Penguins3Have You Played Atari Today? join:2001-12-01 Cleveland, OH
1 recommendation |
Without outbound connection filtering...its pretty much useless against viruses, trojans, and other malware. | |
|
| palbri Premium Member join:2000-10-22 Suffield, CT |
palbri
Premium Member
2004-Aug-10 11:59 am
Re: Without outbound connection filtering...??? I was under the impression it DOES have outbound connection filtering.... | |
|
| | rorrim180The Original Captain Chaos Premium Member join:2001-12-29 united state |
rorrim180
Premium Member
2004-Aug-10 12:16 pm
Re: Without outbound connection filtering...When I was using SP2 beta a message popped up on my screen for a few programs, one of them being AIM, asking me if I wanted to give it permission to access the internet. Doesn't that provide some form of outbound protection? | |
|
| | | |
Re: Without outbound connection filtering...The firewall picked up on a some spyware trying to phone home on me, not bad for a bare minimum firewall. It's enough that I won't need to install heavier stuff on some computer. | |
|
| | | | |
Re: Without outbound connection filtering...I found that it was only picking up on the outbound connection, not actually stopping it. Each time I got the notification, it said it was currently blocking application "xx" whatever, prompting me to allow it or continue blocking. But the program was in fact getting out just fine.
So I guess maybe it works as an outbound connection warning, but certainly not as an outbound firewall. | |
|
| AthlGrond Premium Member join:2002-04-25 Aurora, CO |
to Penguins3
I'd say it's pretty much useless against outbound traffic, but works fine on the inbound stuff. | |
|
| | Andrew J Premium Member join:2001-11-09 Lancaster, PA |
Andrew J
Premium Member
2004-Aug-10 12:30 pm
Re: Without outbound connection filtering...It must block outbound since the second I rebooted after the install, it asked if I wanted to allow "Media Server" to work. This is an out-bound program to my DVD player. It's hosing Active Sync connections for PPC users, also. | |
|
| | | AthlGrond Premium Member join:2002-04-25 Aurora, CO |
AthlGrond
Premium Member
2004-Aug-10 12:37 pm
Re: Without outbound connection filtering...Good to know, the reviews I've read have given mixed signals on this. (I've seen it stated both ways. Sometimes in the same review!)
Personally, I think the inbound protection is so much more important that I wouldn't mind if it did nothing for outbound. | |
|
|
1 recommendation |
SecurityExpert to Penguins3
Anon
2004-Aug-10 12:37 pm
to Penguins3
Look, if you have to block outbound traffic then you have already been infected and it is too late. Inbound filtering and common sense is good enough. | |
|
| | |
Re: Without outbound connection filtering...Better late than never!! At least with an outbound notice, you're given a flag that your infected, and can then address the problem. | |
|
| | | dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2004-Aug-10 1:59 pm
Re: Without outbound connection filtering...said by LoungeLizard2: Better late than never!! At least with an outbound notice, you're given a flag that your infected, and can then address the problem.
..assuming the malware tries to connect out before it deletes every file you own, you're protected. | |
|
| | |
to SecurityExpert
some people just like to control what connects to the Internet--- myself included.... I don't want Windows Media Player phoning home or any other 'non-malware' app. to "check for new version". call me paranoid, but who knows what kind of info is actually going out. If I want an update or to send "non-identifiable info" I will do it manually. | |
|
| DaMaGeINCThe Lan Man Premium Member join:2002-06-08 Greenville, SC
1 recommendation |
to Penguins3
said by Penguins3: its pretty much useless against viruses, trojans, and other malware.
If your stupid enough to get all that shit, then your a moron in the first place. | |
|
| | 1 edit
1 recommendation |
Re: damageinc...Please....either add something constructive to the discussion you self-righteous Erkel, or reach in the back of the fridge, where I left you an ice cold 40oz of PBQ!! (please be quiet):p | |
|
| | |
to DaMaGeINC
Re: Without outbound connection filtering...Play nice, please.
I'm not a big fan of locking threads.
Thanks. | |
|
| not quite rightI'm not cool enough to be a Mac person join:2001-06-23 Puyallup, WA
2 recommendations |
to Penguins3
You guys don't get it do you? Microsoft CAN'T put a full fledged two way firewall into it's OS without every 3rd party software manufacture screaming MONOPOLY, and suing them for trying to protect your ignorant asses! Windows firewall is meant to protect the sheep from the wolves of the internet nothing more. | |
|
| | |
Re: Without outbound connection filtering...If that were the case then how come they still have a fully functional media player and video editing suite? Either the developers in Microsoft don't have the savvy to make a powerful firewall or Microsoft refuses to invest enough to make a quality firewall. Either way it's just a simple solution tacked onto an already bloated OS. | |
|
| |
glassgnost to Penguins3
Anon
2004-Aug-10 4:48 pm
to Penguins3
If UPNP is still allowed to open new inbound ports on the fly, it's useless. Does SP2 kill UPNP by default? | |
|
| | Jeremy341Bye Premium Member join:2000-01-06 localhost |
Re: Never mind outbound connection filtering...said by glassgnost: Does SP2 kill UPNP by default?
Yes. | |
|
DSLrgm Premium Member join:2002-08-22 Oak Park, MI |
DSLrgm
Premium Member
2004-Aug-10 11:58 am
Half bakedInbound protection only.
No outbound packet inspection.
No.
Do you stop using a REAL firewall product. | |
|
|
Keep using another firewall...The MS SP2 patch still tags only incoming access to your computer...nothing from your computer asking for access to the Internet, so although it's better, continuing to use ZA or any other firewall and/or a router is preferable. | |
|
vernalex Premium Member join:2000-10-19 Vernon Rockville, CT
1 recommendation |
vernalex
Premium Member
2004-Aug-10 12:02 pm
I'm curious too...I am curious how well it will work out over time. I think it will turn out better than ZoneAlarm or such, but it will create a single failpoint for newer worms to attack.
A lot of people will complain that it only blocks incoming. And personally from handling computer support for years I find that outgoing "protection" causes more problems then it fixes. The worms attack remotely, and if you have a worm on your computer then you have bigger problems then firewalls. Nothing beats updating your computer and closing all your open ports (through firewalls or other ways). | |
|
koat join:2001-05-12 Sunnyvale, CA |
koat
Member
2004-Aug-10 12:04 pm
Playing devil's advocateWhy would you worry about outgoing traffic if you do not download malware infected junk, use outlook or open execetable attachments, or the like?
I use Kerio for my firewall which has outbound protection, but over the past 3 years I might have had spyware on my machine 2-3 times from when I install bearshare to download out of date linux isos. | |
|
| ropeguru Premium Member join:2001-01-25 Mechanicsville, VA |
ropeguru
Premium Member
2004-Aug-10 12:19 pm
Re: Playing devil's advocateBecause there may be a product that you download that in the past has not had spyware/malware in it, but new versions do. Take AOL IM, in the past it never had any issues. Recently they started packaging wildtangent to be installed automatically. Granted, they have since made it an option to install. But if you did not have outgoing protection you may have never known it was even there.
Another example is weather bug. They did, and still do, the same thing. It phones home to send back user habits. Also, you may want to use a product that does phone home for other reasons, such as connection statistics. There may not be an option to turn it off. But if you have outbound protection you can block that but still use the product without worries.
So there are a LOT of reasons to have it.
My opinion is that if Microsoft is hyping this new service pack so much on security, have put so much money into it, and make the file soooo big, 266MB to be exact, they could have done the little bit of extra to provide outbound protection.
To me just another example of M$ half assed work. | |
|
| | |
Re: Playing devil's advocateI don't think it's hype at all... they put a sh*tload of work into it. They have very little financial gain from SP2 because it's a free update. It's an attempt to make M$ look better because we all know that they have been plagued with security issues. As much as we all like to bitch about them and how they arn't on the ball and don't quickly patch security flaws... i think they have a lot on their plate and should be cut a little bit of slack. | |
|
|
Maybe, just maybe...You all should actually use the thing before passing judgment, or repeating BS Microsoft haters like to spread.
The SP2 firewall does prompt you when a program tries to reach the outside world. It also manages exceptions, you can manually open ports, etc. | |
|
| sadowskiI Am My Own Doppelganger Premium Member join:2000-04-14 Buffalo, NY |
sadowski
Premium Member
2004-Aug-10 12:32 pm
Re: Maybe, just maybe...It will warn you when a program tries to bind to a port for listening, that is, to accept unsolicited inbound connections. | |
|
| | Andrew J Premium Member join:2001-11-09 Lancaster, PA 1 edit |
Andrew J
Premium Member
2004-Aug-10 12:55 pm
Re: Maybe, just maybe...I'm also sure it blocks out-bound since on one box it immediately asked if I wanted some program internet access. I have no idea what it was but it had to be on the box when I rebooted. This box has up to date AVG and Spybot Search and Destroy. With very few other items since it's just an extra PC that crunches. | |
|
|
Mr Anon
Anon
2004-Aug-10 12:31 pm
Don't get confused!Hold on before we get too off tilt here, ZA is a suite of programs its even divided as such in the interface. Its becoming more popular for software firewalls to include other protection services they are outside of what a firewall is.
A firewall is just for mostly inbound protocol and port security, securing just the network. Program security is security against programs connecting regardless of port, IP, protocol, but can distinguish between connection to the Internet and running a service (which is what you see in sp2 just security over servers) Anti-virus is file and program security no network involvement (scanning shares and things as they enter the system still is done locally ) Email protection only deals with email.
Each of these are different sections with different functions, don't be confused by the fact that they are in one program suit Zone labs programs are really a security suit where as the Firewall in XP is just that, a firewall, same thing goes for the ones in Linux. | |
|
|
SecurityExpert
Anon
2004-Aug-10 12:38 pm
SP2 is good enough.Yes, SP2's firewall is good enough on its own. Also keep in mind it does not carry with it the headaches that Zone Alarm has these days. | |
|
SirXILEThe SolWar 2-1 Premium Member join:2001-02-24 Brooklyn, NY |
SirXILE
Premium Member
2004-Aug-10 12:42 pm
Even..I will still use ZAP in conjuction with the new SP2 Windows firewall on my soon to be 2nd PC. I won't install SP2 on my main computer though. SP1 & ZAP are there to stay on it. | |
|
| |
anon0101
Anon
2004-Aug-10 1:01 pm
Re: Even..i dont know what everyone's smoking but SP2's ICF DOES have outbound protection.....
it also 'learns' just like other firewalls, by popping up a message asking you to block or unblock programs that try to access the internet....it feels just like zonealarm without the bloat.
i think everyone's confusing pre SP2's ICF with the new SP2 ICF....the old one wasn't enabled by default, and didnt really do much except for incoming rules which had to be manually set. | |
|
| | |
What does Windows Firewall DoBeen here, done that on this discussion but here is a C&P from MS. What does Windows Firewall do? Windows Firewall (previously called Internet Connection Firewall or ICF) is a software-based, stateful filtering firewall for Microsoft Windows XP and Microsoft Windows Server 2003. Windows Firewall provides protection for computers that are connected to a network by preventing unsolicited inbound connections through TCP/IP version 4 (IPv4) and TCP/IP version 6 (IPv6). Notice the word inbound and nothing about outbound. Here is the full explanation so you can see I didn't snip it out of context: » www.microsoft.com/techne ··· 21120120Some apps may connect via outbound port and request a connection back on another inbound port, causing Win Firewall to prompt for permission. I can't find the thread discussing this behavior but it seems to mislead some users. | |
|
|
What, no outbound protection?Maybe they ditched the "outbound traffic" protection after the beta because, Microsoft has more apps that call home than anyone. | |
|
| ••••••• |
|
a ship on the intene
Anon
2004-Aug-10 1:22 pm
am i protected enough?i'm behind one, two, three firewalls.........do i really need another one? lol | |
|
Paul928 join:2000-05-06 Haverhill, MA |
NO outgoing traffic protectionI was listening to Leo Laport's radio show a few weeks ago, and one of his guests was Steve Gibson, of Shields Up fame.....Now according to Steve, the Windows XP firewall DOES NOT protect you from outgoing traffic....Just INBOUND! Unless the final version of Windows XP SP2 has changed since the beta version came out, then I'm still assuming that outgoing traffic is NOT protected. | |
|
Nutso join:1999-12-09 Staten Island, NY |
Nutso
Member
2004-Aug-10 2:35 pm
it doesntquote: Since Internet Connection Firewall provides inbound protection only, if you have concerns about programs that phone home or send outbound data to an unknown destination over the Internet, you may want to consider a thirdparty firewall.
» www.microsoft.com/window ··· r12.mspx | |
|
| •••••••••• |
google2 join:2004-02-04 South Beloit, IL |
Hardware?It seems there is a lot of discussion about the fireall compared to other software firewalls, but how about a hardware firewall? Would the ideal non-free, but 'inexpensive' solution be to disable the new sp2 firewall and use a hardware firewall (linksys, netgear, etc)? I know the reason a lot of people (including me, at the moment) use software firewalls, is they are either free or inexpensive after rebates (mcafee, norton, etc), but I'm certainly looking into getting a good hardware firewall. | |
|
| netddosLife Goes On.. join:2001-08-28 Fullerton, CA |
Re: Hardware?Hardware firewall that *works* = expensive
Cheap NAT home orientated firewall= inexpensive, worse than software firewall. | |
|
| | AthlGrond Premium Member join:2002-04-25 Aurora, CO |
Re: Hardware?said by netddos: Cheap NAT home orientated firewall= inexpensive, worse than software firewall.
A NAT router: *it doesn't add to system instability *it doesn't drain system resouces *it works during system startup and *it works if your system is hacked The software firewall: *it protects others if your system is hacked and the hacker can't figure out how to turn it off. (in other words it protects others from some virii that you might contract) Call me selfish, but I'd rather have the thing that protects me. | |
|
|
HehI don't have to worry, I don't use any apps that 'phone-home' unwaranted. I'm guessing the warning that pops up just allows you to block it, right? I noticed a media player of mine that popped that warning and it was buffering before i clicked allow. | |
|
|
Considering the history of Microsoft....Only if you want a lesser firewall than offered by 3rd parties.
It's always better to stick with a company that specializes in a particular technology than one who offers everything including the kitchen sink. | |
|
Da22inBuck Fush join:2002-06-10 Charlotte, NC |
Da22in
Member
2004-Aug-10 7:37 pm
disabled....I won't even have ICF enabled...well once I go through Services after SP2 install to see what it did to me, ICF will be disabled, along with that annoying Security Center. ZA Pro 4.5 does everything I need it to do already. On the other hand, for the general public this whole thing is a good idea. A step in the right direction, if you will. I hope they'll address ActiveX and IE soon, and with the same effort. Will SP2 CD's still be strewn everywhere to pick up for FREE in the near future? I'd pick up some extras for some people you may know....you know the ones. | |
|
| •••
|
|
|