Page 1 of 4 123 ... LastLast
Results 1 to 10 of 33

Thread: Is Windows Firewall any good at all?

  1. #1

    Is Windows Firewall any good at all?

    well as the title says, is the SP2 windows firewall any good at all? i know it has the basic features of a firewall, but i still dislike its reliability since it has been made public and rarely updated. the only thing i rather like about it is its low usage of memory. however, i am just curious on how the public overviews the windows firewall. what do you think about it? is it reliable? useless? okay? a good temporary fix? decent protection? post if you got any comments, it would be quite helpful on my consideration of leaving my friend's computer with just windows firewall (he doesnt like other firewalls because they use too much memory [i.e ZA pro uses 128mbs of ram {thats what it says for operating on windows xp} while others are not as good] ).

    EDIT: P.S i know this goes a bit off topic, but could anybody reccomend me a firewall that is light on resources if possible? (free one would be even better )
    Come to the dark side......WE.....HAVE......trackingCOOKIES!!

  2. #2
    Senior Member ShippMA's Avatar
    Join Date
    Oct 2002

    Firewalls are not my strong point, however after reading numerous threads on topics about firewalls in general i got a couple of points that might help:

    1. I think that the vast majority of people here will say that the Windows firewall gives an extremely low amount of protection. Some would even go as far as to say its not even worth thinking about. (not very technical i know but well, neithers the firewall)

    2. As i see it having a firewall is great an all, as long as it is kept up to date, only the necessary ports are open, and most importantly the logs are checked on a regular basis (don't think that windows firewall has logs) If these three things aren't done, especially the last, then you wont know if you are being targeted, and if so how its being done in order to stop it.

    3. However I am assuming that your friends is a home PC, he is not doing any top secret work, and just wants to surf, play games and possibly use Office for some general work. In that case I would say that actually an active virus scanner is far more important, as it is unlikely (but definitely possible) that he will get targeted by a straight hack, and far more likely he will pick up a virus through e-mail, web page, download etc.

    As far as what i would reccomend for a firewall, the free ZA i believe is the best, was running a win xp box with only 256Mb of RAM for a while and had no resource issues. Its simple to use and can be updated automatically. Like i said earlier though, make sure that your friend checks the firewall for any suspicious stuff though, as it is VERY easy to have one and just assume your safe.

    With it use a good virus scanner, and there are good free ones out there, i just can't remeber them at the moment, maybe another member could suggest something. Make sure that whatever you use has real time protection, and is set to automatically do a full system scan periodically.

    I would think that anything more than that would just be a bit overkill.

    Google is god ....... of the Internet

  3. #3
    Senior Member
    Join Date
    Apr 2004
    C_C, Windows XP firewall inst bad, but you must to know to deal with it. MS Firewall isnt like retail commercial FWs (such as NIS). Keep in mind that MS FW is designed to procect your machine from EXTERNAL attacks. It is not (IMHO) good to break a worm already inside from your pc, sending your personal info to the internet.
    If you plan to use it, read all MS documentation about it before rely your pc security on it...
    Meu sํtio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  4. #4
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    New Jersey
    From what I understand, M$'s firewall only blocks incoming connection attempts (short of those services in the exception tab). While this is a nice idea, it reduces alot of functionality if you're running a network. A perfect example was when I discovered M$'s firewall was interfering with the server based network AV I'm using. It wasn't letting the AV server connect with its clients. Creating a rule to allow this wasn't exactly intuitive either. For single systems not sitting behind a router, M$'s firewall serves a practical purpose, basic security from outside attacks. I applaud M$ for its recent attempts at offering beefed up security (firewall, antispyware), however, the firewall is far from an ideal solution for protection against inside-out attacks. I would recommend getting a firewall that monitors both incoming/outgoing traffic. That's my input on the matter.
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  5. #5
    Hoopy Frood
    Join Date
    Jun 2004
    (don't think that windows firewall has logs)
    It does, but it's somewhat sparcer in log sorting features than other firewalls. It's located at C:\WINDOWS\pfirewall.log and it logs Successful Connections and Dropped Packets.

    With it use a good virus scanner, and there are good free ones out there, i just can't remeber them at the moment, maybe another member could suggest something.
    • AVG 7.0 Free Edition - Very good, I used this one the most.
    • ClamWin - Not recommended for newbie computer uses who want realtime protection, as this has none. This is meant for scanning your entire PC or single files for viruses, not for scanning every file your computer accesses as mosto AVs do. A nice feature of this AV is that you can make your own definitions. See Soda_Popinsky's tutorials on on this: (Here and here.)
    • Bitdefender I liked it a lot when I used it and it seemed to have very good definitions.

    - X
    "Personality is only ripe when a man has made the truth his own."

    -- S๘ren Kierkegaard

  6. #6
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    Vigilant Minds did a pen test against 6 or so of the more popular personal firewalls. The two worst were Symantec's and the MS personal firewall. While I don't have the link handy, it showed that both of these vendors are vulnerable to very common attack vectors.

    When I dig up the link to the PDF, I'll throw it in here.

    Again, requirements + madates = Technology Solution.

    I'd also advise you to pick the most simple solution when you implement. Simplicity is beauty.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  7. #7
    Join Date
    Jul 2004
    wfw isnt that bad, its better than nothing. i just use it to know when programs are trying to make connections to the net that are NOT suppose to....like this program i downloaded the other day...a memory address hacker. now why that program would need to access the net i dont know but WFW did its job to alert me that it was not being haved. i never really like firewalls to begin with. i have been on the net for quite a while and i remember when sub7 was popular to stick in everything and it was a pain in the ass to block....Period. even zone alarm...uhhh i dont even remember the other ones back then but they didn't do the job. but im getting kind of off topic, if you want a general baseline security measure that doesnt require any download time or $$ use it. but sygate (if its still free) is a decent one though i hope they fixed the bug with that screwed up long filename that converted to the old 8char length during installation and basically rendered the firewall useless and popped error messages every time you started it.

  8. #8
    Senior Member
    Join Date
    Oct 2003
    Operation Cyberslam
    \"I\'ve noticed that everybody that is for abortion has already been born.\" Author Unknown
    Microsoft Shared Computer Toolkit
    Proyecto Ututo EarthCam

  9. #9
    Senior Member Raion's Avatar
    Join Date
    Dec 2003
    New York, New York
    Although I haven't myself tested the WinXP firewall I hear it's not the best thing in the world. Regardless, I don't use it, it's just a pain in the ass and it's not like I have anything worth hacking, so even if I was hacked, a format wouldn't exactly bother me..

  10. #10
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Miami, FL
    Windows XP firewall (ICF) only monitors 'incomming' traffic. Not 'outbound'. Meaning, if your system is infected with a trojan dialer for example, the firewall will not alert you about the outbound connection it is trying to establish. Firewalls logs for ICF can be found here (by default of course)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts