Dare I Turn off the Software Firewall.

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I have two computers connected via a DSL modem and a D-Link Model DI-704UP
Router/Print Server. The Router [like most] includes a Firewall. Will I be
safe if I turn off the Norton software Firewall?

--
Gene K
5 answers Last reply
More about dare turn software firewall
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Gene K wrote:
    > I have two computers connected via a DSL modem and a D-Link Model DI-704UP
    > Router/Print Server. The Router [like most] includes a Firewall. Will I be
    > safe if I turn off the Norton software Firewall?
    >


    Well, you'll be safe from a great many exploits, but not from any
    mistakes that you, or someone else using your computer, might make.

    If you use a router with NAT, it's still a very good idea to use a
    3rd party software firewall. Like WinXP's built-in firewall,
    NAT-capable routers do nothing to protect the user from him/herself
    (or any "curious," over-confident teenagers in the home). Again --
    and I cannot emphasize this enough -- almost all spyware and many
    Trojans and worms are downloaded and installed deliberately (albeit
    unknowingly) by the user. So a software firewall, such as Sygate or
    ZoneAlarm, that can detect and warn the user of unauthorized out-going
    traffic is an important element of protecting one's privacy and
    security. (Remember: Most antivirus applications do not even scan for
    or protect you from adware/spyware, because, after all, you've
    installed them yourself, so you must want them there, right?)

    I use both a router with NAT and Sygate Personal Firewall, even
    though I generally know better than to install scumware. When it
    comes to computer security and protecting my privacy, I prefer the old
    "belt and suspenders" approach. In the professional IT community,
    this is also known as a "layered defense." Basically, it comes down
    to never, ever "putting all of your eggs in one basket."

    WinXP's built-in firewall is adequate at stopping incoming attacks,
    and hiding your ports from probes. What WinXP SP2's firewall does not
    do, is protect you from any Trojans or spyware that you (or someone
    else using your computer) might download and install inadvertently.
    It doesn't monitor out-going traffic at all, other than to check for
    IP-spoofing, much less block (or at even ask you about) the bad or the
    questionable out-going signals. It assumes that any application you
    have on your hard drive is there because you want it there, and
    therefore has your "permission" to access the Internet. Further,
    because the Windows Firewall is a "stateful" firewall, it will also
    assume that any incoming traffic that's a direct response to a
    Trojan's or spyware's out-going signal is also authorized.

    ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
    built-in firewall, and are much more easily configured, and there are
    free versions of each readily available. Even the commercially
    available Symantec's Norton Personal Firewall is superior by far,
    although it does take a heavier toll of system performance then do
    ZoneAlarm or Sygate.


    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    You can have peace. Or you can have freedom. Don't ever count on having
    both at once. - RAH
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    In article <u8xjfUYsFHA.2160@TK2MSFTNGP10.phx.gbl>, nobody@nowhere.net
    says...
    > I have two computers connected via a DSL modem and a D-Link Model DI-704UP
    > Router/Print Server. The Router [like most] includes a Firewall. Will I be
    > safe if I turn off the Norton software Firewall?

    Windows XP Sp2 firewall is not really protecting you from anything that
    the router NAT (which is not a firewall) isn't already protecting you
    from.

    In your case, you need to do the basics:

    1) Never run as Administrator except to install software or configure
    the system - always run as a User.
    2) Stop using IE, use FireFox as much as possible.
    3) Install and use AntiSpyware software often.
    4) Install and use Quality Antivirus software in a real-time mode.
    5) Never download anything from untrusted sites.
    6) Look at your routers LOGS frequently so that you can understand what
    is traversing your network on a regular basis - you can often see the
    actions of Spyware or malicious viruses in those logs.

    Both your Router and the SP2 firewall are inbound only protection, they
    don't do anything to keep applications that you use from contacting the
    Internet.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Thank you. I take your advice to retain the software Firewall.
    Gene K
    "Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
    news:%23VspObYsFHA.2936@TK2MSFTNGP10.phx.gbl...
    > Gene K wrote:
    >> I have two computers connected via a DSL modem and a D-Link Model
    >> DI-704UP Router/Print Server. The Router [like most] includes a Firewall.
    >> Will I be safe if I turn off the Norton software Firewall?
    >>
    >
    >
    > Well, you'll be safe from a great many exploits, but not from any
    > mistakes that you, or someone else using your computer, might make.
    >
    > If you use a router with NAT, it's still a very good idea to use a
    > 3rd party software firewall. Like WinXP's built-in firewall,
    > NAT-capable routers do nothing to protect the user from him/herself
    > (or any "curious," over-confident teenagers in the home). Again --
    > and I cannot emphasize this enough -- almost all spyware and many
    > Trojans and worms are downloaded and installed deliberately (albeit
    > unknowingly) by the user. So a software firewall, such as Sygate or
    > ZoneAlarm, that can detect and warn the user of unauthorized out-going
    > traffic is an important element of protecting one's privacy and
    > security. (Remember: Most antivirus applications do not even scan for
    > or protect you from adware/spyware, because, after all, you've
    > installed them yourself, so you must want them there, right?)
    >
    > I use both a router with NAT and Sygate Personal Firewall, even
    > though I generally know better than to install scumware. When it
    > comes to computer security and protecting my privacy, I prefer the old
    > "belt and suspenders" approach. In the professional IT community,
    > this is also known as a "layered defense." Basically, it comes down
    > to never, ever "putting all of your eggs in one basket."
    >
    > WinXP's built-in firewall is adequate at stopping incoming attacks,
    > and hiding your ports from probes. What WinXP SP2's firewall does not
    > do, is protect you from any Trojans or spyware that you (or someone
    > else using your computer) might download and install inadvertently.
    > It doesn't monitor out-going traffic at all, other than to check for
    > IP-spoofing, much less block (or at even ask you about) the bad or the
    > questionable out-going signals. It assumes that any application you
    > have on your hard drive is there because you want it there, and
    > therefore has your "permission" to access the Internet. Further,
    > because the Windows Firewall is a "stateful" firewall, it will also
    > assume that any incoming traffic that's a direct response to a
    > Trojan's or spyware's out-going signal is also authorized.
    >
    > ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
    > built-in firewall, and are much more easily configured, and there are
    > free versions of each readily available. Even the commercially
    > available Symantec's Norton Personal Firewall is superior by far,
    > although it does take a heavier toll of system performance then do
    > ZoneAlarm or Sygate.
    >
    >
    > --
    >
    > Bruce Chambers
    >
    > Help us help you:
    > http://dts-l.org/goodpost.htm
    > http://www.catb.org/~esr/faqs/smart-questions.html
    >
    > You can have peace. Or you can have freedom. Don't ever count on having
    > both at once. - RAH
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Thank you. I will retain the Norton Firewall.
    Gene K
    "Leythos" <void@nowhere.lan> wrote in message
    news:MPG.1d85186c26b349e6989e94@news-server.columbus.rr.com...
    > In article <u8xjfUYsFHA.2160@TK2MSFTNGP10.phx.gbl>, nobody@nowhere.net
    > says...
    >> I have two computers connected via a DSL modem and a D-Link Model
    >> DI-704UP
    >> Router/Print Server. The Router [like most] includes a Firewall. Will I
    >> be
    >> safe if I turn off the Norton software Firewall?
    >
    > Windows XP Sp2 firewall is not really protecting you from anything that
    > the router NAT (which is not a firewall) isn't already protecting you
    > from.
    >
    > In your case, you need to do the basics:
    >
    > 1) Never run as Administrator except to install software or configure
    > the system - always run as a User.
    > 2) Stop using IE, use FireFox as much as possible.
    > 3) Install and use AntiSpyware software often.
    > 4) Install and use Quality Antivirus software in a real-time mode.
    > 5) Never download anything from untrusted sites.
    > 6) Look at your routers LOGS frequently so that you can understand what
    > is traversing your network on a regular basis - you can often see the
    > actions of Spyware or malicious viruses in those logs.
    >
    > Both your Router and the SP2 firewall are inbound only protection, they
    > don't do anything to keep applications that you use from contacting the
    > Internet.
    >
    > --
    >
    > spam999free@rrohio.com
    > remove 999 in order to email me
  5. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    On Sun, 4 Sep 2005 15:16:01 -0400, "Gene K" <nobody@nowhere.net>
    wrote:

    >I have two computers connected via a DSL modem and a D-Link Model DI-704UP
    >Router/Print Server. The Router [like most] includes a Firewall. Will I be
    >safe if I turn off the Norton software Firewall?

    ONLY if your IP is a local IP, and not a public IP. And even then, I
    would not turn it off. After all, SOME protection is better than
    NONE. However, your machine is probably isolated from the Internet
    (mostly) by the hardware firewall of the Router (if it is not turned
    off.) I would DEFINITELY have a software antivirus solution
    installed, especially one which scans email BEFORE you open it, or AS
    you open it.

    Donald L McDaniel
    Please reply to the original thread.
    If you must reply via email, remove the obvious
    from my email address before sending.
    =======================================================
Ask a new question

Read More

Routers Firewalls Software Windows XP