I have noticed some trojans horses can disable the xp sp2 firewalls quite easily, but not the latest Zonealarm. You should expect better performance out of zonealram.

regards,
Mark

Winblows has always had a firewall, but usually turned off by default.

SP2 has it turned on by default, and it's about as effective as ever.

Stick with ZoneAlarm.

The built in Windows firewall is only half a firewall as it will not block unwanted out going connections.
ZoneAlarm is a much better piece of software.

Lets face it, most home users have no idea about a firewall. So even the built in firewall is going to be better than an unprotected PC.

Personally, I use a hardware version built into my router. But when I am travelling with my laptop, I use the MS one. Better than nothing.

But when I am travelling with my laptop, I use the MS one. Better than nothing.

Not if it gives a false sense of security. Think like "I don't need a virus scanner, I have a firewall. I don't need to be careful with email attachments, I have a firewall..."

ZoneAlarm.

If I'm writing a worm/trojan/*ware, which do you think I'm going to look for holes in first? Hey, how 'bout the one that comes with pretty well every new computer out there?

And lets face it, any firewall produced by Microsoft is going to be stuffed with glitches and buffer overruns [google.com] and several other flaws that allow the execution of arbitrary code [google.com] just waiting to be exploited [google.com].

Also, if you're still using it for anything other than testing, I'd strongly recommend switching browsers from IE to pretty much anything else.

Just a thought.

J.

Not if it gives a false sense of security. Think like "I don't need a virus scanner, I have a firewall. I don't need to be careful with email attachments, I have a firewall..."

I have a local virus scanner. When I am travelling I VPN into the corporate network to pick up the latest updates and also to get my email - which has a server side virus protection.

There is a fine line between being secure and totally screwing up productivity. I still need to be "online" when I am travelling and plug into some strange networks. I take precautions that are practical and logical.

My main "productivity" machine has both a hardware, and software fireall. Plus a virus scanner. I also make sure I keep the latest command line search and removal tools from Sophos handy.

Some call me paranoid. Personally, I just look at it as an ounce of prevention being worth more than pounds of re-formatting.

I've also set up a *nix box and am slowly working towards having all the open source software I need to accomplish my day-to-day work. At which point, the windows box becomes a video game machine. The reason? I just find *nix more secure, less buggy (well, after you finally get it set up right). I'm sick to death of wasting 2-4 hours a week keeping up on security issues for windows. I spend that much time in a month on the *nix box, and feel way more secure with it.

I use ZoneAlarm on my machine at home. I formatted last weekend and so far I am over one thousand intrusions. I really don't think Microsofts attempt at being "firewall" experts really would have blocked all of them and more. I think I would be formatting right now. In questions like these between firewalls and different software/hardware...take a look at the company. If the company. Microsoft makes all of these other products other than the "new" firewall in SP2. Yes they have always had some type of a firewall BUT now it's enabled. So now take a look at Zone alarm. Who takes more time and dedicates more of a percentage to security and firewalls....ZoneAlarm. So the choice is obvious. It's like Speakers. Logitech or Klipsch. If you want better sounding speakers you go with the company with experience. Klipsch has been doing speakers and making perfections for YEARS!....look at logitech....mice, keyboards, digital cams....and speakers....when they have time. Not that Logitech comes out with some really nice speakers...and they are going to be my next set but if you think about it....you must give the kudos to klipsch because they do just sound better....of course IMHO. :-)

just a question, but if the sp2 firewall is so bad, then how come when I do a port scan thru Steve Gibson's website, my pc always comes back as stealth. This was with both SP1 and SP2. seems to be blocking ports as it should.

just a question, but if the sp2 firewall is so bad, then how come when I do a port scan thru Steve Gibson's website, my pc always comes back as stealth. This was with both SP1 and SP2. seems to be blocking ports as it should.

Are you hooked up through a DSL router? Because if you are, that acts as a hardware firewall, and might be giving the "stealth" effect.

No, I have cable internet and I'm hooked directly into the cable modem. I think it's just a lot of anti-microsoft bias going around and people want to criticize MS for their "insecure" firewall, but then they recommend another software firewall, which is equally insecure. most security experts recommend hardware firewalls over software, but I don't see any criticism of ZoneAlarm here, only MS

I really think that people dont' want to just "criticize" MS because of their security. I don't think people want to "fry" a company because of a bad rep. In the software world people get weary, and here is why. One, people are using their OS. They want the best for it, so that in human nature opens citicism. I think what it comes down to is track record, history and competitors. People look for security in windows when this SP came out because of all the exploits that they have had in their software before....can we say for example "IE"? So in conclusion I don't think it's going to take a SP from Microsoft to get people to change software firewalls, It's going to take about 5 years of undoing and that is quite a bit of erasing. Once a program has proven unreliable or insecure, there is always that little feeling at your fingertips that you should look for an alternative, and for us people that know what it's worth it hangs over us like the grim reaper in the night. I guess what I am saying is that people are going to still be using ZoneAlarm, and I would recommend it over Microsofts first attempt at a "rock solid" firewall. I say "rock solid" because today there is a different concept of rock solid compared to the win95/98 days. There are more things, more programs, new attempts and ideas to break and hack in. People/development groups just don't write an 'end all' solution to a firewall in a matter of a servicepack esp with a company that just doens't write firewalls exclusivly.

I think it's just a lot of anti-microsoft bias going around and people want to criticize MS for their "insecure" firewall

My reasoning is that it is a "passive" firewall. This means it only "blocks" in one direction. Heck if it was a full state firewall I would not disable it.

By the way, I like MS or I at least do not bash the company.

Take care,

Brian

<<<<but I don't see any criticism of ZoneAlarm here, only MS

It's always a good idea to read up on this stuff before forming opinions. In this case, had you read up, you would know the following:

1. Windows firewall only blocks incoming packets. This means those trojans on your windows box are phoning home with total immunity.
2. Zonealarm has pretty much always been a real firewall, it blocks incoming and outgoing packets by default.
3. Windows XP firewall does not block remote access by default. This is sort of like openly inviting hackers and zombie pc network operators in through your front door.
4. Zonealarm did not need to be told that you need to block outgoing traffic. MS will need to learn this lesson. This is why MS continuously is forced to release massive security patches: they simply do not grasp the fundamentals of security, and therefore their stuff is almost always drastically insecure for many generations.

Or perhaps more accurate: MS grasps the fundamentals just fine, then opts not to implement these elements because it always ends up making the computer less 'user friendly'. It's a marketing decision, basically, no matter what they say publically.

Or perhaps more accurate: MS grasps the fundamentals just fine, then opts not to implement these elements because it always ends up making the computer less 'user friendly'. It's a marketing decision, basically, no matter what they say publically.

Plus they can offer a firewall that works both ways in SP3 ;)

I would never trust windows with security, I only us XP and IE because I must, so stay with zonalarm or sygate.

zeus