Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
Thank you. I take your advice to retain the software Firewall.
Gene K
"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
news:%23VspObYsFHA.2936@TK2MSFTNGP10.phx.gbl...
> Gene K wrote:
>> I have two computers connected via a DSL modem and a D-Link Model
>> DI-704UP Router/Print Server. The Router [like most] includes a Firewall.
>> Will I be safe if I turn off the Norton software Firewall?
>>
>
>
> Well, you'll be safe from a great many exploits, but not from any
> mistakes that you, or someone else using your computer, might make.
>
> If you use a router with NAT, it's still a very good idea to use a
> 3rd party software firewall. Like WinXP's built-in firewall,
> NAT-capable routers do nothing to protect the user from him/herself
> (or any "curious," over-confident teenagers in the home). Again --
> and I cannot emphasize this enough -- almost all spyware and many
> Trojans and worms are downloaded and installed deliberately (albeit
> unknowingly) by the user. So a software firewall, such as Sygate or
> ZoneAlarm, that can detect and warn the user of unauthorized out-going
> traffic is an important element of protecting one's privacy and
> security. (Remember: Most antivirus applications do not even scan for
> or protect you from adware/spyware, because, after all, you've
> installed them yourself, so you must want them there, right?)
>
> I use both a router with NAT and Sygate Personal Firewall, even
> though I generally know better than to install scumware. When it
> comes to computer security and protecting my privacy, I prefer the old
> "belt and suspenders" approach. In the professional IT community,
> this is also known as a "layered defense." Basically, it comes down
> to never, ever "putting all of your eggs in one basket."
>
> WinXP's built-in firewall is adequate at stopping incoming attacks,
> and hiding your ports from probes. What WinXP SP2's firewall does not
> do, is protect you from any Trojans or spyware that you (or someone
> else using your computer) might download and install inadvertently.
> It doesn't monitor out-going traffic at all, other than to check for
> IP-spoofing, much less block (or at even ask you about) the bad or the
> questionable out-going signals. It assumes that any application you
> have on your hard drive is there because you want it there, and
> therefore has your "permission" to access the Internet. Further,
> because the Windows Firewall is a "stateful" firewall, it will also
> assume that any incoming traffic that's a direct response to a
> Trojan's or spyware's out-going signal is also authorized.
>
> ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
> built-in firewall, and are much more easily configured, and there are
> free versions of each readily available. Even the commercially
> available Symantec's Norton Personal Firewall is superior by far,
> although it does take a heavier toll of system performance then do
> ZoneAlarm or Sygate.
>
>
> --
>
> Bruce Chambers
>
> Help us help you:
>
http://dts-l.org/goodpost.htm
>
http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on having
> both at once. - RAH
Facebook
Twitter
Instagram