DISQUS

seamonkey420 · 5 years ago

gotta ? for ya..

is this firewall an improvement in the current one? (i run xp professoinal build 2600)

or a totallly new application?

just curious, i guess i'll find out in ... 24 minutes.. hehe...

good recipes, again! helpful for us xp sp2 noobs.. haha..
peace

MickeyMouse · 5 years ago

<ul id="quote"><h6>seamonkey420 wrote:</h6>gotta ? for ya..

is this firewall an improvement in the current one? (i run xp professoinal build 2600)

or a totallly new application?

just curious, i guess i'll find out in ... 24 minutes.. hehe...

good recipes, again! helpful for us xp sp2 noobs.. haha..
peace</ul>

The firewall is much better than the default firewall. For example, the old firewall would not work if you were on a home network. The other firewall just blocked some ports and did not request permission (a la zone alarm) like this one does.

I am still using Zone Alarm 4.5... but when I upgrade my family's systems, I'll probably just install SP2 and forget about it. It's good enough for your average system.

Paul · 5 years ago

I have upgraded to SP2 and the firewall is active and I also have zonealarm running at the same time.

I havent had any problems yet :)

If and when I do I will stop the new xp firewall.

Has anyone else had a conflict?

MickeyMouse · 5 years ago

There shouldn't be any conflict. You are just introducing an extra variable in the equation that doesn't have to be there.

I think most people agree that zone alarm is much better. Why put yourself through the chance of it causing trouble? Plus, it's an added component... and extra thing running slows down your computer just a little.

If you really want duplicate protection, get a hardware firewall to compliment your software firewall. You just don't gain anything by using two software firewalls.

Buick6siX · 5 years ago

SP2 windows firewall does block outbound traffic, unlike the original xp firewall.
http://www.microsoft.com/windowsxp/using/securi...

http://www.microsoft.com/windowsxp/using/securi...

MickeyMouse · 5 years ago

<ul id="quote"><h6>Buick6siX wrote:</h6>SP2 windows firewall does block outbound traffic, unlike the original xp firewall.
http://www.microsoft.com/windowsxp/using/securi...

http://www.microsoft.com/windowsxp/using/securi...>

I didn't see that fact in either of the pages that you referenced... I am pretty sure that the new firewall does not block outgoing traffic.

Can you quote the information where it says that the new firewall does, please?

seamonkey420 · 5 years ago

i still ran my webserver... with sp2..

maybe its your routers firewall???
did you open up the appropriate ports in the xp firewall program??

destroyer · 5 years ago

I think that the articles state that all internet connections are blocked (incoming and outgoing) except where exceptions are made.

I may be wrong on this though, as you say, there is no specific mention to the outbound traffic (such as when ZA asks for permission and digitally signs each exe to prevent spoofing and allowing trojans, spyware, and such from connecting). But that's how I read into it. :)

Anonymous · 5 years ago

<ul id="quote"><h6>Buick6siX wrote:</h6>SP2 windows firewall does block outbound traffic, unlike the original xp firewall.
http://www.microsoft.com/windowsxp/using/securi...

http://www.microsoft.com/windowsxp/using/securi...>

Drew7ster · 5 years ago

I just read and am attempting to apply the tech-recipe on same topic. The only way I can regularly access websites is to turn off Zone Alarm (v5), although previously I had security setting for XP set to turn off SP2's firewall. Found a conflict between the two with the SP2 version off... Odd. Have invested in ZA and want to use it. Can you help?
Drew

alimax · 5 years ago

I have just installed SP2 and I cannot use my wifi network to ftp files outward when Zone Alarm is running even tho I have disabled the SP2 firewall. But if I shut ZA down I have no probs.

Anonymous · 5 years ago

<ul id="quote"><h6>Buick6siX wrote:</h6>SP2 windows firewall does block outbound traffic, unlike the original xp firewall.
http://www.microsoft.com/windowsxp/using/securi...

http://www.microsoft.com/windowsxp/using/securi...>

None of these pages makes any reference directly or indirectly to blocking outbound/egress traffic. I have found that the WinXP SP2 firewall supports only very limited blocking of outbound traffic (only ICMP).

Generally speaking, traffic is allowed outbound. Otherwise, how could you browse the web or send IM's without making an exceptions for your web browser or IM client?

As a more technical example, the firewall blocks inbound but not outbound packets with an IP protocol of ESP (ESP is a protocol that is used by some IPSEC VPN's). I have found no way to allow ESP inbound, so one could say that it always blocks inbound ESP. However, it always allows it outbound.

The only outbound filtering of which I've found the firewall capable is blocking certain types of ICMP. I have seen no way through the GUI or netsh interfaces to make it filter other kinds of traffic outbound.

Generally, it allows all outbound traffic and blocks all inbound traffic except by exceptions and "advanced" ICMP settings. Exceptions can only be made for TCP and UDP traffic, and again, only for inbound traffic.

The only two references on those two pages (and the other page in that set of pages) as of today 11/6/04 are:
<ul id="quote"><h6>http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx wrote:</h6>When someone on the Internet or on a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection.</ul>
<ul id="quote"><h6>http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx wrote:</h6>If you're running Windows XP Service Pack 2 (SP2) the Windows Firewall is turned on by default. This means that most programs will not be allowed to accept unsolicited communications from the Internet unless you choose to list those programs as exceptions.</ul>

Both of these imply inbound blocking and session/connection tracking (the technology that lets the firewall tell when a packet is part of a stream related to some previous packets). That implies that the firewall will look at the packets that are going out, to help block future packets that could be related. It does not state or imply in any way that filtering is possible on outbound traffic, even if it is inspected.

To explain all of this in an editorial voice, I'd say that it is a personal firewall, and has more advanced technical limitations than some other personal firewalls. However, its interface and control is nice, including domain controls. If more advanced features are added, it could be a production-ready product. I like it, but it's immature.

dodgymixer · 4 years ago

<ul id="quote"><h6>Paul wrote:</h6>I have upgraded to SP2 and the firewall is active and I also have zonealarm running at the same time.

I havent had any problems yet :)

If and when I do I will stop the new xp firewall.

Has anyone else had a conflict?</ul>

hi yeah my comp is now running xps sp2 and i can put zone alarm older vertion but then when i run it it wants to update then when updat is done and i restart comp i get blue warning screen saying it has halted xp if i then go to saft mode and delte the zone alarm it is well agen i really liked zone as you could tinker with it tweek it a little to ur own liking any info im running a phillips pre built comp from pc world 3200 mhz 800 fsb great little bit of kit my darling but not sure weather to turn of sp2 or have zone
many thanks to whome has any ideas

yasser · 10 months ago

suck balls

cdg · 10 months ago

"Why block outbound connections? Software packages send information back to “home-base” all the time. Spyware can collect information and send it back to the author. These are invasions of your privacy that Zone Alarm and most other software firewalls stop."

Rubbish! Zone Alarm is spyware! It "phones home" every few minutes, and transmits a variety of your personal data to several companies. This is well-documented. ZA may block OTHER outgoing traffic, but at what cost?