Sign in with
Sign up | Sign in
Your question

NIS or XP firewall

Last response: in Windows XP
Share
Anonymous
August 11, 2005 1:37:09 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

Should I use Norton's IS firewall or XP's firewall?

Tks! R.

More about : nis firewall

Anonymous
August 11, 2005 1:37:10 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

"R." wrote:
>
> Should I use Norton's IS firewall or XP's firewall?

Norton's products (since they went the way of Symantec) have
proven, many times, to be a huge system resource drain.

Unless there's a gun to your head, I'd suggest using one of
the many other firewalls available.

Notan
Anonymous
August 11, 2005 1:37:10 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

"R." <no@spam.pls> wrote:

>Should I use Norton's IS firewall or XP's firewall?
>
>Tks! R.
>

Use the Windows firewall if you are satisfied that the limited
capabilities (does not block traffic originating from your computer)
are adequate for you.

If not then look into any of the other firewall products available
*except* for Norton. I see far too many problems with computers
running Norton products and my opinion regarding them is that their
"cure" is worse than the disease.

Good luck

Ron Martell Duncan B.C. Canada
--
Microsoft MVP
On-Line Help Computer Service
http://onlinehelp.bc.ca

In memory of a dear friend Alex Nichol MVP
http://aumha.org/alex.htm
Related resources
Anonymous
August 11, 2005 3:36:23 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

It depends. For most situations the XP Windows Firewall is all that is
needed and is easy to configure. If you need to manage outbound access and
have application based firewall rules then a more advanced [and more
complicated] firewall is in order. They can be particularly helpful if you
have users on a computer that you want to be able to restrict their access
to the internet by application/port/protocol/IP. For ANY user that has a
broadband internet connection I also recommend that you have a firewall
device even if it is just a cheap NAT/PAT router. It is too easy for any
host/software firewall to become disabled [sometimes via malware or software
conflict] or misconfigured. --- Steve



"R." <no@spam.pls> wrote in message
news:9%EKe.166860$Uu1.9387077@phobos.telenet-ops.be...
> Should I use Norton's IS firewall or XP's firewall?
>
> Tks! R.
>
>
Anonymous
August 11, 2005 5:20:14 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

Get Free AVG and Windows Fireawall (WF) - AVG will disable WF while AVG is
on; if AVG is disabled somehow, WF will take over. Ad MS AntiSpyware for
extra protection.
Also, download MS Port Reporter (service) and MS Port Reporter Parser (to
read the PR logs); let PR run automatically XP start up - most malware will
transmit data at this point if there's a connection. Just parse the PR log
files for info on opened ports, programs accessing the network etc. You can
stop the PR service when you don't need it. All these programs are small,
easy to use, easy to uninstall, and free. A firewalled router will help
considerably as well. As a rule of thumb, you must run a bunch of small
utilities (AdAware, SpyBot, updated hostfile, for ex) to complement the
firewall.

Michael



"R." <no@spam.pls> wrote in message
news:9%EKe.166860$Uu1.9387077@phobos.telenet-ops.be...
> Should I use Norton's IS firewall or XP's firewall?
>
> Tks! R.
>
>
Anonymous
August 11, 2005 9:47:03 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

"R." <no@spam.pls> wrote in message
news:9%EKe.166860$Uu1.9387077@phobos.telenet-ops.be...
> Should I use Norton's IS firewall or XP's firewall?
>
> Tks! R.
>
>

Need simple one, go XP, need advanced features, go Norton IS.

--
Borak
http://provisioning.blogspot.com
Anonymous
August 11, 2005 11:19:03 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

R. wrote:
> Should I use Norton's IS firewall or XP's firewall?
>
> Tks! R.
>
>


If those are the only choices you're allowed, go with NIS. It'll
consume more computer resources, but it'll provide better protection.

WinXP's built-in firewall is adequate at stopping incoming attacks,
and hiding your ports from probes. What WinXP SP2's firewall does not
do, is protect you from any Trojans or spyware that you (or someone
else using your computer) might download and install inadvertently.
It doesn't monitor out-going traffic at all, other than to check for
IP-spoofing, much less block (or at even ask you about) the bad or the
questionable out-going signals. It assumes that any application you
have on your hard drive is there because you want it there, and
therefore has your "permission" to access the Internet. Further,
because the Windows Firewall is a "stateful" firewall, it will also
assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.

ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.


--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
Anonymous
August 11, 2005 11:43:22 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

Doh,
I meant Zone Alarm instead of AVG
M

"Phillips" <afn18721@afn.org> wrote in message
news:o wyXkjpnFHA.1416@TK2MSFTNGP09.phx.gbl...
> Get Free AVG and Windows Fireawall (WF) - AVG will disable WF while AVG is
> on; if AVG is disabled somehow, WF will take over. Ad MS AntiSpyware for
> extra protection.
> Also, download MS Port Reporter (service) and MS Port Reporter Parser (to
> read the PR logs); let PR run automatically XP start up - most malware
> will transmit data at this point if there's a connection. Just parse the
> PR log files for info on opened ports, programs accessing the network etc.
> You can stop the PR service when you don't need it. All these programs are
> small, easy to use, easy to uninstall, and free. A firewalled router will
> help considerably as well. As a rule of thumb, you must run a bunch of
> small utilities (AdAware, SpyBot, updated hostfile, for ex) to complement
> the firewall.
>
> Michael
>
>
>
> "R." <no@spam.pls> wrote in message
> news:9%EKe.166860$Uu1.9387077@phobos.telenet-ops.be...
>> Should I use Norton's IS firewall or XP's firewall?
>>
>> Tks! R.
>>
>>
>
>
Anonymous
August 11, 2005 11:45:57 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

Use Windows firewall :) 

"R." <no@spam.pls> wrote in message
news:9%EKe.166860$Uu1.9387077@phobos.telenet-ops.be...
> Should I use Norton's IS firewall or XP's firewall?
>
> Tks! R.
>
>
Anonymous
August 11, 2005 11:45:58 PM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:e6Pz7llnFHA.1412@TK2MSFTNGP09.phx.gbl...
> Use Windows firewall :) 
>
> "R." <no@spam.pls> wrote in message
> news:9%EKe.166860$Uu1.9387077@phobos.telenet-ops.be...
>> Should I use Norton's IS firewall or XP's firewall?
>>
>> Tks! R.
>>
>>
>
>

The Windows firewall is inbound only, and can be disabled far too easily to
be of any real value.

Bobby
Anonymous
August 13, 2005 12:47:46 AM

Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (More info?)

"Bruce Chambers" <bchambers@cable0ne.n3t> wrote:

Your address is invalid.

> R. wrote:
> > Should I use Norton's IS firewall or XP's firewall?
> >
> > Tks! R.
> >
> >
>
>
> If those are the only choices you're allowed, go with NIS. It'll
> consume more computer resources, but it'll provide better protection.

ARGH! That's nonsense.
Especially Norton products have such a bad record that I avoid them
alltogether.
Typically they'll slow down even the fasted systems NOTICEABLE.
OK, security has it's price, but Norton InSecurity does NOT provide
better security than the Windows Firewall.

> WinXP's built-in firewall is adequate at stopping incoming attacks,
> and hiding your ports from probes. What WinXP SP2's firewall does not
> do, is protect you from any Trojans or spyware that you (or someone
> else using your computer) might download and install inadvertently.

Correct. It ain't the task of a firewall to protect against malware
the user downloads and installs.

> It doesn't monitor out-going traffic at all, other than to check for
> IP-spoofing, much less block (or at even ask you about) the bad or the
> questionable out-going signals. It assumes that any application you
> have on your hard drive is there because you want it there, and
> therefore has your "permission" to access the Internet. Further,
> because the Windows Firewall is a "stateful" firewall, it will also
> assume that any incoming traffic that's a direct response to a
> Trojan's or spyware's out-going signal is also authorized.

Correct. And this is pretty all a firewall can SAFELY do!
NO firewall can stop outbound traffic. See the proof of concept from
http://www.dingens.org/breakout.c

> ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
> built-in firewall,

ARGH. That's nonsense again!
All those firewalls have SEVERE flaws, up to opening ports and introducing
VULNERABILITIES! Remember Witty?

Since they present Windows to the user (their service interacts with the
desktop, which is STRONGLY discouraged by Microsoft) they are susceptible
to shatter attacks.

> and are much more easily configured,

ARGH! No, they are far to complex for Joe Average to be configured right.

> and there are
> free versions of each readily available. Even the commercially
> available Symantec's Norton Personal Firewall is superior by far,
> although it does take a heavier toll of system performance then do
> ZoneAlarm or Sygate.

Correct.

But you forgot to mention ALL the basics:
- never run with administrative rights.
- create a "restricted user" account for the daily work.
- turn on SAFER a.k.a. Software Restriction Policies.
- turn off Active* in Internet Explorer.
- uninstall all software you don't need or use.
- turn off all unused services (you won't need File and Printer Sharing
when you don't have a LAN).
- keep your system uptodate (Microsoft Update in automatic mode with
"no reboot with users logged on" will do a good job).

>
> --
>
> Bruce Chambers
>
> Help us help you:
> http://dts-l.org/goodpost.htm
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on having
> both at once. - RAH

Your sicknature is to long! 4 lines of up to 80 chars each.

fup microsoft.public.security
Stefan
!