Firewall Yes? No?

I've been told for those of us on dialup that we don't need a personal firewall since the IP number changes each time we dial-up. To the contrary, I recently read in the BBS Newsletter that dialups should have a firewall.

I would appreciate seeing comments.

 

Five years ago I would have agreed with the 'dial-up, no firewall needed' idea. Even two years ago and I might still have mostly agreed.

Today with the smarter baddies that are out there, no firewall = easy target and the only questions are 1) when 2) how badly you will be hit. No longer any question of 'if'.

If you want to verify the above then set up a new PC with W2K or XP then go onto the internet to get an AV program or security patches. You will almost certainly be infected with Blaster, Sasser, or both and probably some other items before you can get protected. If you had AV installed but not updated, it will probably have been broken as well so it might appear to function but would not be protecting you at all.

With a tight firewall in place, you can probably gain enough breathing space to update your PC.

 

I would say to definitely use a firewall. The reasoning about dialup and different IP's has a flaw. The flaw is that if you have a trojan virus running, and no firewall or effective AV program, the trojan virus sits there and opens a port on your computer, and will either send out packets of data basically saying 'here is a wide open computer ripe for exploitation', or opens a port and waits for a incoming data stream. It doesn't matter that there is a different IP each time, this trojan would be broadcasting the current one. Some of these can identify themselves as coming from a specific computer.
The XP firewall does nothing to stop anything from connecting out, a third party firewall can monitor what is connecting out, and can allow or deny access to the internet.

 

Doesn't matter what type of connection. A firewall should be in place before you connect to the internet.

 

But use just one firewall. Windows XP SP2 will install a firewall by default, so if you already have one (like Zone Alarm, Sygate, etc.) disable one. The XP Firewall is the one I would disable in a case like this.

 

Thanks for the input and suggestions. I'm convinced.

 

I am running Win XP, SP2 and have been using the built in firewall, however, I just downloaded Sygate to try. In the Help file for Sygate, there is something about Sygate being compatible with Microsoft's Internet Connection Sharing. Is this the same as the XP firewall? I had always thought you should only have one firewall enabled at a time so I am confused as to why they would tell you how to configure Sygate to work with ICS. Help?

Thanks,
Ann

 

ICS is for obtaining internet access to a computer through another computer's connection. Nothing to do with firewalls.

 

I'm the heretic here: I run both Windows firewall and Sygate.

Regards - Charles

 

Firewall for dialup=good

I didn't used to use a firewall when I had dialup. Then one day I stayed online for six hours straight, downloading an AVI file. When I tried to log on to an account, I was told my account had been suspended for being linked to a cracker. I emailed them and pleaded my case. My account was restored. I figured the account must've been compromised when I was online for six hours straight with no firewall.

 

Some recent info I read from a MS spokesperson on firewalls was that MS don't recommend running both the SP2 firewall and a third party firewall at the same time. They say there is no advantage in running two, and can in fact cause problems with throughput and blocking. Run ONLY ONE. If the features on the SP2 one are not enough, then run a third party one, but make sure you turn off the MS one.

The SP2 one works fine for me.

 

I really don't want anymore stuff running on my computer.. I've never used a firewall and never had a problem. But I do have SP2's firewall installed and running now. It hasn't caused any problems yet so I think I'll just stay with it for now. This is getting crazy !! I have ad-aware, spybot, spyware blaster, spyware gaurd, F-Prot antivius, Windows XP SP2 Firewall, and various other system addon's and tweaks to try and keep my computer clean..

Where or when is it going to end !!

 

Hi Paul,

They say there is no advantage in running two, and can in fact cause problems with throughput and blocking.

I've "heard" that for the last two and half years

I think I'm smart enough to know if in all that time there were problems because of that.

The other consideration is a class of malware that has the ability of shutting firewalls down. This is done by specifically looking for the "brand" names.

The other more probable possibilty is shutting down the firewall (Sygate and before that ZAP) and going on-line forgeting to enable it. I've done this a few times.

Rockit: from what I remember about your system specs, it's small or old or both so I'm not supprised that you don't want the overhead. WFW's foorprint is the smallest - its a Service.

Once out of curiousity, I shut Sygate down, and went to the Gibson firewall site to test ICF (pre SP2 XP firewall) and now WFW. That test - and others - passed XP's firewalls as fully stealthed on all ports. So inbound, as far as I can determine, WFW is as good, if not better, than some third party firewalls. What WFW can't do is block outbound and make advanced rules - things I insist on having.

Regards - Charles

 

I totally agree!

Some of the "fun" has gone out of using computers on the internet now. We seem to be continually looking over our shoulders for trouble.

I remember very well from december '96 till around 2001 when I had never received any virus. I became dissapointed because I wanted just one infection knocking on my front door, to justify the use of a virus scanner and the fact that these scanners (Mcafee and Norton) slowed down a slow (by todays standard) system.

After that first virus, the instances slowly increased over the next year or two.

Back then spyware/malware was of no concern either.

Things have changed, and I don't like it!

Still have resisted the need for a third party firewall, and with SP2 I can't see me using one for sometime to come.

 

I read the MS WinXP General newsgroup daily. All the MVP's recommend running ONE and only one firewall. It is the very rare person who insists on going against the wisdom of the day in that regards. You readily admit you are the heretic in this. It seems to me that we are best served by following the advice of those MVP's whose business it is to advise and caution us best on these matters. You say you have encountered no problems in two years of doing this. Perhaps you are lucky and perhaps tomorrow that conflict will arise and you will not be so lucky. Why fly in the face of what the vast majority recommends?

 

Hello James,

Because I have confidence in my abilities and judgment.

Regards - Charles

 

SO if one were to bite the bullet and install a third party firewall which one uses the least system resources but offers the greatest protection? The smallest footprint would also be nice..

Thanks
Rockit

 

Hi Rockit,

I use Sygate on XP and ZAP (Pro) on WinME, neither of which are known for slimness

Those that use Kerio claim it's lean, I know of three here that use Kerio - Pete, Shadowhawk, and BillyBob.

A reference point: the Sygate resident is showing 8.6+ MB in TM. Welshjim uses ZA free on XP - if reads this he can tell you what the load for it is.

Regards - Charles

 

Rockit, FYI http://www.wilderssecurity.com/showthread.php?t=29492 The thread is about Kerio v2.1.5 which is not the latest.

BlitzenZeus is one of the top 3 - 4 firewall people at Wilders - wrote a downloadable rule set for Kerio. From my reading about Kerio over time, Kerio appears to be very rule dependent - far more so than other Firewalls that I know about and consequently the learning curve is steeper.

Regards - Charles

 

Lots of the MVP recommendations are made because they are safe and reasonable for the widest majority of computer users. But I suspect if you were able to poll the security and networking MVPs about what they personally use, you'd find things that were contrary to what they recommend on public newsgroups.

And while MVPs should know their stuff in their area of expertise, all of us are simply non-Microsoft folks who have been seen to provide significant help to the large community of Microsoft users but in many/most cases, we do it for fun.

The reality is that there are Microsoft and non-Microsoft folks in all areas of computing who are not MVPs but will know more about their area than most MVPs do. They simply haven't donated the time to be selected - or they are so techie that normal people can't understand them.