XP SP2 Firewall or ZA Free?

Archived from groups: comp.security.firewalls (More info?)

I have been using ZA Free and just downloaded the SP2 for XP.
Should I use both? Just one?
Help greatly appreciated.

Thanks,

Jack Barrett
My Web Site: http://windsurf_2.tripod.com
RSG Roll Call: http://rec-sport-golf.com?rc=jack
4 answers Last reply
More about firewall free
  1. Archived from groups: comp.security.firewalls (More info?)

    Jack Barrett said in news:EBhCc.7$Ev6.2@news01.roc.ny:
    > I have been using ZA Free and just downloaded the SP2 for XP.
    > Should I use both? Just one?
    > Help greatly appreciated.
    >
    > Thanks,
    >
    > Jack Barrett
    > My Web Site: http://windsurf_2.tripod.com
    > RSG Roll Call: http://rec-sport-golf.com?rc=jack

    Since SP2 is still just a release *candidate* (i.e., beta), do you want
    to trust a beta product to protect your system?

    From what I see at
    http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx,
    it appears the "Windows Firewall" (which used to be called ICF) will
    include outbound blocking (ICF did not).

    I've only seen ZA Free on other user's systems but am not familiar with
    configuring or using it. It is possible it has additional features not
    available in the Windows Firewall (in SP2). I currently use Norton's
    Internet Security (NIS) which integrates their Norton AntiVirus and it
    has intrusion detection (algorithms to detect the methods used for
    hacking in) that the Windows Firewall doesn't have. NIS also lets you
    define what you block to specific web sites. While Referrer gets
    blocked globally, you can permit it on a site basis where it is needed
    (i.e., the site requires Referrer because they only let you navigate to
    their other pages from their own web pages and won't permit outside
    links into those buried web pages). Windows Firewall doesn't have that.
    NIS includes ad blocking. Not Windows Firewall. You can use the
    Parental Control feature (but it consumes LOTS of memory, like 115MB on
    my system, to load the entire site category lookup table) to regulate
    what type of sites you or your kids can visit. I used it to provide URL
    filtering (where I can use wildcards or just the domains rather than
    having to use a fully qualified domain name as is required in the
    'hosts' file) but eventually wanted my memory back so I reinstalled
    without the Parental Control feature.

    I paid for NIS. ZA Free is free but I don't know what is its feature
    set. I suspect ZA Free still has features not present in SP2's Windows
    Firewall. You can use the link above to compare Windows Firewall
    against the ZA Free that you are using now.

    --
    ____________________________________________________________
    *** Post replies to newsgroup. Share with others.
    *** Email domain = ".com" *AND* append "=NEWS=" to Subject.
    ____________________________________________________________
  2. Archived from groups: comp.security.firewalls (More info?)

    Vanguard wrote:

    > Jack Barrett wrote:
    >> I have been using ZA Free and just downloaded the SP2 for XP.
    >> Should I use both? Just one?
    >
    > Since SP2 is still just a release *candidate* (i.e., beta), do you
    > want to trust a beta product to protect your system?
    >
    > From what I see at
    >
    http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx,
    > it appears the "Windows Firewall" (which used to be called ICF) will
    > include outbound blocking (ICF did not).

    The Windows Firewall debuting with SP-2 does not include outbound
    blocking. What you are seeing in that article is the ability to control
    which applications are allowed to receive unsolicited inbound
    connections.
  3. Archived from groups: comp.security.firewalls (More info?)

    · said in news:dpjCc.246327$hY.236491@twister.nyroc.rr.com:
    >
    > The Windows Firewall debuting with SP-2 does not include outbound
    > blocking. What you are seeing in that article is the ability to
    > control which applications are allowed to receive unsolicited inbound
    > connections.

    You sure? In AV products that I've seen, an application rules list
    means you are defining what port and protocol an application can use to
    punch *out* from your network. Articles like
    http://www.eweek.com/article2/0,1759,1416130,00.asp which state:

    "There will be a new ICF Permissions List to which an administrator may
    add a trusted application. When an application on this list needs to
    open a port, ICF will open it automatically."

    This means the *application* wants to open a port, not that some
    unsolicited outside traffic is trying to connect specifically to that
    particular application but only through, if it was running. The
    application punches out a port to allow traffic in on that port. You
    are allowing the application a port through which it can send outbound
    communication (with the possibility that inbound traffic could also use
    that port if the application responds to it). Most firewalls allow you
    to specify the direction of the traffic, whether outbound or inbound or
    both, but I didn't see anything in SP2's Windows Firewall that lets you
    specify the direction. It just seemed more likely that you were adding
    applications to a rules list to let them establish outbound traffic (so
    they are usable).

    If SP2's Windows Firewall is not monitoring (and blocking non-excepted)
    outbound traffic then I don't see the purpose of having an applications
    permission list. Why define an outbound exception list for some
    applications when ALL of them can making any outbound connection they
    want? An inbound exception list doesn't make sense except for server
    programs, like a web server. Since the linked article shows an
    anti-virus program in the exception list (which makes *outbound*
    connections for updates rather than letting the vendor in anytime they
    want) and MSCOM Toolbox (obviously something that needs an *outbound*
    connection and nothing an outsider would be trying to connect to) then
    it sure looks like this applications permission list is the same as an
    applications rules list (which is for OUTBOUND connections).

    But since SP2 isn't released yet, I won't know for sure until it does
    get released and I can check it out. However, in reading review and
    news articles about SP2 Windows Firewall, I sure get the impression that
    it will have outbound checking. The scary part is the opening a port
    for an application in SP2 Windows Firewall seems to allow both inbound
    and outbound traffic. You might want the application to only have
    outbound traffic and block any *unsolicited* inbound traffic on the same
    port (i.e., not initiated by the outbound traffic on that port).

    --
    ____________________________________________________________
    *** Post replies to newsgroup. Share with others.
    *** Email domain = ".com" *AND* append "=NEWS=" to Subject.
    ____________________________________________________________
  4. Archived from groups: comp.security.firewalls (More info?)

    *Vanguard* wrote:

    > · said in news:dpjCc.246327$hY.236491@twister.nyroc.rr.com:
    >>
    >> The Windows Firewall debuting with SP-2 does not include outbound
    >> blocking. What you are seeing in that article is the ability to
    >> control which applications are allowed to receive unsolicited inbound
    >> connections.
    >
    > You sure? In AV products that I've seen, an application rules list
    > means you are defining what port and protocol an application can use
    > to punch *out* from your network. Articles like
    > http://www.eweek.com/article2/0,1759,1416130,00.asp which state:
    >
    > If SP2's Windows Firewall is not monitoring (and blocking
    > non-excepted) outbound traffic then I don't see the purpose of having
    > an applications permission list. Why define an outbound exception
    > list for some applications when ALL of them can making any outbound
    > connection they want? An inbound exception list doesn't make sense
    > except for server programs, like a web server.

    I'm sure of what I read. The exception lists there are for server
    applications, not for programs making outbound connections. Just read
    the text in the screen shot of the dialog with the Exceptions tab
    selected: "Windows Firewall is blocking incoming network connections,
    except for the programs and services selected below." That says it all.

    But you're right, SP-2 isn't final yet. Microsoft probably has teams of
    lawyers discussing what the chances are they can get away with screwing
    over yet another market niche--this time the personal firewall market.

    I wish they would implement outbound protection, and your initial post
    got my hopes up. I've had it up to my ass with lousy third-party
    software firewalls, and I'd welcome the chance to rid myself of hours
    spent endlessly fiddling with damnable, problematic Fisher-Price
    firewall controls.
Ask a new question

Read More

Firewalls Security Windows XP Networking