The simple question - what is XP in-built Firewall, and what it does/should do. I don't see any blocking activity, or anything, exept logging to D:\Documents and Settings\*User Name\firewall.log



Thanks, and best regards

-{ Quote: " quoting: stalker link=board=23;threadid=21159;start=0#msg127532 date=1075930340]The simple question - what is XP in-built Firewall, and what it does/should do. I don't see any blocking activity, or anything, exept logging to D:\Documents and Settings\*User Name\firewall.log " }-

It is a very basic firewall that handles inbound connection attempts only (no outbound application controls like most add-on software firewalls). It uses the stealth model for the inbound packets it blocks.

Some people call it a software NAT running right on your PC because of how it handles inbound connections. Packets that are replies to what your PC sends out are allowed in, but unsolicited packets are dropped.

It does work. If it had been "enabled" by default on all XP installs then the MS Blast worm may not have been much of anything, at least against XP boxes. If you have no other software firewall or external protective device such as a router, then the built-in XP firewall (ICF) is certainly worth using.

As for "alerting" and "customizable features", well it is a very lean product. No alerts or popups, which some people would say is a good thing.


Edit: Oh, by the way, it is best to disable the built-in XP firewall if you are using another installed software firewall on the box, otherwise you will get some odd results - things blocked or not working right even though you think you've enabled them in your other firewall... Such like that.

Hi - This firewall software blocks only INCOMING tentacles of evil. If a virus manages to infiltrate your PC by other means [e.g., from an attachment that you opened in your email] the Windows firewall does nothing to block outgoing mischief.

The firewall works by blocking all unsolicited data from the Net. If yhou click Settings you can tell the firewall software to permit certain kinds of incoming, unsolicitied queries - a useful feature if your PC hosts a Web site. Example - the settings button in the Advanced tab, meanwhile, lets you turn on logging, which creates a text file that contains a list of every piece of internet traffic the firewall tried to block. If you are a TCP/IP sleuth, this info. could theoretically be usefull starting point for tracking down hackers foolish enough to take you on.

If you share one internet connection and have several PCs installed, you would want to turn on the XP firewall option only for the first computer - the one that is connected to the internet. Otherwise, the firewall sofware will prevent your own computers from talking to each other. Similarly, leave the firewall software turned off if your computers are connecterd to a router.

I personally would not rely solely upon this firewall and would use a software that blocks both incoming and outgoing malice. You can purchase one such as NOD32 or Norton or McAfee to name a few or use a freebie such as ZoneAlarm - there are others as well - these are only a few that come to mind instantly.

Hope I have been helpful. Cheers.

Ooops, sorry LWM ... we posted at the same time - I did it again!! :'(

We have to stop meeting like this. :-*

;D

Hey,Guy's

I would stop that from running & go with
a firewall you download now if you are
going to keep the XP firewall then i would

download TTT3 or SSM this way you know
what is running out of the puter am sure
you will have more post on software to help you

Good luck ;D

Hi,LWM

The ICF in XP will block incoming and outgoing plus a few more improvements in SP2. I believe it will have application control also.

Bring up local area connection
Under general, highlight internet protocol ( TCP/IP )
Click Properties
Click Advanced
Click Options
TCP/IP Filtering should be highlighted
Click Properties
You will now see an option to enable (TCP/IP Filtering ) ALL Adapters

Here you can permit ALL or Permit only
TCP UDP & IP Ports that you specify

con

-{ Quote: "
The ICF in XP will block incoming and outgoing plus a few more improvements in SP2. I believe it will have application control also.
" }-

I can't wait to see what it will worth with his new design :)
An application control within the OS, if rightly done, would be better than an application control component in a software firewall, i really can't wait to see how this future new feature will behave against normal internet access and leaktests, should be quite interesting.

An interesting review :
http://www.arstechnica.com/wankerdesk/04q1/sp2-beta-1.html

-{ Quote: " quoting: gkweb link=board=23;threadid=21159;start=0#msg130004 date=1076506440]
[...]
i really can't wait to see how this future new feature will behave against normal internet access and leaktests, should be quite interesting.
" }-


Yes, knowing you I readily believe you when U say that ;D

Keep us informed of the results!!


ps. when is your 'leaktest site' due 4 its next update? (some results are still outdated, such as the OPP issue)

pss. when testing WinXP SP2 fw, beware of potential "cheats" such as .ini files blocking hidden processes etc... ;)
Newbies like me can fall for such a trap, but you - this is unforgivable ;D

Next update is not known as of now, Joseph.V Morris is still correcting grammar mistakes in my upcoming paper, and i have a lot of things to do in my personal life, when i will have time i will update it.

About next SP2 firewall, i don't think Microsoft cares of leaktests, i think they will write just a firewall which will handle local applications, and due to his "OS-built-in" nature, i am very interested regarding his strenght, may be we will be surprised, may be not ;)

Starting next week folks, I shall be testing the SP2 beta and I shall post results found.

Have a good weekend

Red Dwarf

Thanks you for that, i admit to not want to take risks with a BETA SP on my personal comp.
However, all results you will find could only be a preview, since the SP can have some changes and fixes before his final public release, but it will still be interesting at least to have few ideas of what the SP2 firewall is able to do :)

Yeah SP2 is now installed on my test system and with all the debug code of course it is a large installation ladies :-O

Currently I am tesing it on Home edition and then looking at Pro on Sunday

Think I should start a new thread for this, where shall I post thread folks?
Answers on a post card please

Red Dwarf

Hi Red_Dwarf

-{ Quote: " quoting: Red_Dwarf link=board=23;threadid=21159;start=0#msg130920 date=1076721715]
Think I should start a new thread for this, where shall I post thread folks?
" }-

Anything to do with the changes to the firewall can stay here. If you wish to discuss other aspects of the service pack, it would probably go in the Software & Services (http://www.wilderssecurity.com/index.php?board=9) forum.

Regards,

CrazyM