I don't think so! If you don't play games ,it's enough. It's very simple. If you want a high security . ZA is powerful(Also LNS)!
Printable View
I don't think so! If you don't play games ,it's enough. It's very simple. If you want a high security . ZA is powerful(Also LNS)!
I see. So firewalls that don't do egress filtering are enough? What about bots? Worms? Spyware? Keyloggers? You know, the biggest problems on the net today.Quote:
I don't think so! If you don't play games ,it's enough.
I won't even get into the design flaws in the product. For a glimpse of that, see the link Agent Steel posted earlier in the thread.
Your post is incorrect. Please do the minimal research before posting.
--Th13
Well, I am certainly no expert here, but I feel that a bit of "devil's advocacy" might be in order.
My main question would be "what were Microsoft's intentions for the product?"
From what I have read it would seem that this was to provide some sort of rudimentary protection for inexperienced users whilst they went on the net to trusted sites and downloaded software updates and so on. Now, I don't want to "second guess" Microsoft but given that:
1. It doesn't filter outgoing traffic.
2. In that report Microsoft said that they were "not concerned by the results"
At this point I am inclined to think of it as "a relatively primitive defence tool" rather than a "true firewall"
As --TH13 pointed out:
So perhaps it is a misnomer to even describe it as a "firewall", let alone judge it as one?Quote:
I see. So firewalls that don't do egress filtering are enough? What about bots? Worms? Spyware? Keyloggers? You know, the biggest problems on the net today.
Just a thought :)
...I've actually tested Windows XP firewall using nmap. It does a rather admirable job of 'stealthing' a PC. The biggest drawback is that it does not block or filter outgoing connections. It's probably satisfactory for most users.
What options did you use with nmap when you performed your test? I amQuote:
...I've actually tested Windows XP firewall using nmap. It does
a rather admirable job of 'stealthing' a PC.
currently using nmap 3.95 for 2000.
Quote:
The biggest drawback is that it does not block or filter
outgoing connections. It's probably satisfactory for most
users.
IMO Windows firewall is 'satisfactory' to the people who don't know any
better or the people who don't anything about security. As long as they
can get online, surf the net, check email, and play some online games
they don't care about it.
Now for the techies and geeks who love this stuff (which is US) we
have different opionions on this subject. IMO Windows firewall is
better than nothing, but since it doesn't have any type of
outbound monitoring it makes it a security risk. Bottom line is, you don't neglect inbound security, so why would you neglect outbound security?
Hey Hey,
I think that CN22 has summed thing up quite nicely....
You do a fresh Windows XP install... you go on the internet... *BAM* you're hit by the latest worm....
You do a fresh Windows XP install... you enable the firewall... you go on the internet *BAM* the latest worm is turned away because the connection is denied...
So that right there answers the question is the Windows firewall any good at all... yes.. it's great for default installs that need updates installed.
It's great for home users that don't know any better..
Security is layered... everywhere... Do you go out and leave your door unlocked? Probably not... (Operating System with No Firewall)... Do you go out and lock your door? Most likely (operating System with basic firewall).... Do you go out and lock your door and arm an alarm system? some people will... (Operating System with Advanced Firewall)...
A basic level of physical security is sufficient for most people and the truth is that a basic level of computer security is sufficient for most people... If everyone were meant to be running registry change monitors, av, realtime anti-malware, advanced firewalls, hardware firewalls on top and an IDS... then everyone should triple bolt their door, put cages over their Windows and install an alarm system with motion detectors and video cameras... because it's the same thing... Most people want the basics and it does the trick..
The Windows firewall does the trick just as only locking your door does the trick...
Is it the best... nope... is it a great solution... nope.. but is it good??? yes..
For those of you that disagree... how many of you have said that your NAT Router is sufficient as a firewall? It's only watching for connections coming in... it'll let anything leave your network.
Peace,
HT
I have to continuously relearn that every couple of years.Quote:
Simplicity is beauty.
In reference to the logging of Windows firewall. Be advised, logging is not turned on by default. You must go into the settings and turn it on.
;)
I remember testing it a bit with nmap scans, it did better than I thought it would.
I'll just have to agree with a few here.
If there's no other firewall around, might as well run it!
...I nmapped it with the -sV -O -P0 switches. Not sure what version of nmap I used. I got so many computers I can't keep track.
Don't get me wrong, I'm not a big fan of this firewall, much prefer Sygate for my Windows boxes. If you're a mindless Windows user, it's fine. If you're a thinking man (or woman), you can do better.