Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Mad Scientist
19012 posts

Uber Geek
+1 received by user: 2469

Trusted
Lifetime subscriber

Topic # 12321 11-Mar-2007 09:19
Send private message

Ok guys, I firstly must admit i don't know the best place to place this topic so please move or remove as you like but ... here goes in case it is ok to post -

Is windows firewall good enough?
I use Zone Alarm free and my friend says it can destroy my download and make browsing slower. Is this validated?
Lastly, do you trust your modem's firewall - is it enough? I have a dlink dsl-g604t.

Meanwhile ... Zone Alarm!!!
Thanks guys

Create new topic
460 posts

Ultimate Geek
Inactive user


  Reply # 63619 13-Mar-2007 18:25
Send private message

I'm gonna assume you're using Windows XP yea? OK take it from me:
Do not give Windows access to controlling ports or rely on any kind of software firewall if its running on Windows.

Reasons:
Windows firewall is made by the same people who made Windows, the OS that needs a firewall.

Software firewalls like Zone Alarm run on top of Windows. No matter how they're configured - they're using Windows. Its like cutting the branch of a tree while you're sitting on the same brance. Software firewalls just do silly things like not allow programs to access the internet or blocking ICMP etc. -Rubbish.

Disable uPNP (Universal Plug & Play) because it allows Windows to open up ports on your router. This is almost as bad as letting Windows be its own firewall.

Now people please don't reply to this post going on about the security of Windows. We've all been there done that.

Joker97 you're better off removing software firewalls on your machine, and completely restricting inbound connections to your Windows computer except for specific ports. Also, take care of which applications you use to access the internet. If you've got a secure application + firewall at the network layer, then you're taken care of.




2010 posts

Uber Geek
+1 received by user: 768

Trusted

  Reply # 63633 13-Mar-2007 19:36
Send private message

@weblordpepe: I agree with most of what you've said, but there's also something to be said for a good firewall.

The problem with "firewall" is that these days it means *so many* things.

I have Komodo Firewall installed on my PC.

This does two things: Allows me to strictly monitor incoming traffic. Even if there's a service (VNC, Bittorrent) configured to listen on an open port, unless I put a network rule in to allow it, it'll never see that inbound traffic.

It also watches programs making outbound access attempts. This is a good thing, if you somehow do get a virus or bit of spyware, the firewall will flag it trying to make an outbound attempt with your CC information.

Windows is buggy n all that, but a lot of people use it!

@joker97: Depending on the level of security you think you need (ie are you using public wifi a lot etc) then I would install a 3rd party firewall. I've used ZoneAlarm and personally I think it's gone the way of Norton. Way overbloated with a lot of flashing poop (can I say poop, mods?) you don't need and won't use. But if it's working for you and you're happy with it, good stuff.

If you're at home all the time and sitting behind a NAT router (which you mention you are) then you probably don't need to worry too much about incoming network connections (As your laptop isn't directly accessable from the Internet unless you start forwarding ports)



Mad Scientist
19012 posts

Uber Geek
+1 received by user: 2469

Trusted
Lifetime subscriber

  Reply # 63638 13-Mar-2007 20:02
Send private message

um ... oh ok

firstly yup using XP. at home, i dont use public wifi.
unfortunately i use a lot of p2p applications, well in actually only limewire emule and very occasionally bittorrent - are these 'secure applications'?
but i think you're right - my firewall hardly does anything but it tells me when suspicious programs (aka spywares) try to access the internet - but very rarely, say once in 3 months, when my brothers come in to town!

also, how do i 'completely restrict inbound connections' to my computer?

thank you!!

BDFL - Memuneh
61322 posts

Uber Geek
+1 received by user: 12065

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 63642 13-Mar-2007 20:08
Send private message

The applications are ok. But what if you download a demo or a freeware application that comes with a hidden trojan or virus? You don't know it's installed unless your antivirus or antispyware is up to date, or unless a good firewall software tells you an unknown program is trying to access the network. That's where a good, unobrtrusive firewall program comes handy.

By all means have one if you are used to download and install programs from sources other than the developers' sites or from a CD in store. By the way, Zone Alarm seems to always create problems...







Mad Scientist
19012 posts

Uber Geek
+1 received by user: 2469

Trusted
Lifetime subscriber

  Reply # 63643 13-Mar-2007 20:11
Send private message

cool! the boss replied me! thanks for validating that zone alarm creates probs ;)

460 posts

Ultimate Geek
Inactive user


  Reply # 63645 13-Mar-2007 20:56
Send private message

Yeah I spose I forgot to mention that a software firewall will let you know when a program connects to the internet.

Setting aside for the moment that there are proper tools for that (check out Sysinternals on the MS site), they can be an easy way to just be notified of a new program you weren't aware of.

Personally I find it annoying - but it sounds like a good idea for what ya want. Me on the other hand - It goes WIFI --> linux firewall/router --> router --> interwebnet.

From what I remember of sleeping through class and technets the most secure thing is to have a non-tcp/ip zone between you & the internet. Like a IPX protocol network which encapsulates the traffic. Way beyond me though.

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.