Firewall question.

Archived from groups: comp.security.firewalls (More info?)

Hello,
I have a question for you all please.

I have been running the XP firewall, but now have a firewall made by
Sygate. Do I need to turn off the one in XP, or is it OK to run them both
for the added protection?
I have heard both, but I thought that a few of you guy who seem to really
know your stuff in here might be able to give me the correct answer.

Thanks,
Bob
2 answers Last reply
More about firewall question
  1. Archived from groups: comp.security.firewalls (More info?)

    "Bob" <ace-62@earthlinkNOSPAM.net> wrote in news:CA%kc.1527$a47.1023
    @newsread3.news.atl.earthlink.net:

    > Hello,
    > I have a question for you all please.
    >
    > I have been running the XP firewall, but now have a firewall made by
    > Sygate. Do I need to turn off the one in XP, or is it OK to run them
    both
    > for the added protection?
    > I have heard both, but I thought that a few of you guy who seem to
    really
    > know your stuff in here might be able to give me the correct answer.
    >
    > Thanks,
    > Bob
    >
    >
    >

    If you want to run two, then run one that has many of the FW like
    features and does more than the XP ICF that's on the O/S. Malware can
    take down any third party host based FW easily, but it's hard to take
    down IPsec, since it's integrated with the O/S.

    In addition to this, XP's FW upon the release of SP 2 will have
    application control that will bring XP's FW on par with third party host
    based FW(s).

    Currently, IPsec will get to the TCP/IP connection first at boot and XP's
    SP 2 FW will also get to the TCP/IP connection at boot.

    At boot is a vulnerable situation for a machine with a third party FW
    solution installed, since malware will beat any of them to the TCP/IP
    connection and be done by the time any of them can get there and stop it.

    http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
    http://www.analogx.com/contents/articles/ipsec.htm

    All you have to do is implement the AnalogX Secpol file and you're
    covered. The POP3, HTTP etc, etc for the *client* are already configured.

    You may want to look at *Protecting against Denial of Service Attacks*
    being discussed in the link.

    http://www.uksecurityonline.com/husdg/windowsxp.php

    On the other hand, you may want to get a cheap NAT router and use Sygate
    and IPsec behind it to supplement, like I do with the NAT router BlackIce
    and IPsec on all machines.

    A cheap NAT router cost as much as you have paid for Sygate, if not the
    free one, because a NAT router stops everything in front of the machine
    and the O/S and the FW will not react -- the true *stealth* part in a *I
    am stealth* statement. :)

    http://www.homenethelp.com/web/explain/about-NAT.asp

    Duane :)
  2. Archived from groups: comp.security.firewalls (More info?)

    "Bob" <ace-62@earthlinkNOSPAM.net> wrote in news:CA%kc.1527$a47.1023
    @newsread3.news.atl.earthlink.net:

    > Hello,
    > I have a question for you all please.
    >
    > I have been running the XP firewall, but now have a firewall made by
    > Sygate. Do I need to turn off the one in XP, or is it OK to run them
    both
    > for the added protection?
    > I have heard both, but I thought that a few of you guy who seem to
    really
    > know your stuff in here might be able to give me the correct answer.

    My 2 cents:

    While some software firewalls (such as Norton) are stated by the company
    as being able to run concurrently with the WinXP firewall, I've seen
    somewhere (I think the Sygate site or the documentation), that Sygate is
    not to be run with another software firewall.

    Although I ran both Norton and the XP firewall concurrently for a long
    time (until I got my router) and had no apparent problem from doing so, I
    don't know if it really serves a useful purpose - the only one I can
    think of is if the main firewall (the non-XP) somehow becomes
    deactivated, there is still hopefully incoming protection.

    --
    Tom McCune
    My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Ask a new question

Read More

Firewalls Security Windows XP Networking