Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Most respectful firewall

6 views
Skip to first unread message

John

unread,
Mar 16, 2009, 7:08:55 PM3/16/09
to
...by that I mean it uninstalls as well as it installs, leaving no registry
entries, etc. behind.
Comodo FAILS to do this. ZoneAlarm conflicted with my system. Please, and
answer for a polite firewall? :-)

Ansgar -59cobalt- Wiechers

unread,
Mar 16, 2009, 7:18:04 PM3/16/09
to

The Windows Firewall?

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

John

unread,
Mar 16, 2009, 7:34:37 PM3/16/09
to

"Ansgar -59cobalt- Wiechers" <usene...@planetcobalt.net> wrote in message
news:gpmmnc...@news.in-ulm.de...

Well, yes I guess, if it's what you mean by a firewall.
Anyone else??

Root Kit

unread,
Mar 17, 2009, 12:48:05 AM3/17/09
to

Comodo and ZoneAlarm aren't really firewalls either - so your point
being?

Kayman

unread,
Mar 17, 2009, 3:15:31 AM3/17/09
to

For the average homeuser, the Windows Firewall in XP does a fantastic job
at its core mission and is really all you need if you have an 'real-time'
anti-virus program, [another firewall on your router or] other edge
protection like SeconfigXP and practise Safe-Hex.
The windows firewall deals with inbound protection and therefore does not
give you a false sense of security. Best of all, it doesn't implement lots
of nonsense like pretending that outbound traffic needs to be monitored.

Activate and utilize the Win XP built-in Firewall; Uncheck *all* Programs
and Services under the Exception tab - recheck frequently).

Read through:
Understanding Windows Firewall.
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx

Using Windows Firewall.
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx

How to manually open ports in Internet Connection Firewall in Windows XP.
http://support.microsoft.com/kb/308127

How to Configure Windows Firewall on a Single Computer.
http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx

Troubleshooting Windows Firewall settings in Windows XP Service Pack 2.
http://support.microsoft.com/default.aspx?kbid=875357

PFW Criticism.
http://en.wikipedia.org/wiki/Personal_firewall#Criticisms

"Personal Firewalls" are mostly snake-oil.
http://www.samspade.org/d/firewalls.html

Why your firewall sucks.
http://tooleaky.zensoft.com/
"But I quickly realized the truth: The added protection provided by
outbound filtering is entirely illusory."

At Least This Snake Oil Is Free.
http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx

Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMyths/default.aspx
Scroll down to:
"Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe."

Exploring the windows Firewall.
http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
"Outbound protection is security theater—it’s a gimmick that only gives the
impression of improving your security without doing anything that actually
does improve your security."

In conjunction with WinXP SP2 Firewall use:
Seconfig XP 1.0
http://seconfig.sytes.net/
(http://www.softpedia.com/progDownload/Seconfig-XP-Download-39707.html)
Seconfig XP is able configure Windows not to use TCP/IP as transport
protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
and 445 (the most exploited Windows networking weak point) closed.
OR
Configuring NT-services much more secure.
http://www.ntsvcfg.de/ntsvcfg_eng.html

Managing the Windows Vista Firewall
http://technet.microsoft.com/en-us/magazine/cc510323.aspx
*(read twice!)*

How Security Companies Sucker Us With Lemons.
http://www.wired.com/politics/security/commentary/securitymatters/2007/04/securitymatters_0419
http://www.schneier.com/index.html

Volker Birk

unread,
Mar 17, 2009, 3:33:18 AM3/17/09
to
Kayman <kayhkay...@operamail.com> wrote:
> an 'real-time'
> anti-virus program

I fear, anti-virus programs are a vale of tears themselves.

In contrast to "Personal Firewalls" one can do sensible things with
them, but most people don't. And the vendors don't do so in default
configuration.

Additionally, people are misunderstanding, because of false advertizing.

> SeconfigXP

Hey, didn't know it. Looks good. Did anyone test the results?
<http://seconfig.sytes.net/>

No Free Software, but freeware, and that could be enough, if the results
are correct.

Yours,
VB.
--
Bitte beachten Sie auch die Rückseite dieses Schreibens!

Root Kit

unread,
Mar 17, 2009, 5:11:36 AM3/17/09
to
On Tue, 17 Mar 2009 08:33:18 +0100 (CET), Volker Birk
<bum...@dingens.org> wrote:

>Kayman <kayhkay...@operamail.com> wrote:
>> SeconfigXP
>
>Hey, didn't know it. Looks good. Did anyone test the results?
><http://seconfig.sytes.net/>

Yes, works fine (on W2K and XP).

Volker Birk

unread,
Mar 17, 2009, 5:13:33 AM3/17/09
to

I mean, did you connect to a second box directly, and run nmap?

G

unread,
Mar 17, 2009, 8:34:42 AM3/17/09
to
In article <6XAvl.3647$Lr6...@flpi143.ffdc.sbc.com>, Jo...@ihatespam.com
says...

You can check out the last freeware version of Tiny Personal Firewall.
It does its job and is very non-intrusive. You can find a link to it
(along with a truckload of other information) at this website:

http://www.mdgx.com/

Go to the firewalls section. I think they might also have a link to a
manual configuration if you're so inclined.

Neil

unread,
Mar 17, 2009, 2:39:11 PM3/17/09
to
John wrote:

Try Core Force http://force.coresecurity.com/ it's based on a port of the
PF 'engine' that BSD uses. The PF system is also used on hardware devices
like Nokia Firewalls so it's pretty good.

I've used it in the past and liked it but I run Linux at home now so
IPTables is my defence of choice, and SELinux of course.

Neil

0 new messages