Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19
  1. #11
    With the WinXp Firewall you dont have many setting and cant configure it right for you
    One that works alright is Norton Antivirus

  2. #12
    Dead Man Walking
    Join Date
    Jan 2003
    okay netcrasher two things Norton Antivirus isnt a firewall. It has NO firewall functions. hence the name antivirus. okay that rant is over. NEXT with win xp you only have 2 possible setting ON or OFF thats it. Maybe somebody should read a little closer to whats being said next time????????

  3. #13
    Join Date
    May 2003
    Somewhere in Texas


    Ok, I think I get the idea. Personnally, I also use ZoneAlarm while mobile and behind my FW box at home. Love the stealth of ZA, gotta have outbound checks, etc..

    It looks like we can all agree that it's not a real *firewall* per se, M$ should be calling it "security enhancements" not a "firewall." Even Red Hat's iptables GUI is called "Security Configuration" -- not "Firewall." But hey, Windows 3.1 was a "multi-tasking o/s" too, wasn't it?

    Still, if you need something, but it's better than nothing.

    Anyone know any reason NOT to use it? (As long as it's not soley relied upon and doesn't lend to a false sense of security.)

  4. #14
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    Anyone know any reason NOT to use it?
    I think that many of the reasons above should suffice, don't you? It lends little control to properly secure your environment. It has no ability to track connection state, it has no concept of inside vs. outside, it is used for securing ports (and I use that term lightly), it cannot analyze packets thoroughly (other than the protocol), it has no protection for outbound connections and the list goes on. Do yourself a favor and look into something more robust. You'll be happier in the end. I'd look at IPTABLES in any RH distro, or look into an appliance like Cisco PIX, etc.

    Hope this helps.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #15
    Senior Member Zonewalker's Avatar
    Join Date
    Jul 2002
    ZombieMann and netcrashxx you CAN configure XP's firewall to a certain extent... go to properties of the connection > advanced > settings> services and you can configure there what ports to let open - it's not true to say that the ICF is either off or on.

    having said that - the reasons not to use the thing have already been stated several times so I'm not going to reiterate them again...

    Quis Custodiet Ipsos Custodes

  6. #16

    Im not an idiot...There are more then one Norton
    -Norton Antivirus
    -Norton Cleansweap
    -Norton Ghost
    ---Norton Personal Firewall

  7. #17
    Join Date
    Apr 2003
    netcrashxx the error in your message ios that you said that the WinXp firewall does not have the same functions as Norton Antivirus <---..

  8. #18

    Re: XP's "firewall" - why the bad press?

    Originally posted here by Mykol

    Why? Isn't something better than nothing?

    Not when that something is more exploitable than not having an extra app running with holes.

  9. #19
    Senior Member
    Join Date
    Nov 2002
    Thanx Noodle to provide real good posts!

    You're right fingerprinting is a real pain and should be mitigated!
    As just as a little conclusion to our discussion, i'll say that securing a PC with embedded s/w don't give full satisfaction. I believe that i'll definitly go for a firewall in the middle when possible (a old PC will do it).

    BTW I'm not windows expert but didn't Microsoft understood the danger of predictable TCP sequence number...
    Is there a ptach to upgrade the TCP/IP stack???
    [shadow] SHARING KNOWLEDGE[/shadow]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.