoing connections. If you have it on your sysstem. You should remote it properly. Not just block it
see recent threads. there are arguments for not blocking outbound. 2 sides to the debate.
I don't know if teh toher personal firewalls do. But, it may not be so good to keep recommending the windows firewall above other personal firewalls. because The Sygate personal firewall has a great logging feature, listing incoming and outgoing connections. It is far superior to the log provided by the windows firewall. I know of no other tools that doe this. MS Port Reporter is not as good.
I don't actually need sygate for its firewall protection. But a port logger like that is such an important tool to have.
But Sygate also is vulnerable to the SelfDoS attack, and installs system services, which open Windows. This breaches security.
Yes. And ethereal does exist, as well as:
Yes, and since I just tried out, my understanding is, that all the "Personal Firewalls" fail also, see my POC on
Sygate does. You won't see the tray icon in the other limited user accounts but it is still running and doing its job.
is that just when a comedian send some packets where src ip=your router. and the PFW thinks there's an attack from that ip and blocks packets from the router.
'cos that wouldn't happen often, and u could probably turn the PFW off or check the PFW's configuration and remove the router's ip from any attacker list. - leaving the windows firewall on.
ah
packet sniffers list lots. every single frame. far too much info. I just want the connetions listed nicely, logged. ms port reporter is close to sygate but not as good.
iris has a nicer gui than ethereal, but is not free. still, it's a paket sniffer, so does give more on the screen than i want
TDImon can flood the screen with far more info than I want. It'd be interesting if i was studying TCP and UDP, but not for logging connections in and out.
- besides the disadvantages to sygate that you jut mentione. i'll add that i was running sygate and it crashed, was not visible in the taskbar, and caused the blocking of all outgoing connections!
Though in sygate's favour
It still scores highly though 'cos of its nice GUI and its port logger.
and mainly sygate is the only one that includes date/time, incoming/outgoing, and doesn't flood the screen with other information.
many of those jst flood the screen. and don't mention date/time,
I still see no alternatives for a port logger. i'm loking into wallwatcher, but am not optimistic abotu being able to get my rotuer to transmit its log to a comp. especially since i can't even view the log in my router - at least i haven't figured out how yet.
Yes, something like that. A second option would be the source IP of the DNS server, for example. Or any other host, which is neccessary.
Yes. This is exactly, what I recommended - turing the "Personal Firewall" off and leaving the Windows-Firewall on ;-)
Yours, VB.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.