Archived from groups: microsoft.public.windowsxp.basics,microsoft.public.security (
More info?)
"Bruce Chambers" <bchambers@cable0ne.n3t> wrote:
Your address is invalid.
> R. wrote:
> > Should I use Norton's IS firewall or XP's firewall?
> >
> > Tks! R.
> >
> >
>
>
> If those are the only choices you're allowed, go with NIS. It'll
> consume more computer resources, but it'll provide better protection.
ARGH! That's nonsense.
Especially Norton products have such a bad record that I avoid them
alltogether.
Typically they'll slow down even the fasted systems NOTICEABLE.
OK, security has it's price, but Norton InSecurity does NOT provide
better security than the Windows Firewall.
> WinXP's built-in firewall is adequate at stopping incoming attacks,
> and hiding your ports from probes. What WinXP SP2's firewall does not
> do, is protect you from any Trojans or spyware that you (or someone
> else using your computer) might download and install inadvertently.
Correct. It ain't the task of a firewall to protect against malware
the user downloads and installs.
> It doesn't monitor out-going traffic at all, other than to check for
> IP-spoofing, much less block (or at even ask you about) the bad or the
> questionable out-going signals. It assumes that any application you
> have on your hard drive is there because you want it there, and
> therefore has your "permission" to access the Internet. Further,
> because the Windows Firewall is a "stateful" firewall, it will also
> assume that any incoming traffic that's a direct response to a
> Trojan's or spyware's out-going signal is also authorized.
Correct. And this is pretty all a firewall can SAFELY do!
NO firewall can stop outbound traffic. See the proof of concept from
http://www.dingens.org/breakout.c
> ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
> built-in firewall,
ARGH. That's nonsense again!
All those firewalls have SEVERE flaws, up to opening ports and introducing
VULNERABILITIES! Remember Witty?
Since they present Windows to the user (their service interacts with the
desktop, which is STRONGLY discouraged by Microsoft) they are susceptible
to shatter attacks.
> and are much more easily configured,
ARGH! No, they are far to complex for Joe Average to be configured right.
> and there are
> free versions of each readily available. Even the commercially
> available Symantec's Norton Personal Firewall is superior by far,
> although it does take a heavier toll of system performance then do
> ZoneAlarm or Sygate.
Correct.
But you forgot to mention ALL the basics:
- never run with administrative rights.
- create a "restricted user" account for the daily work.
- turn on SAFER a.k.a. Software Restriction Policies.
- turn off Active* in Internet Explorer.
- uninstall all software you don't need or use.
- turn off all unused services (you won't need File and Printer Sharing
when you don't have a LAN).
- keep your system uptodate (Microsoft Update in automatic mode with
"no reboot with users logged on" will do a good job).
>
> --
>
> Bruce Chambers
>
> Help us help you:
>
http://dts-l.org/goodpost.htm
>
http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on having
> both at once. - RAH
Your sicknature is to long! 4 lines of up to 80 chars each.
fup microsoft.public.security
Stefan