Archived from groups: comp.security.firewalls (
More info?)
"Ed." <tinman_x@hotmail.com> wrote in news:4096f210$1@quokka.wn.com.au:
> Hello,
> I'm sure this is a simple question for those in the know. I have 2
> machines, one with a broadband modem, the other sharing it's
> connection to the net using windows internet connection sharing. They
> are also on a workgroup for networking purposes. Both machines are
> windows xp. My question is this. Do I need a firewall on both
> machines, or only the one connected to the net, and which firewall
> would people recommend?
>
> Thanks!
> - Ed.
>
>
Unless you have some reason not to use a NAT router as the gateway device,
you should look into getting a NAT router. They come cheap now of days.
http://www.homenethelp.com/web/explain/about-NAT.asp
If you need to be stopping outbound on the machine, then you can use IPsec
that's on the O/S. It can stop inbound or outbound by port, protocol, IP,
etc to supplemnt the router.
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm
I use to be all gun-ho about Application Control, which most people
associate with some kind of outbound protection and I did as well. But now
my views are changing on this. Although I still kind of respect it, I think
99% of the time Application Control is useless.
I think it gets in the way and leads to a user making wrong decision in
stopping things they should not be stopping and missing things they should
be catching, because one uses Application Control in these PFW solutions as
a crutch and don't really investigate what's happening on the machine and
the network by reviewing logs for inbound and outbound.
Where in this link does it talk about Application Control and the rest of
the junk that's in these PFW solutions?
http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html
If you feel the need for Application Control, the XP FW for SP2 will have
it.
What I really recommend is that you go to the XP O/S and secure it.
http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_R
ootkit_Tools_in_a_Windows_Environment.html
http://www.uksecurityonline.com/index5.php
Duane