In this article i want to cover the windows firewall that comes with XP. My advice to you is if your using it to get something better because it has one major flaw. The flaw in it is it has no out bound detection. What i mean by this is anything trying to communicate from your computer onto the Internet goes right on through the firewall no questions ask.
This becomes a problem if you get infected with say a trojan and it tries to call home to start revealing your stuff on your machine. Normally if you only surfed SAFE web sites you could get away with using a firewall like the one in XP. The problem though lies in the fact that some web sites can contain malicious code that can then get your computer to do things you don’t want it to such as loading a trojan up witch takes over your machine.
What makes all these things even worse is that some legitimate web sites can end up getting hacked and you could get hit when going to one of those.
Where a two way firewall comes in is that it does both it blocks traffic coming into and leaving your computer. This is what you want if a trojan gets on a machine with a two way firewall the firewall will block its outgoing access to the net. You have to keep in mind though that some trojans can bypass the out bound detection or even disable the firewall all together.
Most security experts say you want to use both a hardware router / firewall with a software firewall. The reason the experts say this is do to the fact the hardware router / firewall will NOT have outbound detection. The idea behind running both is the hardware firewall blocks all incoming traffic and the software firewall blocks all outgoing traffic. If you get a hardware router they by default act as a firewall but make sure you have it configured right before you put it on the Internet. Also make sure you go through the hardware router and change any passwords it may have by default so a hacker can’t get into it and switch all your settings around.
The way i look at this is , its not good i don’t care what you got whether its hardware or software in terms of a firewall their are always ways around these things. Basicly if you come across the wrong web site and you come in contact with a new kind of exploit where there is no patch for it and the exploit causes your machine to run some malicious code your screwed and thats no matter what you have for protection.
If anyone who is a security expert can dispute what i just said above i would be interested in hearing from you either in e-mail or in my forum.
So now you maybe thinking well whats the point in running a firewall at all? You don’t have a choice at all now a days. At one time the Internet wasn’t as bad as it is now. Today there are all kinds of virus’s and trojans floating around on the net and a unpatched / no firewall computer running windows XP will be exploited in just minutes.
I ran into this first hand a few years back when putting my brothers machine together. I figured after i had installed windows XP service pack 1 that i would connect to the net only for a few minutes and grab the latest patches. While i was sitting there connected to the net the computer reset itself and sure enough when it come back up i checked and the thing was infected. The total time the machine was connected online with no firewall was around 5 minute. My answer to that problem was to reformat the machine and this time i run ZoneAlarm the free version before connecting to the Internet and that was all i needed i could get patched up and had no problems after that.
So despite the fact firewalls are not the perfect solution they are the only solution right now that user can use. If i was user using the windows XP firewall i would be getting my hands on the ZoneAlarm free version since that has the outbound protection on it and you can find that here…
If you do decide to get ZoneAlarm or some other firewall be sure you disable the windows XP firewall. If you don’t disable it you will run into issues latter on having two firewalls trying to run. Also be sure your are NOT connected to the Internet while switching firewalls.
There are a lot of other good firewalls out there that don’t cost all that much around $40.00 but you got to go and look around and see what one you like. In the end being on the Internet itself is not 100% risk free and you can’t expect firewalls to be 100% effective. I’m waiting for the day when a company comes out with something thats better then what we have today. A nice hardware firewall with not only inbound protection but outbound as well.
If your into the do it your self thing i have a article under the Linux section of this web site that covers how to take a old PC and turn that into a very good router / firewall.
The link for the old PC / Firewall is here..
In closing just to show you how important the two way firewall is Microsoft will be including one in windows vista when it comes out. The sad part is its taken them years to get around to adding a two way firewall. Its no wonder the hackers love windows so much lol…
WolfManz611..