Results 1 to 10 of 10

Thread: Which firewall?

  1. #1
    Member
    Join Date
    Mar 2004
    Posts
    191
    Thanks
    0
    Thanked
    0 times in 0 posts

    Which firewall?

    I've always used Zonealarm and it has worked perfectly for me with no issues at all.


    I've just done a new build and installed XP with SP2 this obviously comes with its own firewall.

    what are peoples experiences with this firewall is it any good,is it woth just usung that firewall or shall I inactivate it and install Zonealarm?

    cheers

    john

  2. #2
    Theoretical Element Spud1's Avatar
    Join Date
    Jul 2003
    Location
    North West
    Posts
    7,494
    Thanks
    335
    Thanked
    313 times in 249 posts
    • Spud1's system
      • Motherboard:
      • Gigabyte Aorus Master
      • CPU:
      • 9900k
      • Memory:
      • 16GB GSkill Trident Z
      • Storage:
      • Lots.
      • Graphics card(s):
      • RTX3090
      • PSU:
      • 750w
      • Case:
      • BeQuiet Dark Base Pro rev.2
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus PG35VQ
      • Internet:
      • 910/100mb Fibre
    well its not an excelllent firewall, but its better than nothing and certainly less of a system hog that zonealarm.

    Install a decent firewall such as sygate - you dont realyl want windows firewall or zonealarm

  3. #3
    HEXUS.timelord. Zak33's Avatar
    Join Date
    Jul 2003
    Location
    I'm a Jessie
    Posts
    35,157
    Thanks
    3,105
    Thanked
    3,138 times in 1,916 posts
    • Zak33's system
      • Storage:
      • Kingston HyperX SSD, Hitachi 1Tb
      • Graphics card(s):
      • Nvidia 1050
      • PSU:
      • Coolermaster 800w
      • Case:
      • Silverstone Fortress FT01
      • Operating System:
      • Win10
      • Internet:
      • Zen FTC uber speedy
    hhm......gotta be cunning here.

    Zone Alarm is NOT that horrible really. Its useable and updated a lot.

    Windows XP SP 2 Firewall is definately a good thought too. When it detected me trying to fly IL2 online for the first time, it stopped it accessing the net and popped up to warn me...so its got a use for keeping your PC behaving itself.

    I know it sounds silly, BUT if you get a router with a hardware one built in, you'll have no system resources taken , a better firewall, and be able to plug more PC's in when you want.

    Any good?

    Quote Originally Posted by Advice Trinity by Knoxville
    "The second you aren't paying attention to the tool you're using, it will take your fingers from you. It does not know sympathy." |
    "If you don't gaffer it, it will gaffer you" | "Belt and braces"

  4. #4
    Member
    Join Date
    Jul 2004
    Posts
    140
    Thanks
    0
    Thanked
    0 times in 0 posts
    For home use I dont see whats wrong with Zonealarm freebe. As long as you keep your system patched anything else is complete overkill and unnecessary.

    Do doubt the doom mongers will will preach that unless you spend £100's on security your system will grind to a halt in 30 seconds.

    As Zak says just enable NAT on a router this is good enough.

  5. #5
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    I never understood why people consider ZA a system hog, I've been a subscribed user of the Pro version for 4 years and only ever had one issue with an update that broke my online game and had to wait a week for a fix (I regressed in the short term).

    I've done tests on a system before the firewall is installed and afterwards, the difference in performance is negligible.

    *shrug*


    As for whether to stick with the basic Windows XP firewall or get a commercial personal firewall, it depends on what you want to achieve with it.
    The built-in firewall for Windows XP protects your machine from connections from the outside.
    That is it, nothing more.

    If you run a program on a machine with the Windows XP firewall active, then it will happily connect with the outside world if it wants to, but it won't be allowed to set itself up as a server by default, you would have to add it manually to the list of exceptions.

    Compare that with a full-blown personal firewall product where programs are not permitted to even make an outbound connection without explicit permission (and then you get optional features like email quarantining, cookie filtering, plugins for AV, etc. if you like).

    I consider the XP firewall a good start for security, but I like to have systems locked down further still and have granular control over what communicates with the outside world (or LAN) and when.

    I find it ironic that people complain that firewalls "get in the way too much" and turn them off, it's like leaving your house unlocked as you can't be arsed fiddling with those "key" thingies.
    So many people rate convenience over security, which is why features like "password managers" are pretty much standard in browsers (ick!).


    So it's really an issue of asking yourself what you want out of a firewall and how much time you want to spend administering it - when you get a new program or game, do you want to be prompted once that it needs/wants to connect with the Internet?


    One of the significant benefits of the XP firewall is that it can be configured in a domain group policy so that all clients get a fixed profile for protection as defined by an administrator, and it can be made so it cannot be changed by the end user while they are connected to the company LAN (even if they have admin rights).
    When not connected to the company LAN a different policy is defined which can allow the user a little more control if required.
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  6. #6
    HEXUS.timelord. Zak33's Avatar
    Join Date
    Jul 2003
    Location
    I'm a Jessie
    Posts
    35,157
    Thanks
    3,105
    Thanked
    3,138 times in 1,916 posts
    • Zak33's system
      • Storage:
      • Kingston HyperX SSD, Hitachi 1Tb
      • Graphics card(s):
      • Nvidia 1050
      • PSU:
      • Coolermaster 800w
      • Case:
      • Silverstone Fortress FT01
      • Operating System:
      • Win10
      • Internet:
      • Zen FTC uber speedy
    Quote Originally Posted by Paul Adams
    The built-in firewall for Windows XP protects your machine from connections from the outside.
    That is it, nothing more.

    If you run a program on a machine with the Windows XP firewall active, then it will happily connect with the outside world if it wants to,

    /Zak dons his fire proof overalls, and a crash helmet for extra protection


    Sorry...I know I'm not a system admin, or an IT person...and I KNOW I need more help than most...

    but....

    Service Pack 2 Firewall is much better than that....much.

    It DOES tell you when stuff tries to get "out" (except Microsoft stuff) cos it's done in on both my PC's when Il2 games have joined online.

    Sorry....dont like to argue....dont mean it badly or offensively...cos Paul Adams is normally bang on the bulet with his advice..but XP SP2 firewall is a bit better than the first version.

    /hides

    Quote Originally Posted by Advice Trinity by Knoxville
    "The second you aren't paying attention to the tool you're using, it will take your fingers from you. It does not know sympathy." |
    "If you don't gaffer it, it will gaffer you" | "Belt and braces"

  7. #7
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Okay, time to admit I've not played with XP SP2 firewall a great deal
    It's enabled by our IT guys at work via group policy and I've read up on the deployment of firewall profiles via GPO.

    I was under the impression that the notifications option was for when programs tried to add exceptions to the firewall policy, which is for inbound connections... even with it enabled I've not received a prompt that things like Firefox or SpywareBlaster updates were making connections to the Internet.

    Could it be that IL2 attempts to open ports for listening so it can be a potential host for games, which is why you get a prompt from it?

    Far Cry, Half Life 2, Doom 3 all make ZA Pro say "this program is trying to be a server" and require me to allow or block it appropriately, for example.
    Last edited by Paul Adams; 04-12-2004 at 04:35 PM.
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  8. #8
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    http://www.microsoft.com/windowsxp/s...view.mspx#ECAA
    (My emphasis)
    Windows Firewall exceptions list

    You might see a security alert when you run a program that requires connection and two-way communication through a network or the Internet. For example, many multi-player Internet games use ports blocked by default in Windows Firewall. These are often the same ports used by hackers and worms to gain entry to your computer.

    To open a port for a game, you can add it to the Windows Firewall exceptions list. The port will open only when the game is being played and then close when the game is shut down.

    By blocking these open ports at times other than when you are actively using them for a game or program, your computer can maintain a higher degree of safety from malicious attack.
    The XP firewall is only for blocking unsolicited connections to the client and for preventing programs setting themselves up as servers without your knowledge and consent.

    Exceptions to the firewall policy are created on a program basis (only active while the specified program is running, allows it to act as a server on any port) or on a port basis (permanent port opening which is not associated with any particular app).

    Online games pretty much have to set themselves up as servers as the commiunication is usually UDP - the server streams you data as it needs to, and doesn't require that it is acknowledged (as opposed to TCP).
    Thins like web browsers or programs doing online checks for updates are not trying to act as a server so they are not blocked.
    Last edited by Paul Adams; 04-12-2004 at 04:40 PM.
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  9. #9
    Member
    Join Date
    Mar 2004
    Posts
    191
    Thanks
    0
    Thanked
    0 times in 0 posts
    Thanks for all your responses,

    As I said unlike some people Zonealarm has served me well for the last 4 years of my PC life with no problems.

    I guess it would cause conflicts to have both running and from the above it does seem that ZOnealarm or one of the other free firewalls is slightly more functional than the built in XP one.

    So I think I will stick with zonealarm.

    thanks for all your input it was really useful.

    cheers

    john

  10. #10
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    No problem John - installing ZA Pro will automatically disable the XP SP2 firewall anyway by default, it's not so much a "conflict" as another thing to configure.

    If you wanted a program to act as a server, such as an online game, then you'd have to allow it in ZA Pro and in the Windows Firewall, then there's the fact that it would be processing all network traffic through both layers, so a little overkill.

    One thing I do in ZA is to disable all the "extra" functionality such as privacy controls, email protection and AV plugins - AVG 7.0 automatically has its own plugin for email anyway, and I prefer separate tools for jobs like spyware detection and cookie control.
    Maybe this is where people have issues with firewalls - not the firewall feature itself, but the bundled features...

    (To control if ZA disables the Windows Firewall or not, the setting is under Firewall, on the Main tab, click the Advanced button and look under General Settings.)
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. anti virus with firewall included
    By ajbrun in forum Software
    Replies: 3
    Last Post: 31-10-2004, 03:23 PM
  2. A reason NOT to have a software firewall
    By Steve in forum Software
    Replies: 5
    Last Post: 22-03-2004, 01:55 PM
  3. norton firewall problem, big problem!!
    By silent in forum Software
    Replies: 6
    Last Post: 19-01-2004, 10:02 AM
  4. Firewall for win2k3 server?
    By leon in forum Software
    Replies: 3
    Last Post: 16-12-2003, 12:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •