Author Topic: XP's Firewall - Good? Bad? Ugly?  (Read 18725 times)

0 Members and 1 Guest are viewing this topic.

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #15 on: September 28, 2006, 12:41:32 AM »
dk70

About the number of files scanned you should be aware that many files are in fact archvies or compressed so AV must have the ability to look inside. Avast can check 7zip files for example. If Mozilla decided to plant a virus into your next Firefox download Avast might see it, other AV will not - since they use 7zip compressing for their exe-files. Avast is probably lacking in other areas but pretty good with archives.

Yes, very interesting, that...

So if you disable real time scanning you better be sure scanner can actually look inside or there could be a surprise when you run ie. a selfextracting exe-file. This is why number of a complete scan will differ, unlikely to exactly match that of other AV.

I disabled the P2P Scanner, I have no use for it... and with the IM scanner, I lowered the protection level, I only use Google Talk, and only sometimes, and never for anythign except for talking...



Culpeper

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #16 on: September 28, 2006, 02:05:25 AM »
Hey, if it [XP firewall] passes the Shields Up firewall test then why not?  Please do not bloat that last sentence with crap about it not checking outgoing traffic.  Most hardware firewalls do the same thing.  I tried Comodo not too long ago.  It works very well on my XP machine.  Nevertheless, I went back to Sygate Pro because I like its logging capabilities.   Firewalls do not age like AV programs can.  Some people are still using very old Kerio and Outpost firewalls and so forth.  The main thing is that a firewall creates stealth and blocks unwanted packets.  That is about it.  The rest is up to the user like a notice that a program is trying to access the Internet "Allow Yes or No".  And for every action there is an opposite and equal action.  If you have a maliscious program sitting on your computer that can access the Internet then your AV resident shield should pick up on that at least.  Not the firewall.  BTW, I have never heard of a single person saying "Yes" to a firewall outgoing premission message and getting burned.  I also do not know any idiots.  Outgoing firewall messages all have idiot buttons.

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #17 on: September 28, 2006, 04:02:04 AM »
Culpeper

Hey, if it [XP firewall] passes the Shields Up firewall test then why not?  Please do not bloat that last sentence with crap about it not checking outgoing traffic.  Most hardware firewalls do the same thing.  I tried Comodo not too long ago.  It works very well on my XP machine.  Nevertheless, I went back to Sygate Pro because I like its logging capabilities.   Firewalls do not age like AV programs can.  Some people are still using very old Kerio and Outpost firewalls and so forth.  The main thing is that a firewall creates stealth and blocks unwanted packets.  That is about it.  The rest is up to the user like a notice that a program is trying to access the Internet "Allow Yes or No".  And for every action there is an opposite and equal action.  If you have a maliscious program sitting on your computer that can access the Internet then your AV resident shield should pick up on that at least.  Not the firewall.  BTW, I have never heard of a single person saying "Yes" to a firewall outgoing premission message and getting burned.  I also do not know any idiots.  Outgoing firewall messages all have idiot buttons.

Mainly I think I want some outgoing control, because things like MS Office like to phone home...or at least when I was using Zone Alarm, they were constantly demanding access to the net...

I had a Pro Zone Alarm, on my machine, and it did not stop a Trojan, despite its supposed Iron Cladness... so...

---

On another note, I just discovered this today:

http://www.hurricane-soft.com/

They have just started to release their firewall as freeware for home users... it is a Slovakian company... I am intrigued... So I will do some investigating, and some testing... and see...

Quote

dk70

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #18 on: September 28, 2006, 04:18:21 AM »
I read somewhere that MS thought of putting outbound control into their firewall but usergroup tests showed most get annoyed and shift into autogear, just accepting what is asked. Those people will most likely not spend much time setting it up for optimal security. Must be pretty painless or people find a way to avoid. May be another internet story but make sense.

Just another layer and can be disabled in most firewall so nothing to argue about - but I do think it is false protection to put it high on must-have list. Much is way more important, setting up some healthy practices for control of incoming increase security a lot.

Avast is good but more is better. http://www.virustotal.com/en/indexf.html Test suspects with that or http://virusscan.jotti.org/

True about legitimate software phoning home for updates etc. Rain. As said that is good reason to use outbound, more to see what is going on than to prevent - be sure you dont mess up software. When established what is going on you can always turn it off. Also about cracking, firewall often helps to avoid software from checking serialnumbers and such  ;D More than a few use outbound for this.

Culpeper

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #19 on: September 28, 2006, 04:31:09 AM »
Oh, I absolutely agree with both of your responses.  I love the logging capability of Sygate just to see what is going and coming.  It let me know I had a bunch of forgotten RSS feeds in my Firefox bookmarks, which was causing a slow Firefox start up.  Without the firewall logs I would have completely forgot about those feeds and never figured it out.  For the most part though, the average person, not security computer freaks like ourselves, the basic firewall protection I mentioned above should be sufficient for security.  In fact, a cheap router with a hardwire fire is more than sufficient.  In my opinion.  For the most part when I set up a computer for a friend or relative that just got their stuff from Dell et al, I just add on Avast or AVG and turn on the OS firewall, tell them not to mess with the settings, and then go home.

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #20 on: September 28, 2006, 04:31:59 AM »
dk70

Cracking?

Sounds a little kinky...sort of...

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #21 on: September 28, 2006, 04:48:07 AM »
Culpeper

Oh, I absolutely agree with both of your responses.  I love the logging capability of Sygate just to see what is going and coming.  It let me know I had a bunch of forgotten RSS feeds in my Firefox bookmarks, which was causing a slow Firefox start up.  Without the firewall logs I would have completely forgot about those feeds and never figured it out. 

Yes...though I am enough of a geek that with the XP Log Analyzer I got fro 2brightsparks, and some time, I can see what is where and why and how and so on... but eh.. I am also a lazy bum at times, so I like having something else do the legwork for me...but not always...

For the most part though, the average person, not security computer freaks like ourselves, the basic firewall protection I mentioned above should be sufficient for security.

The hands off nature, and automatic features, mean that unlike before, at least there is some protection... computers are sold with AV installed nowadays, mine for example, came with Norton (ahahaha, what a joke, you can bet I removed that in a hurry, and talk about a pain to uninstal...) so with luck, many simple, and even more complicated things, are avoided, if the user pays attention, and does not insist on clicking on every last thing... (attachments, urls, pop ups)

In fact, a cheap router with a hardwire fire is more than sufficient.  In my opinion.  For the most part when I set up a computer for a friend or relative that just got their stuff from Dell et al, I just add on Avast or AVG and turn on the OS firewall, tell them not to mess with the settings, and then go home.

When I do support, remtelly, I tend to recoment the: The AVG/ZoneAlarm/Ad-Aware/Spybot/Crap Cleaner/Alternate Browser&Email Program, combo, though if it is an XP computer, then I will leave the resident firewall.. it can be very hard to get beyond most peopels fear of computers, and as someone who used computers in the 1980's, I can't say I blame them... of course, once one goes away, it is up to the end user, and I find it is the Windows Updates, that are hardest to get peopel to take seriously... and of course, results vary... I remember once, I had someone who had a sober worm, and despite my entreaty to install and run Spybot, she refused... as I was far away and how could I diagnose it,and when I got her to fun MacAfee (ah, another joke) it showed up, but MAcAfee was unable to remove it, but stil she did not instal Spybot... so she called her local tech person, who brough a flash stick, and installed Spybot and Ad-Aware, and used them to clean the system...

In retrospect perhaps it was better the tech did it, but still it was an example of the intimidated attituude of most users...

When I actually have access to a system, I add all sorts of things, but I hide them away, so the user does not know about it, that way when I come to check the compters out, I dont have to use a flash stick or anything, I just open a folder and go... Rootkit Revealer, Hijack This, Pocket Kill Box, A Really Small App... mainly, and I close some ports, and so on... it is not ideal, but most people cannot or will not, pay attention to software pop ups or anything that forces them to make a decision....

dk70

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #22 on: September 28, 2006, 04:56:42 AM »
You dont want to know about cracking Rain, keep yourself pure as snow. A cd-crack for a game it ok of course but the rest is not for public consumption 8)

I would be lying if I said I knew about all outgoing traffic on this computer but I dont believe not knowing necessarily is sign of weak security/open doors. Would also be lying if I said I dont care so if I read more of logs I will have to install outgoing control, I like stats... Had almost forgot, heh.

May be start with CurrPorts Rain http://www.nirsoft.net/utils/index.html#network_utils If you jump up and down in chair start hunting for easy to use yet powerful firewall. You want to... Check that forum I linked to earlier - lots of different experiences with each one. Im out of firewall testing but experience tells me you should take it easy during testing. If not that interesting go with the one which seems to be most popular, most compatible. Even more important to research a bit if you want to pay for firewall.

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #23 on: September 28, 2006, 05:27:09 AM »
dk70

You dont want to know about cracking Rain, keep yourself pure as snow. A cd-crack for a game it ok of course but the rest is not for public consumption 8)

Ah, that would explain why I did not know, (the CD thing, not the not for public consumption thing) I don't play games... and shoudl I ever start, I have a brother who is a very bad boy, who no doubt would have what I needed to get a cd to work...

I would be lying if I said I knew about all outgoing traffic on this computer but I dont believe not knowing necessarily is sign of weak security/open doors. Would also be lying if I said I dont care so if I read more of logs I will have to install outgoing control, I like stats... Had almost forgot, heh.

Yeah, they are oddly fascinating...

Im out of firewall testing but experience tells me you should take it easy during testing. If not that interesting go with the one which seems to be most popular, most compatible. Even more important to research a bit if you want to pay for firewall.

I have paid for firewalls, I can say that paying for anti spyware, or anti virus, is worth it, but firewalls, notso much, and I have tested in various ways a few, be it on my machine, or other machines... but I prefer to research, and then try only sometimes... I am not into messing up my registry and so on, I mean I know how to clean it up, but boring... never mind little widgets of software floating about for all eternity...

I will test this Slovakian firewall, after I read about it a little more... I like the looks of what I have read, it is dead simple, partly point and click, partly rule based, I only need a firewall, I have the other security software...

Culpeper

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #24 on: September 28, 2006, 05:53:52 AM »
Oh, yeah, Cracking software.  The so-called security sites have all the cracks you need for just about any software you want.  Just download the application software, find the crack and run it and you have a registered version of the application installed.  The astalavista security site is notorious for this.  Please don't try this at home.  If you do you are not taking advice from me.  In fact, I believe Avast! includes certain cracks in their signature files.  Cracks is sharewares' and trial versions' worst enemy.  They can cost a developer a lot in lost revenues.

greenhatch

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #25 on: September 28, 2006, 12:44:16 PM »
I get by with the XP firewall just fine as my ISP (Metronet) has firewall options in place too (more ISPs should do this). I don't like Windows Defender, by the way, I prefer WinPatrol Plus to monitor my systems and programs.

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #26 on: September 28, 2006, 02:40:13 PM »
greenhatch

I get by with the XP firewall just fine as my ISP (Metronet) has firewall options in place too (more ISPs should do this). I don't like Windows Defender, by the way, I prefer WinPatrol Plus to monitor my systems and programs.

Firewall options?

And yeah, I agree, Windows Defender is not...for me...

Rain

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #27 on: September 28, 2006, 02:43:27 PM »
Culpeper

Oh, yeah, Cracking software.  The so-called security sites have all the cracks you need for just about any software you want.  Just download the application software, find the crack and run it and you have a registered version of the application installed. 

Yeah, I have heard of that, (just not as cracking) most things that interest me anyway, are freeware, and because I am a writer, I tend to want to give credit, where credit is due... I also don't play games.. so I have no regular need to buy software or anything...

The astalavista security site is notorious for this.  Please don't try this at home.  If you do you are not taking advice from me.  In fact, I believe Avast! includes certain cracks in their signature files.  Cracks is sharewares' and trial versions' worst enemy.  They can cost a developer a lot in lost revenues.

I am willing to cut corners upon occasion, but especially with security, I am not...

Still researching this: http://www.hurricane-soft.com/


Rain

  • Guest
Hurricanesoft Personal Firewall Free Edition EN 2.4
« Reply #28 on: September 29, 2006, 03:41:48 AM »
Okay, not sure if this is the right place, but I now have an oppinion to offer about: Hurricanesoft Personal Firewall Free Edition EN 2.4

http://www.download.com/Hurricanesoft-Personal-Firewall-Free-Edition-EN/3000-10435_4-10571878.html?tag=lst-0-6

http://www.hurricane-soft.com/

---

Windows 'Security Center' does not recognise it as a firewall, but that little anoying 'thing' is easy to overcome if you just tweak the settings...

It runs flawlessly alongside the XP Firewall, I always test that... (because I am weird that way)

It is SIMPLE.. I mean, DEAD SIMPLE... which is both a beautiful thing, and for a wrench head like me, a little irritating, but certainly does not detract from its beauty...

It passed the 'Leak Test' from Gibson Research, and the simple of the two Firewall tests at Audic My PC.. I did not check the more complex one, as I do not care to have my Anti Spyware software go absolutelly bananas at this time...

It took only a minute to install, added a registry key to the startup and did not require a restart, and so far I have not noticed it interfearing with avast! though each segment of avast! has to ask permission to access the internet...

It does not seem possible to add programs to it, except by running them, and then asking them to update myself, this causing the program I want added, to attempt to access the internet, and therefore ask the firewall for permission, or if the various subsystem programs and so on, are trying to access the net on the sly...such as a driver update program or whatever... the automatic stuff... it pops up with a very simple program pop up, and it is possible to examine the path of the program and even run along and research it, before saying yes or not... it also monitors connections, and tells you what connections as well...

4 out of 5 stars

the only thing that it does that bothers me, is it does not seem to switch itself off, or power down, when I restart, or turn off my computer, it just seems to hang... but it is not unreasonable to think that one could remember to exit it, before this, and certainly it does not make the computer hang, you can just switch it off if you forget it on, even after you have started the shotdown sequence...

It has almost no system footprint...
« Last Edit: September 29, 2006, 03:45:56 AM by Rain »

Culpeper

  • Guest
Re: XP's Firewall - Good? Bad? Ugly?
« Reply #29 on: September 29, 2006, 04:06:18 AM »
Does it have any logging?