Windows new firewall

Discussion in 'NZ Computing' started by Troglodyte, Aug 29, 2004.

  1. Troglodyte

    Troglodyte Guest

    Downloaded the updates after formatting my new hardrive. Yes, I put in
    a new hardrive. All formatted. And Partitioned. with 15 gig wating for
    Linux red hat. When I get it. Only, I was kinda screaming at the
    computer after I put the thing together after puttin the h/d in.
    Nothing worked. Ferkin dead it was. So I pulled open the case again
    and cried. I FRIED IT! I yelled. Turns out I'd knocked the power lead
    for the on off button off. heh heh. Still I thought, bung that in and
    see what happens. And behold, the old girl sprang to life. Works a
    treat. 80 gigger maxtor.

    Anyway, the new windows firewall that came in with the fixes as part of
    service packs 1 and two for xp pro. Whats the feeling on the firewall ?
    Any good ? Disconnect it ? Give it the flick ? Or as good as
    anything you can download. eg; sygate. (free)

    YOur thoughts ?
    Troglodyte, Aug 29, 2004
    #1
    1. Advertising

  2. In article <4131b35e$>, says...
    > Downloaded the updates after formatting my new hardrive. Yes, I put in
    > a new hardrive. All formatted. And Partitioned. with 15 gig wating for
    > Linux red hat. When I get it. Only, I was kinda screaming at the
    > computer after I put the thing together after puttin the h/d in.
    > Nothing worked. Ferkin dead it was. So I pulled open the case again
    > and cried. I FRIED IT! I yelled. Turns out I'd knocked the power lead
    > for the on off button off. heh heh. Still I thought, bung that in and
    > see what happens. And behold, the old girl sprang to life. Works a
    > treat. 80 gigger maxtor.
    >

    I suggest that you don't drink before messing with hardware ;)

    > Anyway, the new windows firewall that came in with the fixes as part of
    > service packs 1 and two for xp pro. Whats the feeling on the firewall ?
    > Any good ? Disconnect it ? Give it the flick ? Or as good as
    > anything you can download. eg; sygate. (free)
    >
    > YOur thoughts ?
    >


    Well it is better than nothing I guess (although why microsoft have all
    those ports open is another topic?). At least it offers you full
    protection from network activation until windows fully starts. You can
    in port exceptions but I'm guessing it is not as able to be fine tuned
    as something like zonealarm.

    Of course a flaw with it has supposedly already been discovered.

    I'm behind a linux firewall myself with NAT.


    -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
    http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
    -----== Over 100,000 Newsgroups - 19 Different Servers! =-----
    wogers nemesis, Aug 29, 2004
    #2
    1. Advertising

  3. Troglodyte

    Troglodyte Guest

    wogers nemesis wrote:

    >
    > I suggest that you don't drink before messing with hardware ;)
    >

    Coulda been the guiness yer think ?
    Troglodyte, Aug 29, 2004
    #3
  4. Troglodyte wrote:
    > Whats the feeling on the firewall ?
    > Any good ? Disconnect it ? Give it the flick ? Or as good as anything
    > you can download. eg; sygate. (free)
    > YOur thoughts ?


    It does all that I require, with what appears to be little or no CPU
    usage when compared to ZA/sygate etc.

    --
    Dave Hall
    http://www.dave.net.nz
    Dave - Dave.net.nz, Aug 29, 2004
    #4
  5. wogers nemesis wrote:
    > Well it is better than nothing I guess (although why microsoft have all
    > those ports open is another topic?).


    I just nmap'd my machine and nothing is open... care to explain your
    comment?

    > At least it offers you full
    > protection from network activation until windows fully starts. You can
    > in port exceptions but I'm guessing it is not as able to be fine tuned
    > as something like zonealarm.


    nah, it can be.
    Dave - Dave.net.nz, Aug 29, 2004
    #5
  6. Troglodyte

    Craig Shore Guest

    On Mon, 30 Aug 2004 08:30:23 +1200, "Dave - Dave.net.nz"
    <dave@no_spam_here_dave.net.nz> wrote:

    >Troglodyte wrote:
    >> Whats the feeling on the firewall ?
    >> Any good ? Disconnect it ? Give it the flick ? Or as good as anything
    >> you can download. eg; sygate. (free)
    >> YOur thoughts ?

    >
    >It does all that I require, with what appears to be little or no CPU
    >usage when compared to ZA/sygate etc.


    Does it stop apps accessing out without your permission like the others do?
    Craig Shore, Aug 29, 2004
    #6
  7. Craig Shore wrote:
    >>>Whats the feeling on the firewall ?
    >>> Any good ? Disconnect it ? Give it the flick ? Or as good as anything
    >>>you can download. eg; sygate. (free)
    >>>YOur thoughts ?


    >>It does all that I require, with what appears to be little or no CPU
    >>usage when compared to ZA/sygate etc.


    > Does it stop apps accessing out without your permission like the others do?


    nope, but I don't require it.
    It does stateful inspection.

    --
    Dave Hall
    http://www.dave.net.nz
    Dave - Dave.net.nz, Aug 29, 2004
    #7
  8. In article <>, dave@no_spam_here_dave.net.nz
    says...
    > wogers nemesis wrote:
    > > Well it is better than nothing I guess (although why microsoft have all
    > > those ports open is another topic?).

    >
    > I just nmap'd my machine and nothing is open... care to explain your
    > comment?
    >


    Such as the RPC service crap aka what blaster loved.
    Those services are on by default and are a listening...

    > > At least it offers you full
    > > protection from network activation until windows fully starts. You can
    > > in port exceptions but I'm guessing it is not as able to be fine tuned
    > > as something like zonealarm.

    >
    > nah, it can be.
    >



    -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
    http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
    -----== Over 100,000 Newsgroups - 19 Different Servers! =-----
    wogers nemesis, Aug 30, 2004
    #8
  9. wogers nemesis wrote:
    >>>Well it is better than nothing I guess (although why microsoft have all
    >>>those ports open is another topic?).


    >>I just nmap'd my machine and nothing is open... care to explain your
    >>comment?


    > Such as the RPC service crap aka what blaster loved.
    > Those services are on by default and are a listening...


    well it isnt listening to the internet...

    --
    Dave Hall
    http://www.dave.net.nz
    Dave - Dave.net.nz, Aug 30, 2004
    #9
  10. Troglodyte

    frederick Guest

    "Dave - Dave.net.nz" <dave@no_spam_here_dave.net.nz> wrote in message
    news:...
    > Troglodyte wrote:
    >> Whats the feeling on the firewall ? Any good ? Disconnect it ? Give it the
    >> flick ? Or as good as anything you can download. eg; sygate. (free)
    >> YOur thoughts ?

    >
    > It does all that I require, with what appears to be little or no CPU usage
    > when compared to ZA/sygate etc.
    >

    How did you come to that conclusion?
    I can't see it running as a service in task manager, so assume either it is
    hidden from t/m, or integrated with explorer or something.
    wscntfy.exe ain't it - just the security alerts notify tray icon application.
    frederick, Sep 1, 2004
    #10
  11. frederick wrote:
    >>It does all that I require, with what appears to be little or no CPU usage
    >>when compared to ZA/sygate etc.


    > How did you come to that conclusion?


    there is no noticable difference whether it is enabled or not.
    the others, there is noticable difference.
    Dave - Dave.net.nz, Sep 1, 2004
    #11
  12. Troglodyte

    frederick Guest

    "Dave - Dave.net.nz" <Dave@_no_spam_here_please_dave.net.nz> wrote in message
    news:...
    > frederick wrote:
    >>>It does all that I require, with what appears to be little or no CPU usage
    >>>when compared to ZA/sygate etc.

    >
    >> How did you come to that conclusion?

    >
    > there is no noticable difference whether it is enabled or not.
    > the others, there is noticable difference.


    When "nothing much is doing" on my PC (system Idle Processes 97-100%), Zone
    Alarm "blips" to 3% cpu usage occasionally.
    So does my AV program, explorer, and a few other things. Given that you can't
    "see" the windows firewall as a separate process (integrated with explorer
    perhaps) then you are comparing almost nothing (Zone Alarm) with nothing that
    you can see.
    Even if there was a "difference", then the price of a very small cpu overhead is
    probably worth it - to protect against crap (adware) phoning home as well as
    malware / backdoor stuff.
    frederick, Sep 1, 2004
    #12
  13. frederick wrote:
    >>>>It does all that I require, with what appears to be little or no CPU usage
    >>>>when compared to ZA/sygate etc.
    >>>How did you come to that conclusion?

    >>there is no noticable difference whether it is enabled or not.
    >>the others, there is noticable difference.


    > When "nothing much is doing" on my PC (system Idle Processes 97-100%), Zone
    > Alarm "blips" to 3% cpu usage occasionally.
    > So does my AV program, explorer, and a few other things. Given that you can't
    > "see" the windows firewall as a separate process (integrated with explorer
    > perhaps) then you are comparing almost nothing (Zone Alarm) with nothing that
    > you can see.


    point taken.

    > Even if there was a "difference", then the price of a very small cpu overhead is
    > probably worth it - to protect against crap (adware) phoning home as well as
    > malware / backdoor stuff.


    if you know whats running on your machine, this isn't an issue.

    --
    Dave Hall
    http://www.dave.net.nz
    Dave - Dave.net.nz, Sep 1, 2004
    #13
  14. Troglodyte

    frederick Guest

    "Dave - Dave.net.nz" <dave@no_spam_here_dave.net.nz> wrote in message
    news:...

    >
    >> Even if there was a "difference", then the price of a very small cpu overhead
    >> is probably worth it - to protect against crap (adware) phoning home as well
    >> as malware / backdoor stuff.

    >
    > if you know whats running on your machine, this isn't an issue.
    >
    > --

    yep - but *IF* should be in capital letters.
    frederick, Sep 2, 2004
    #14
  15. frederick wrote:
    >>if you know whats running on your machine, this isn't an issue.


    > yep - but *IF* should be in capital letters.


    well I do know what is running, I keep it locked down very tightly.

    --
    Dave Hall
    http://www.dave.net.nz
    Dave - Dave.net.nz, Sep 2, 2004
    #15
  16. Troglodyte

    theseus Guest

    frederick wrote:
    > "Dave - Dave.net.nz" <dave@no_spam_here_dave.net.nz> wrote in message
    > news:...
    >
    >>
    >>> Even if there was a "difference", then the price of a very small
    >>> cpu overhead is probably worth it - to protect against crap
    >>> (adware) phoning home as well as malware / backdoor stuff.

    >>
    >> if you know whats running on your machine, this isn't an issue.
    >>
    >> --

    > yep - but *IF* should be in capital letters.


    As in *IF* you have installed a trojan the chances are that it could mimic
    one of the applications you have already granted access to in Zone Alarm ?
    ;-)
    theseus, Sep 2, 2004
    #16
  17. Troglodyte

    frederick Guest

    "Dave - Dave.net.nz" <dave@no_spam_here_dave.net.nz> wrote in message
    news:...
    > frederick wrote:
    >>>if you know whats running on your machine, this isn't an issue.

    >
    >> yep - but *IF* should be in capital letters.

    >
    > well I do know what is running, I keep it locked down very tightly.
    >

    Most users have no flaming idea.
    I didn't realise that the new SP2 firewall does seem to protect against some
    outgoing connections.
    It will *sometimes* bring up a Windows Security dialog - like Zone Alarm - but
    this seems dependent on which port is trying to be used by the program. I guess
    this is documented somewhere.
    frederick, Sep 2, 2004
    #17
  18. "frederick" <> wrote in message news:<1094091976.395062@ftpsrv1>...

    > Most users have no flaming idea.
    > I didn't realise that the new SP2 firewall does seem to protect against some
    > outgoing connections.
    > It will *sometimes* bring up a Windows Security dialog - like Zone Alarm - but
    > this seems dependent on which port is trying to be used by the program. I guess
    > this is documented somewhere.


    This is when a program binds to a socket to listen for incoming
    connections to your PC

    Cheers
    Nathan
    Nathan Mercer, Sep 2, 2004
    #18
  19. Troglodyte

    Chris Guest

    Nathan Mercer wrote:
    > "frederick" <> wrote in message news:<1094091976.395062@ftpsrv1>...
    >
    >
    >>Most users have no flaming idea.
    >>I didn't realise that the new SP2 firewall does seem to protect against some
    >>outgoing connections.
    >>It will *sometimes* bring up a Windows Security dialog - like Zone Alarm - but
    >>this seems dependent on which port is trying to be used by the program. I guess
    >>this is documented somewhere.

    >
    >
    > This is when a program binds to a socket to listen for incoming
    > connections to your PC
    >
    > Cheers
    > Nathan


    But if you lock out access to sockets as a "user", then this shouldn't
    be able to happen.

    See http://www.grc.com/dos/sockettome1.htm for more info on what I'm
    talking about.

    --
    Chris, Sep 3, 2004
    #19
  20. Chris <> wrote in message news:<4137fc04_3@127.0.0.1>...
    > Nathan Mercer wrote:
    > >>Most users have no flaming idea.
    > >>I didn't realise that the new SP2 firewall does seem to protect against some
    > >>outgoing connections.
    > >>It will *sometimes* bring up a Windows Security dialog - like Zone Alarm - but
    > >>this seems dependent on which port is trying to be used by the program. I guess
    > >>this is documented somewhere.

    > >
    > > This is when a program binds to a socket to listen for incoming
    > > connections to your PC

    >
    > But if you lock out access to sockets as a "user", then this shouldn't
    > be able to happen.


    No. I believe you have your wires crossed. It already happens
    perfectly fine with Windows XP.

    Windows Firewall already prohibits users (who aren't admins) from
    editing Firewall configuration properties, as well as accepting
    inbound connections

    These are not Raw Sockets

    > See http://www.grc.com/dos/sockettome1.htm for more info on what I'm
    > talking about.


    oh the Raw Sockets XP Zombie machine Internet is going to end and the
    sky is going to fall in line. I remember all the hoopla and PR almost
    3 years ago.
    All respect to Steve Gibson, especially because of SpinRite, but come
    on. XPs has been there for 3 years now and no end of the Internet

    http://www.microsoft.com/technet/security/news/raw_sockets.mspx
    http://www.grc.com/dos/intro.htm
    http://grcsucks.com/grcdosreply.htm

    For what its worth, some changes and tweaks were made in XP SP2:
    1. removed support for TCP sends over raw sockets; receives are
    unaffected
    2. rate limit half-open TCP connection requests but can only do so if
    and only if TCP SYN packets are issued only by the stack

    Cheers
    Nathan
    Nathan Mercer, Sep 5, 2004
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Phil
    Replies:
    1
    Views:
    2,091
    Walter Roberson
    Dec 11, 2004
  2. Replies:
    1
    Views:
    539
    Walter Roberson
    Jun 14, 2005
  3. Anonymous

    Windows XP Firewall/Internet Connection Firewall

    Anonymous, Dec 1, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    916
    Anonymous
    Dec 1, 2003
  4. Guy Pzt
    Replies:
    0
    Views:
    785
    Guy Pzt
    Oct 1, 2005
  5. =?Utf-8?B?U3dhbm5pZQ==?=

    Windows Firewall vs Nvidia Firewall

    =?Utf-8?B?U3dhbm5pZQ==?=, Nov 23, 2005, in forum: Windows 64bit
    Replies:
    11
    Views:
    1,420
    Dennis Pack
    Nov 24, 2005
Loading...

Share This Page