Archived from groups: microsoft.public.windowsxp.basics (
More info?)
Bruce Chambers wrote:
> William B. Lurie wrote:
>
>> I see some flak about what the XP Firewall does and doesn't do.
>> How about a reference from our MVPs as to what it is supposed
>> to do, and what evidence it gives that it is actually doing
>> anything? I've had mine "on" for a couple of months, and it
>> gives no evidence that it is doing anything. Maybe that's
>> really good! A program that just does its thing and doesn't
>> brag about it.
>
>
>
> WinXP's built-in firewall is adequate at stopping incoming attacks,
> and hiding your ports from probes. What WinXP SP2's firewall does not
> do, is give you any kind of alerts or other indication that it's working
> or has blocked any attempted intrusions. It also does not protect you
> from any Trojans or spyware that you (or someone else using your
> computer) might download and install inadvertently. It doesn't monitor
> out-going traffic at all, other than to check for IP-spoofing, much less
> block (or at even ask you about) the bad or the questionable out-going
> signals. It assumes that any application you have on your hard drive is
> there because you want it there, and therefore has your "permission" to
> access the Internet. Further, because the Windows Firewall is a
> "stateful" firewall, it will also assume that any incoming traffic
> that's a direct response to a Trojan's or spyware's out-going signal is
> also authorized.
>
> Description of a Personal Firewall
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;321050
>
> ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
> built-in firewall, and are much more easily configured, and there are
> free versions of each readily available. Even the commercially
> available Symantec's Norton Personal Firewall is superior by far,
> although it does take a heavier toll of system performance then do
> ZoneAlarm or Sygate.
>
>
Thank you, Bruce. I appreciate the informative response.
Bill