I try again : sygate + xpfirewall ?

I try again ... I reactivated xpfirewall and so :

sygate + xpfirewall ?

I hope is it ok this time ?

Reply to
Loading thread data ...

There is no need for both. If you use Sygate, turn XP Firewall off. If not, then turn XP Fireall on (by itself only).

Reply to

mesnews quota Kerodo che giovedì, 26/01/2006, 17.46.47 scrisse :

what are the problems if I keep active both firewalls ?

I activated both firewall because I heard on this newsgroup that sygate has a problem = ''Sygate has a big design flaw as a "Personal Firewall"

formatting link
(but I'm a newbie)

Reply to

They may (or may not) interfere with each other. This may lead to arbitrary behaviour, up to allowing unsolicited packets through both of them.

What exactly are you trying to achieve by using both of them? What can the two of them do that either one isn't capable of?

This design flaw is not exploitable from the outside but from the inside. Neither of them can protect Sygate from local attacks against this flaw, and both of them are capable of filtering inbound connections. There's no need for both of them.


Reply to
Ansgar -59cobalt- Wiechers

mesnews quota Ansgar -59cobalt- Wiechers che giovedì,

26/01/2006, 19.04.28 scrisse :

I asked that You answered below


Reply to

If you want to run two packet filters Sygate and something to supplement it, then run with IPsec as the second choice. I use IPsec to supplement BlackIce on my XP laptop while I am on the road using the Earthlink dial-up connection to make this post to you.

I use IPsec with the AnalogX preset rules that are implemented and use those rules as for what I wan to let through behind BlackIce, like I don't want to do Windows Networking so I enable the *Block* rule for Windows Networking or if I want to use SMTP (send emails) then I enable the SMTP rule but I had to change the SMTP port to 587 from 25 (the standard SMTP port)in the AnalogX Ipsec rules because Earthlink uses 587 or enable the NNTP port 119 rules so I can read and make pots to NG(s).

IPsec will not get in the way and it provides protection and you can rules to block inbound or outbound traffic with IPsec.

formatting link
You should go to the O/S for an XP machine that has a direct connection to the Internet and harden it to attack as much as possible for a machine that has a direct connection to the Internet -- no router between the modem and the computer.

formatting link
Duane :)

Reply to
Duane Arnold

You'll have this extra problem anyway, if you're enabling Sygate (or another software, which does this). No firewall can prevent you from any harm coming from this.

The only way to avoid this extra attack vector is not to have Sygate (or any other software, which has such a flaw).

BTW: this flaw offers an attack vector for already running code to do what is called privilege elevation. It is a potential way for code, which has no administrative privileges to run code, which has.

It is important if you're not working as Administrator. And it is very important anyway, that you're not doing this.

Work as normal user, so code which could be harmful, has to find a way for privilege elevation first to do most of the harm. And stop using software, which opens attack vectors for privilege elevation attacks.

Yours, VB.

Reply to
Volker Birk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.