XP's Internet Connection Firewall - Any Good?

[spyderx]

I was wondering if anyone would mind sharing their opinions, experiences, etc.....concerning WinXP's built in Internet Connection Firewall?

I know that it's a basic firewall that only monitors inbound traffic, but that's really all I need for the moment being. Thanks.

[dublix]

I'm no expert on XP's firewall but i know there are better options out there- (oversimplified). I would check here if you want to strengthen your hand. www.sygate.com

As far as my experiences with the XP firewall i dont have many, although i will say this when i was using only XP's firewall and had my ports probed at www.grc.com i noticed that alot of my ports were only closed. When i have sygate running they are stealthed.

http://www.pcmag.com/article2/0,4149,2230,00.asp
http://www.joker.chezcyber.com/ICF/firewall.htm
These articles go a little further indepth.

[dAggressor]

I wouldn't solely rely on the XP firewall but something is definitely better than nothing. More importantly I would make sure that you have all the patches and updates installed. Then do your firewall and look into getting something better. Outpost has a good one that is free, monitors both incoming and outgoing connections. Google for it and you shouldn't have a problems finding it. I don't have the url in front of me right now.

Good luck.

[thread_killer]

Well, it is better than nothing but not by much. Read your EULA, especially if you have service pack 1 on there. Defense in depth is the key. Add another layer.

[brandon64_99]

The default winxp firewall provides basic security, but I wouldn't bet my life on it. I would go for something like a Neowatch, and Neotrace suite, they offer a great firewall and geographical tracing of ip addies. You can also reports hacks and actual intrusions directly from their software.

[VicE$DoS$]

spyder x,

Tell me ...what is this machine gonna be used for? Is it just a games machine or is it your full on life and death pc with credit card details & family photos etc.

It could be the difference between buying a firewall or using a free one.

Cheers
Vice$Dos$

[instronics]

Hello spyderx.

I know that it's a basic firewall that only monitors inbound traffic, but that's really all I need for the moment being. Thanks.

First off.....Outbound traffic is also very important (RATS, trojans, M$). As far as i know the basic firewall from winXP will only block inbound traffic which microsoft chooses. So basicly this sucks. It might block some script kiddie's attempt to sub7 you, but it will not block any real threats concerning privacy. I agree with what VicE$DoS$ said:

ell me ...what is this machine gonna be used for? Is it just a games machine or is it your full on life and death pc with credit card details & family photos etc.

If its just a little private computer for games,then i recomend you get something like zone alarm, tiny, seagate etc.... (Mind that these are NOT REAL FIREWALLS),but they are still better than the default winXP basic firewall. If the computer will contain sensitive data such as credit card information, bank information, or any other kinds of data that you wish to keep private, then consider getting a real firewall. For real firewalls though you need some knowledge, and maybe you would have to spend some money for it whether its hardware or software. Search the posts on AntiOnline about firewalling, there are many many wonderful posts regarding this subject. Bottom line is : The winXP basic firewall sucks really badly.

Cheers.

[VicE$DoS$]

Instronics you took the words out of my mouth - spot on!!

Again just to reinforce that bit about outbound traffic. (if I may)

A lot of people especially newbies to the internet & associated threats percieve the only danger being that of inbound traffic. WRONG!! You need to consider both inbound and outbound traffic.

I think the best crap analogy to sum this one up is:

"Its all well and good screwing the cap back on the bottle but if its got a whole in the bottom then your gonna end up losing".

SpyderX I your post really appealed, Welcome to the AO community I hope you stay around.

[Vigge]

I was wondering if anyone would mind sharing their opinions, experiences, etc.....concerning WinXP's built in Internet Connection Firewall?

My experience with it was when I had just bought a copy of windowsXP, installed a ftp-program and tried to connect to a friends ftp that isnt on the default port of 21, the windowsXP firewall didnt allow a connection to be established on that port, and no configuration of it available, I craped it, and installed Sygate instead.

Thats my two cents of experience with it.

[st. lucifer]

get a router. configure MAC address filtering (u pick who gets in - all others are denied - (sort of...))
set up tcp/ip filtering (as per protocol) and port forwarding (as per application...) most routers have solid hardware firewalls built in, and you get the additional benefit of a secondary i.p. address between you and the world. the microsoft mn-100 (wired) integrates nicely w/ xp; however, it does render the built-in fwall useless (any soft fwall 4 that matter) -- they don't get along at all, and are redundant.
set up properly, these measures have you fairly well situated as far as inbound attacks go (also disable netbios on ports 135-139 if your isp/dns config allows.) Throw in a good a/v prog (norton or trend pccillin, for example. -- and keep it updated - every 48 hours if poss, but at least 1 a week.) also get yourself a good trojan checker/file monitor (TDS-3 by Diamond cpu systems is excellent, and is shareware) to keep your system from misbehaving (outbound traffic
control > inbound, for numerous reasons. Top it off with a scanner and a few free tools (foundstone.com and sysinternals.com each have free packages available...) a free proxy server for surfing is never a bad idea, either - and don't be lazy about applying the latest patches/hotfixes for your o.s. and yur apps. in other words, don't trust the built-in fwall in xp to provide you with any real security - telnet, ftp, term svc and RAS users are already re-writing your registry... |:-> peace out