which firewall for XP Prof sp1? 3

[pawz]

hello folks, just want to ask your opinion(s).

I have been using ZoneAlarm Pro for the past year, and soon I will have to renew my subscription if I want to go on with it.

I haven't got any real grumbles - it does its job well enough it seems, but I wonder if I could do better?
It seems a bit 'clunky', taking a while to load, and I am not sure, but think it might also be responsible for the wav files looping when I play my space game - very annoying.

Somewhere I read that 'the professionals', whoever they may be, do not regard ZoneAlarm Pro to be a 'serious' firewall, and suggest going for Tiny Personal Firewall instead.

Me, I know nuzzing.

I was quite happy with Sygates Personal firewall when I had no broadband, no network and Win ME, but I couldn't get that to run on XP Prof SP1.

Any thoughts please?

 

[bcastner]

Some thoughts:

. "the professionals" tend to prefer Rules-based firewalls. There is nothing horribly wrong with Zone Alarm, all firewall products can cause unintended consequeences at times.

. Kerio is my personal choice, Tiny is very good as well, as is Sygate. Give it a try again.

. I would not spend any money, as Service Pack 2, available sometime later this year, has a very comprehensive integrated firewall product.

So:

. either revert to an upgraded (free) Sygate if you liked that in the past;

. change to Kerio, Tiny, BlackIce or something else;

. And later in the year plan to evaluate the "free" Service Pack 2 offerings of Microsoft.

 

[pawz]

aha bcastner - we meet again
thank you for that advice. I shall heed it and see if I can find a freebie to tide me over adequately until sp2 comes along. If Sygate is now XP friendly that would be my first choice I think

thanks
appreciated

Gracie

 

[linney]

http://www.firewallguide.com/software.htm#Comparative

http://www.firewallguide.com/software.htm

http://www.garykessler.net/library/securityurl.html#firewall

 

[bcastner]

pawz,

The "aha we meet again" I hope is good

There is no good answer to the firewall question. Assuming we are looking at freeware, linney's links above show how confusing the issue truely is. There is no "best" firewall, hence the more experienced users gravitate towards rules-based firewalls as I discussed above.

While the final product plans are completely up in the air at the moment, Service Pack #2 from Microsoft for stand-alone machines and ICS Gateway machines is decidedly more aggresive than the original XP firewall.

Again, I would not spend money now. The near future is decidedly too uncertain.

Best,
Bill Castner

 

[pawz]

well thank you both. I shall take a peek at those links Linney -ta

Yes Bill, good aha

ICS Gateway? Wossat?

We are a network of two, presently of three machines, if we can persuade the Mac to go on, and we are on Broadband,but only me on XP, so a firewall of some sort is essential.
I don't have the native XP firewall turned on - it doesn't seem to get on with the LAN. The router has an in-built firewall, and I have ZoneAlarm Pro of course. We seem to be quite safe as ZoneLog Analyser shows no attacks on any ports,and a programmer friend tried to get in, as a test, and could not, so perhaps I ought to adopt the 'if it ain't broke,don't fix it' philosophy - keep going with the present arrangement and wait and see what sp2 offers?
I have to have something in place in the interim of course.

It is helpful to get insight from them as know about these things.

I am going to crawl into a dark corner and quietly suffer now - I dot a gold ( sniff).

Gracie

 

[scilogic]

Actually there is an answer, don't use software based firewalls. I use my netgear firewall/router and that thing is more secure than I can ask for. I just allow port 80 for HTTP because I host a site. And of course the POP and SMTP ports and I never have any issues and I don't have software firewalls bogging down my system resources. If you have broadband this is definitely the way to go.

 

[pawz]

you are the second person to tell me this evening scilogic!

Before we got the network up I used to notice a lot of attempts to 'get in' when checking out the ZA log file - now nothing gets in! I wondered why. Guess the answer is that the router is keeping it all out!

Is there a way I can check on the routers firewall efficiency do you know?

Ours is a Kobian Mercury 4-port. I do not know how we would configure it to allow any ports. I have antivirus software of course, and for the e-mail. Would that be enough?

many thanks

 

[cdogg]

Actually there is an answer, don't use software based firewalls

Ah, but that is not the true answer. It is best to use all 3:
1) NAT (Network Address Translation - such as in a router)
2) software firewall
3) antivirus scanner

Why? Well you might want to jump to the thread I linked below, but in short, a router's main advantage in security is protection from the outside. Most offer no protection from programs running on your PC that try to access the net w/o your permission (trojan-type violations). That's what you need a software firewall for.

thread616-636910


~cdogg
[tab]"All paid jobs absorb and degrade the mind"
[tab][tab]- Aristotle
[navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884

 

[scilogic]

my netgear router blocks incoming and outgoing transmissions even if they do originate from trojans. But you are right you do need good Anti-virus software. I use norton corporate edition. Excellent software... I would suggest inventing in a good firewall/router. And just keep your virus protection updated... And as far as checking the router's effeciency, there are many security websites that can detect a user's vulnerability by staging fake hacking attempts.. I think zonealarm's website does this...

 

[pawz]

um. Is Norton SystemWorks 2003 antivirus reckoned 'good'? I keep it bang up to date....

thanks cdogg, I will look those links up now

 

[scilogic]

it's like the best consumer level virus scanner I know of.. I just use the corporate version because it has alot more features.

 

[IFRs]

I recommend PcCillin from trendOffice. It is AV, firewall and spam filter. All for $25

 

[cdogg]

scilogic,
Yes, it is possible to configure your router to block outgoing transmissions on certain ports. However, basic ports like 80 and 443 (HTTP, HTTPS) are normally left open, and unless you go into your router and set it up specifically to allow certain types of TCP/UDP packets through, then it is exposed to any application on your PC that wants to use it.

A basic example is the well-known Gator spyware program that gets installed automatically with some apps/downloads like Kazaa. This program not only installs a tracking mechanism, but intermittently attempts to access its home site on port 80. Now unless you had a software firewall like Zonealarm Pro installed, you likely wouldn't know this was happening. Most routers would not block it by default.

Just a couple things to consider, that's all...


~cdogg
[tab]"All paid jobs absorb and degrade the mind"
[tab][tab]- Aristotle
[navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884

 

[scilogic]

I understand this concept quite well... I'm just saying my router blocks everything outgoing and incoming except what I tell it to. I spent like $350 on it

 

[cdogg]

scilogic,
Again, the point is that most basic routers don't do this on their own. Yes your case is special, and if you had delicately stated how the extra features you purchased in your router replaced the need for software-based firewalls, I wouldn't have bothered you with a response.

However, your statement about not needing software-based firewalls in general does not apply to everyone who owns a router. In fact, it doesn't even apply to a majority. I just wanted to make it clear that NAT is not going to do it all on its own.

 

[scilogic]

Alright glad me are clear on it all now. =)

 

[pawz]

very helpful to me too. I should think ours is just a basic router so I can't configure it.
How would I check on activity levels anyway if I only had a hardware firewall?
If Microsoft are going to 'beef up' the native firewall in XP as Bill Castner advises above, perhaps my best way forward would be to not renew my subscription to ZAP, to use the freebie ZA instead, presuming that will watch the going-outs, and wait to see what develops with SP2. Would that be sensible or foolish do you suppose?

 

[scilogic]

we have no way of knowing exactly how effecient microsofts upgrades are.. there always seems to be loopholes.. I would just use the free zonealarm, and make sure you at least have some kind of hardware firewall in place. And wait and see what develops from microsoft. It sounds like you already have some sort of firewall built into your router. That and zonealarm should be enough for now.

 

[pawz]

yes -thanks scilogic