-
Website
http://www.tech-recipes.com/ -
Original page
http://www.tech-recipes.com/rx/561/xp_sp2_firewall_zone_alarm/ -
Subscribe
All Comments -
Community
-
Top Commenters
-
davak
83 comments · 1 points
-
Web Design
3 comments · 1 points
-
danishbacker
9 comments · 1 points
-
flexinfo
11 comments · 1 points
-
Tonychelle
4 comments · 1 points
-
-
Popular Threads
-
Facebook: How To Get Only Status Updates on Your FB Home Page
1 week ago · 4 comments
-
Firefox: Enable Case Sensitive Searches When Using Find (Ctrl+F)
5 days ago · 1 comment
-
Firefox 3.6: Enable Visual Previews When Using Ctrl+Tab (Windows Only)
6 days ago · 1 comment
-
Windows 7: How To Disable Live Preview for Taskbar Thumbnails
2 weeks ago · 2 comments
-
Gmail: How to block a sender from your inbox
3 weeks ago · 3 comments
-
Facebook: How To Get Only Status Updates on Your FB Home Page
is this firewall an improvement in the current one? (i run xp professoinal build 2600)
or a totallly new application?
just curious, i guess i'll find out in ... 24 minutes.. hehe...
good recipes, again! helpful for us xp sp2 noobs.. haha..
peace
is this firewall an improvement in the current one? (i run xp professoinal build 2600)
or a totallly new application?
just curious, i guess i'll find out in ... 24 minutes.. hehe...
good recipes, again! helpful for us xp sp2 noobs.. haha..
peace</ul>
The firewall is much better than the default firewall. For example, the old firewall would not work if you were on a home network. The other firewall just blocked some ports and did not request permission (a la zone alarm) like this one does.
I am still using Zone Alarm 4.5... but when I upgrade my family's systems, I'll probably just install SP2 and forget about it. It's good enough for your average system.
I havent had any problems yet :)
If and when I do I will stop the new xp firewall.
Has anyone else had a conflict?
I think most people agree that zone alarm is much better. Why put yourself through the chance of it causing trouble? Plus, it's an added component... and extra thing running slows down your computer just a little.
If you really want duplicate protection, get a hardware firewall to compliment your software firewall. You just don't gain anything by using two software firewalls.
http://www.microsoft.com/windowsxp/using/securi...
http://www.microsoft.com/windowsxp/using/securi...
http://www.microsoft.com/windowsxp/using/securi...
http://www.microsoft.com/windowsxp/using/securi...>
I didn't see that fact in either of the pages that you referenced... I am pretty sure that the new firewall does not block outgoing traffic.
Can you quote the information where it says that the new firewall does, please?
maybe its your routers firewall???
did you open up the appropriate ports in the xp firewall program??
I may be wrong on this though, as you say, there is no specific mention to the outbound traffic (such as when ZA asks for permission and digitally signs each exe to prevent spoofing and allowing trojans, spyware, and such from connecting). But that's how I read into it. :)
http://www.microsoft.com/windowsxp/using/securi...
http://www.microsoft.com/windowsxp/using/securi...>
Drew
http://www.microsoft.com/windowsxp/using/securi...
http://www.microsoft.com/windowsxp/using/securi...>
None of these pages makes any reference directly or indirectly to blocking outbound/egress traffic. I have found that the WinXP SP2 firewall supports only very limited blocking of outbound traffic (only ICMP).
Generally speaking, traffic is allowed outbound. Otherwise, how could you browse the web or send IM's without making an exceptions for your web browser or IM client?
As a more technical example, the firewall blocks inbound but not outbound packets with an IP protocol of ESP (ESP is a protocol that is used by some IPSEC VPN's). I have found no way to allow ESP inbound, so one could say that it always blocks inbound ESP. However, it always allows it outbound.
The only outbound filtering of which I've found the firewall capable is blocking certain types of ICMP. I have seen no way through the GUI or netsh interfaces to make it filter other kinds of traffic outbound.
Generally, it allows all outbound traffic and blocks all inbound traffic except by exceptions and "advanced" ICMP settings. Exceptions can only be made for TCP and UDP traffic, and again, only for inbound traffic.
The only two references on those two pages (and the other page in that set of pages) as of today 11/6/04 are:
<ul id="quote"><h6>http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx wrote:</h6>When someone on the Internet or on a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection.</ul>
<ul id="quote"><h6>http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx wrote:</h6>If you're running Windows XP Service Pack 2 (SP2) the Windows Firewall is turned on by default. This means that most programs will not be allowed to accept unsolicited communications from the Internet unless you choose to list those programs as exceptions.</ul>
Both of these imply inbound blocking and session/connection tracking (the technology that lets the firewall tell when a packet is part of a stream related to some previous packets). That implies that the firewall will look at the packets that are going out, to help block future packets that could be related. It does not state or imply in any way that filtering is possible on outbound traffic, even if it is inspected.
To explain all of this in an editorial voice, I'd say that it is a personal firewall, and has more advanced technical limitations than some other personal firewalls. However, its interface and control is nice, including domain controls. If more advanced features are added, it could be a production-ready product. I like it, but it's immature.
I havent had any problems yet :)
If and when I do I will stop the new xp firewall.
Has anyone else had a conflict?</ul>
hi yeah my comp is now running xps sp2 and i can put zone alarm older vertion but then when i run it it wants to update then when updat is done and i restart comp i get blue warning screen saying it has halted xp if i then go to saft mode and delte the zone alarm it is well agen i really liked zone as you could tinker with it tweek it a little to ur own liking any info im running a phillips pre built comp from pc world 3200 mhz 800 fsb great little bit of kit my darling but not sure weather to turn of sp2 or have zone
many thanks to whome has any ideas
Rubbish! Zone Alarm is spyware! It "phones home" every few minutes, and transmits a variety of your personal data to several companies. This is well-documented. ZA may block OTHER outgoing traffic, but at what cost?