XP Service Pack 2 Firewall?
Last response: in Networking
Archived from groups: comp.security.firewalls (More info?)
I just installed Windows XP Service Pack 2 (RC1). Anyone have any
opinions on the "new" firewall that comes with it?
I just installed Windows XP Service Pack 2 (RC1). Anyone have any
opinions on the "new" firewall that comes with it?
More about : service pack firewall
Archived from groups: comp.security.firewalls (More info?)
In article <netg70l5v0dutnovbmnvuk9evufsccr166@4ax.com>, nomail@rr.com
says...
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
Sure, same opinion that's saved many IT managers in the past:
1) Never install updates unless they provide a direct fix for a problem
you currently have. Just because there are updates does not mean you
need to blindly install them.
2) Never trust a new patch (especially a new service pack) until it's
been on the street for at least a month, unless (see #1 above).
3) Never trust integrated programs to do what stand-alone programs do
better - this is only addressing the apps that come with an OS. What I
mean by this is that you should not trust the firewall feature if it's
built into the OS unless you've tested it and it's passed every instance
of attack/hack.
4) The less things your run on a computer the more stable is should be.
If you don't have a reason to run the XP firewall, don't. I would limit
it's use to laptops and installations where the user has no
alternatives.
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
In article <netg70l5v0dutnovbmnvuk9evufsccr166@4ax.com>, nomail@rr.com
says...
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
Sure, same opinion that's saved many IT managers in the past:
1) Never install updates unless they provide a direct fix for a problem
you currently have. Just because there are updates does not mean you
need to blindly install them.
2) Never trust a new patch (especially a new service pack) until it's
been on the street for at least a month, unless (see #1 above).
3) Never trust integrated programs to do what stand-alone programs do
better - this is only addressing the apps that come with an OS. What I
mean by this is that you should not trust the firewall feature if it's
built into the OS unless you've tested it and it's passed every instance
of attack/hack.
4) The less things your run on a computer the more stable is should be.
If you don't have a reason to run the XP firewall, don't. I would limit
it's use to laptops and installations where the user has no
alternatives.
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
Archived from groups: comp.security.firewalls (More info?)
Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
4ax.com:
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
My understanding from computer magazines is that it does NOT include
control over outgoing application connections. It would be good to hear if
this is your experience.
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
4ax.com:
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
My understanding from computer magazines is that it does NOT include
control over outgoing application connections. It would be good to hear if
this is your experience.
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Archived from groups: comp.security.firewalls (More info?)
Much improved inbound protection over the previous firewall, but of little
use if you are behind a hardware device as there is no outbound protection
(but again the same could be said for a majority of software firewalls).
The service pack security components are a very good thing for the casual
computer user who doesn't know from security, but is of little value for the
average nerd.
"Lou" <nomail@rr.com> wrote in message
news:netg70l5v0dutnovbmnvuk9evufsccr166@4ax.com...
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
Much improved inbound protection over the previous firewall, but of little
use if you are behind a hardware device as there is no outbound protection
(but again the same could be said for a majority of software firewalls).
The service pack security components are a very good thing for the casual
computer user who doesn't know from security, but is of little value for the
average nerd.
"Lou" <nomail@rr.com> wrote in message
news:netg70l5v0dutnovbmnvuk9evufsccr166@4ax.com...
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
Related ressources
- XP Service Pack 2 Firewall Question - Forum
- XP service pack 2 .. Firewall - Forum
- Service Pack 2 and Firewall - Forum
- MN 700 And Windows XP Service Pack 2 Firewall - Forum
- Question About Service Pack 2 update for XP - Forum
Archived from groups: comp.security.firewalls (More info?)
On Sat, 10 Apr 2004 23:25:44 GMT, Tom McCune
<news@DELETE_THISmccune.cc> wrote:
>Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
>4ax.com:
>
>> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
>> opinions on the "new" firewall that comes with it?
>
>My understanding from computer magazines is that it does NOT include
>control over outgoing application connections. It would be good to hear if
>this is your experience.
I've only had it installed for a day, but it does have some control
over outbound connections, at least some of them. It hasn't tried to
stop any of my normal internet programs (browsers, email, etc.), but
it asked me if I wanted to let a program called "Echolink" access the
net, which I did.
On Sat, 10 Apr 2004 23:25:44 GMT, Tom McCune
<news@DELETE_THISmccune.cc> wrote:
>Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
>4ax.com:
>
>> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
>> opinions on the "new" firewall that comes with it?
>
>My understanding from computer magazines is that it does NOT include
>control over outgoing application connections. It would be good to hear if
>this is your experience.
I've only had it installed for a day, but it does have some control
over outbound connections, at least some of them. It hasn't tried to
stop any of my normal internet programs (browsers, email, etc.), but
it asked me if I wanted to let a program called "Echolink" access the
net, which I did.
Archived from groups: comp.security.firewalls (More info?)
"Lou" <nomail@rr.com> wrote in message
news:a7hh70drns8srmddvhkncmh6mr2i246f0b@4ax.com...
> On Sat, 10 Apr 2004 23:25:44 GMT, Tom McCune
> <news@DELETE_THISmccune.cc> wrote:
>
> >Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
> >4ax.com:
> >
> >> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> >> opinions on the "new" firewall that comes with it?
> >
> >My understanding from computer magazines is that it does NOT include
> >control over outgoing application connections. It would be good to hear
if
> >this is your experience.
>
> I've only had it installed for a day, but it does have some control
> over outbound connections, at least some of them. It hasn't tried to
> stop any of my normal internet programs (browsers, email, etc.), but
> it asked me if I wanted to let a program called "Echolink" access the
> net, which I did.
It's on the O/S too and can be used to supplement XP's FW as it will stop
outbound or inbound on the ports.
http://www.petri.co.il/block_ping_traffic_with_ipsec.ht...
http://www.analogx.com/contents/articles/ipsec.htm
Duane![:)]( ":)")
"Lou" <nomail@rr.com> wrote in message
news:a7hh70drns8srmddvhkncmh6mr2i246f0b@4ax.com...
> On Sat, 10 Apr 2004 23:25:44 GMT, Tom McCune
> <news@DELETE_THISmccune.cc> wrote:
>
> >Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
> >4ax.com:
> >
> >> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> >> opinions on the "new" firewall that comes with it?
> >
> >My understanding from computer magazines is that it does NOT include
> >control over outgoing application connections. It would be good to hear
if
> >this is your experience.
>
> I've only had it installed for a day, but it does have some control
> over outbound connections, at least some of them. It hasn't tried to
> stop any of my normal internet programs (browsers, email, etc.), but
> it asked me if I wanted to let a program called "Echolink" access the
> net, which I did.
It's on the O/S too and can be used to supplement XP's FW as it will stop
outbound or inbound on the ports.
http://www.petri.co.il/block_ping_traffic_with_ipsec.ht...
http://www.analogx.com/contents/articles/ipsec.htm
Duane
Archived from groups: comp.security.firewalls (More info?)
Lou <nomail@rr.com> wrote in
news:a7hh70drns8srmddvhkncmh6mr2i246f0b@4ax.com:
>>My understanding from computer magazines is that it does NOT include
>>control over outgoing application connections. It would be good to
>>hear if this is your experience.
>
> I've only had it installed for a day, but it does have some control
> over outbound connections, at least some of them. It hasn't tried to
> stop any of my normal internet programs (browsers, email, etc.), but
> it asked me if I wanted to let a program called "Echolink" access the
> net, which I did.
Thank you.
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Lou <nomail@rr.com> wrote in
news:a7hh70drns8srmddvhkncmh6mr2i246f0b@4ax.com:
>>My understanding from computer magazines is that it does NOT include
>>control over outgoing application connections. It would be good to
>>hear if this is your experience.
>
> I've only had it installed for a day, but it does have some control
> over outbound connections, at least some of them. It hasn't tried to
> stop any of my normal internet programs (browsers, email, etc.), but
> it asked me if I wanted to let a program called "Echolink" access the
> net, which I did.
Thank you.
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Archived from groups: comp.security.firewalls (More info?)
Tom McCune wrote:
> Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
> 4ax.com:
>
>
>>I just installed Windows XP Service Pack 2 (RC1). Anyone have any
>>opinions on the "new" firewall that comes with it?
>
>
> My understanding from computer magazines is that it does NOT include
> control over outgoing application connections. It would be good to hear if
> this is your experience.
>
Being able to limit access to specific ports and protocols ought to be
good enough for users who aren't "at risk".
Tom McCune wrote:
> Lou <nomail@rr.com> wrote in news:netg70l5v0dutnovbmnvuk9evufsccr166@
> 4ax.com:
>
>
>>I just installed Windows XP Service Pack 2 (RC1). Anyone have any
>>opinions on the "new" firewall that comes with it?
>
>
> My understanding from computer magazines is that it does NOT include
> control over outgoing application connections. It would be good to hear if
> this is your experience.
>
Being able to limit access to specific ports and protocols ought to be
good enough for users who aren't "at risk".
Archived from groups: comp.security.firewalls (More info?)
optikl <optikl@invalid.net> wrote in
news:Jsbec.115955$w54.829884@attbi_s01:
>> My understanding from computer magazines is that it does NOT include
>> control over outgoing application connections. It would be good to
>> hear if this is your experience.
>>
> Being able to limit access to specific ports and protocols ought to be
> good enough for users who aren't "at risk".
Is the ability to do this realistically within the ability of the average
computer user?
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
optikl <optikl@invalid.net> wrote in
news:Jsbec.115955$w54.829884@attbi_s01:
>> My understanding from computer magazines is that it does NOT include
>> control over outgoing application connections. It would be good to
>> hear if this is your experience.
>>
> Being able to limit access to specific ports and protocols ought to be
> good enough for users who aren't "at risk".
Is the ability to do this realistically within the ability of the average
computer user?
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Archived from groups: comp.security.firewalls (More info?)
Tom McCune wrote:
> optikl <optikl@invalid.net> wrote in
> news:Jsbec.115955$w54.829884@attbi_s01:
>
>
>>>My understanding from computer magazines is that it does NOT include
>>>control over outgoing application connections. It would be good to
>>>hear if this is your experience.
>>>
>>
>>Being able to limit access to specific ports and protocols ought to be
>>good enough for users who aren't "at risk".
>
>
> Is the ability to do this realistically within the ability of the average
> computer user?
>
Tom, I don't know. I think you may be right. I do know that a lot is
made of a firewalls ability to block or permit access to the internet
for specific applications and drivers. I'm not certain that "total
outbound control" buys anyone but the most "high risk" computer users
anything at all. And if one can't be trusted to keep malware off his/her
system, "total outbound control" is of use only in that it might contain
the problem.
Tom McCune wrote:
> optikl <optikl@invalid.net> wrote in
> news:Jsbec.115955$w54.829884@attbi_s01:
>
>
>>>My understanding from computer magazines is that it does NOT include
>>>control over outgoing application connections. It would be good to
>>>hear if this is your experience.
>>>
>>
>>Being able to limit access to specific ports and protocols ought to be
>>good enough for users who aren't "at risk".
>
>
> Is the ability to do this realistically within the ability of the average
> computer user?
>
Tom, I don't know. I think you may be right. I do know that a lot is
made of a firewalls ability to block or permit access to the internet
for specific applications and drivers. I'm not certain that "total
outbound control" buys anyone but the most "high risk" computer users
anything at all. And if one can't be trusted to keep malware off his/her
system, "total outbound control" is of use only in that it might contain
the problem.
Archived from groups: comp.security.firewalls (More info?)
optikl <optikl@invalid.net> wrote in news:mudec.14538$rg5.38300@attbi_s52:
> Tom, I don't know. I think you may be right. I do know that a lot is
> made of a firewalls ability to block or permit access to the internet
> for specific applications and drivers. I'm not certain that "total
> outbound control" buys anyone but the most "high risk" computer users
> anything at all. And if one can't be trusted to keep malware off his/her
> system, "total outbound control" is of use only in that it might contain
> the problem.
I would largely agree. I personally have maybe only once really caught
something with the outbound firewall application control - spyware on a
Verizon CD - the company never responded to my question as to why they had
it there. But the average user is much more likely to install software
that contains spyware, or to open a file attachment with a worm.
Unfortunately, the average user is also unlikely to know what to deny
Internet access to. At least in my home, my wife (and probably my
daughters, when visiting) would call me in and ask what to do.
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
optikl <optikl@invalid.net> wrote in news:mudec.14538$rg5.38300@attbi_s52:
> Tom, I don't know. I think you may be right. I do know that a lot is
> made of a firewalls ability to block or permit access to the internet
> for specific applications and drivers. I'm not certain that "total
> outbound control" buys anyone but the most "high risk" computer users
> anything at all. And if one can't be trusted to keep malware off his/her
> system, "total outbound control" is of use only in that it might contain
> the problem.
I would largely agree. I personally have maybe only once really caught
something with the outbound firewall application control - spyware on a
Verizon CD - the company never responded to my question as to why they had
it there. But the average user is much more likely to install software
that contains spyware, or to open a file attachment with a worm.
Unfortunately, the average user is also unlikely to know what to deny
Internet access to. At least in my home, my wife (and probably my
daughters, when visiting) would call me in and ask what to do.
--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Archived from groups: comp.security.firewalls (More info?)
Lou wrote:
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
My opinion: WinXP ICF is usually good enough for the average home user.
However, if someone wants real security, they can further harden their OS.
--
This sentence contradicts itself -- no actually it doesn't.
-- Hofstadter
Lou wrote:
> I just installed Windows XP Service Pack 2 (RC1). Anyone have any
> opinions on the "new" firewall that comes with it?
My opinion: WinXP ICF is usually good enough for the average home user.
However, if someone wants real security, they can further harden their OS.
--
This sentence contradicts itself -- no actually it doesn't.
-- Hofstadter
Related ressources:
- ForumUninstall Service Pack 2 window XP Dell Latitude
- ForumUninstall Service Pack 2 Windows XP Dell Latitude
- Forumwindow xp pro with service pack 2
- ForumSkype and Windows XP Service Pack 2
- ForumWindows XP Service Pack 2
- Forumxp is fine - why should I install service pack 2 ?
- Forum30 seconds to print after loading Windows XP Service Pack 2
- ForumXP service pack 2
- ForumZone friends & XP service pack 2
- ForumXP Service Pack 2 Deployment - Unique Problem
- ForumMN 500 & Windows XP service pack 2
- ForumXP2 Service pack install
- ForumTungsten E and XP Service Pack 2
- ForumXP Service pack 2
- ForumPulling DHCP from Cable Modem instead of wireless router
- More resources
Read discussions in other Networking categories
!
