Re: Windows Firewall enough??

On Sun, 22 Feb 2009 12:27:43 -0600, FERRANTE wrote:

Third-party firewalls are also 'outbound' firewalls. They will alert you
whenever your computer wants to connect to another computer on the
internet, and ask you to approve or deny the connection. (Either you or
the program will setup rules for programs you trust, so you don't get
prompted /every/ time.) This is valuable protection: If malicious
software installed on your computer tries to connect with the internet -
perhaps to send your personal information to a crook thousands of miles
away - there's a good chance you'll know about it, and you'll be able to
prevent the connection from being made.

Leonard,
In the past when I have tried to use software such as Zone Alarm of
Comodo, as programs starts up, the software asks for permission to the
process to be completed. However, often time when asking, all you see
are numbers or letters, almost cryptic, and I cannot tell which
program is wanting to access the Internet. If I refuse, I may be
hurting myself by denying all AV features or other useful programs
from functioning fully. So I am often lost as what to do.
In addition to using Esset's NOD 32 as my AV, and various spyware
programs I run a few times a week, my only real protection as of this
writing is my router and Windows XP firewall.
With the benefit you outlined above in using a third-party firewall,
which would you recommend as being good yet user-friendly? Someone
mentioned Zone Alarm? Naturally free would be my first choice, but not
if a paid program was much better.

For the average homeuser, the Windows Firewall in XP does a fantastic job
at its core mission and is really all you need if you have an 'real-time'
anti-virus program, [another firewall on your router or] other edge
protection like SeconfigXP and practise Safe-Hex.

The windows firewall deals with inbound protection and therefore does not
give you a false sense of security. Best of all, it doesn't implement lots
of nonsense like pretending that outbound traffic needs to be monitored.

Activate and utilize the Win XP built-in Firewall; Uncheck *all* Programs
and Services under the Exception tab.

Read through:
Understanding Windows Firewall.
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx

Using Windows Firewall.
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx

*Listen to the experts and note their credentials!*

At Least This Snake Oil Is Free.
http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx

Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."

Exploring the windows Firewall.
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater—it’s a gimmick that only gives the
impression of improving your security without doing anything that actually
does improve your security."

Managing the Windows Vista Firewall (some is also applicable to XP)
http://technet.microsoft.com/en-us/magazine/cc510323.aspx
*(read twice!)*

If on dial-up Internet connection use Seconfig XP 1.0 in conjunction with
WinXP SP2 Firewall:
http://seconfig.sytes.net/
(http://www.softpedia.com/progDownload/Seconfig-XP-Download-39707.html)
Seconfig XP is able configure Windows not to use TCP/IP as transport
protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
and 445 (the most exploited Windows networking weak point) closed.

If on high-speed Intenet connection use a router and configure accordingly.
Implement countermeasures against DNSChanger
http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.html

Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

Good luck :)
.

Relevant Pages

  • Re: Explorer 6 Update KB942615
    ... into Internet Explorer, Tool, Internet Options, Advanced and take the ... second reboot Norton was updating so when it was finished I cleaned the cache ... support calls that are associated with security updates. ... third-party firewall AND enable the Windows Firewall. ...
    (microsoft.public.windowsxp.general)
  • Re: IIS, homenetwork, teenager, sercurity
    ... Firewall. ... connection is giving you some hardware firewall protection. ... it is a good idea to have any PC that is connected to the internet ... Microsoft plugs their security holes with a patch ...
    (microsoft.public.inetserver.iis.security)
  • Re: pop ups from messenger services
    ... and Sasser Worms that still haunt the Internet. ... ignoring or just "putting up with" the security gap represented by ... Messenger Service of Windows ... firewall and WinXP's Internet Connection Sharing feature. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: pop ups
    ... and Sasser Worms that still haunt the Internet. ... ignoring or just "putting up with" the security gap represented by ... Messenger Service of Windows ... firewall and WinXP's Internet Connection Sharing feature. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Wireless Laptop connections dropping intermittently
    ... i.e. all forms of security entirely, and still have the same issue. ... trying to type my response in, because my connection keeps dropping. ... You state that the Internet drops but you are connected. ... If so then take all the Laptops to the same room with the Router, ...
    (microsoft.public.windows.vista.networking_sharing)