Re: Mcafee or Norton
- From: "Vanguard" <vanguard.news@xxxxxxxxxxxx>
- Date: Wed, 8 Feb 2006 18:20:46 -0600
"Beauregard T. Shagnasty" <a.nony.mous@xxxxxxxxxxxxxxx> wrote in message news:1qiuwj3wilk4f.1hnewmkys7p2d$.dlg@xxxxxxxxxxxxx
(PeteCresswell) wrote:
Per Beauregard T. Shagnasty:Follow Jim's advice, and then add a personal firewall, such as Kerio.
Anybody want to venture an opinion on the firewall that comes built in
to XP?
Sure. It's Inbound only. 'Nuf said?
Not after Windows XP SP-2 (but obviously you need to be using Windows XP for that service pack). If an application wants a connection, you will get a prompt. However, there is very little you get to configure regarding that connection. What you get, after first FULLY allowing that application to connect, are the following configurable options for the application rule that got added (under the Exceptions tab):
To specify the set of computers for which this port or program is unblocked:
- Any computer (including those on the Internet).
- My network (subnet only).
- Custom list.
Note that both an appliation or a port can be restricted. While these rules do not allow the user to configure whether the connection allowed is only inbound, only outbound, or both, it does offer control over which application can have ANY connection. That is, it is not strictly an outbound-connection rule but then neither are application rules in 3rd party firewalls. For example, I use Sygate and it also defaults to allowing both inbound and outbound connects to a process and I have to edit that app rule to make it an outbound-only connect, like for the svchost.exe process. Just because other firewalls have application rules, remember that most aren't just defining outbound permission. Most default to giving full permission in BOTH directions and it is up to you to decide if you want to further restrict the direction of traffic (regarding unsolicited traffic). But even Windows firewall gives you the same function of specifying if a program can even get a connection in the first place.
So it is a misconception that the Windows firewall doesn't have application rules. It does but it permits traffic in both directions - but then so do most other firewalls (they just let you further edit the rule to block or allow in only one direction or allow both). If you wander around to all those desktops that are running 3rd party firewalls, you will see most users simply use the default application rule that gets defined by their 3rd party firewall, and those default app rules permit traffic in BOTH directions. In other words, by default, the applications rules in most firewalls are simply access control lists that decide if an application will have a connection but don't specify the direction of traffic.
Some firewalls, like Norton's, have a database of common applications with preset rules, so when you allow the application to have a connection then you get those preset rules from their database. I think ZoneAlarm might also have a list of common applications to know how it should configure app rules for those. The McAfee and Sygate firewalls simply default to allowing FULL access (i.e., inbound and outbound) and you have to follow up by editing the app rule to make it one-directional, if even needed.
--
__________________________________________________
Post replies to the newsgroup. Share with others.
For e-mail: Remove "NIX" and add "#VN" to Subject.
__________________________________________________
.
- Follow-Ups:
- Re: Mcafee or Norton
- From: Pete
- Re: Mcafee or Norton
- References:
- Mcafee or Norton
- From: Craig Davies
- Re: Mcafee or Norton
- From: Beauregard T. Shagnasty
- Re: Mcafee or Norton
- From: (PeteCresswell)
- Re: Mcafee or Norton
- From: Beauregard T. Shagnasty
- Mcafee or Norton
- Prev by Date: Re: Mcafee or Norton
- Next by Date: Re: Mcafee or Norton
- Previous by thread: Re: Mcafee or Norton
- Next by thread: Re: Mcafee or Norton
- Index(es):
Relevant Pages
|
|
