Are 3rd Party Firewalls really any better than Windows XP Firewall

The Passive Protection/Security Updates/AntiVirus/AntiTrojan/AntiSpyware/HIPS/Behaviour Blockers/etc can prevent trojans from installing and/or sendind information.
Of course, if everything else fails, the outbund protection from a firewall and the aditional checks to prevent leaktests can be a valuable last line of defense.

 

Okay, so there are things that can get past my security that a Third Party Firewall would alert me to later, but would a Firewall like Comodo maybe even alert me before it got in? I have the AVG ISS, and it's Firewall has some outbound protection, but I doubt it's in the same league as Comodo is.

 

CPF monitors DLL injections, memory modification of the program by another process and etc.
But once the infection is on the HDD, it is already in and Anti-, HIPS only try to stop its work.

The only way of protection is to prevent getting a mallware into the PC via user's aplications.
That means properly configured firewall, browser, WinXP and other aplications with net access.
Yes, I said firewall too, eg I block TCP In for Miranda, because maybe some worms could use it.

But to set up something properly is hard and it just takes too much time even for skilled users.
I allways recommend simple & effective protection provided by firewall (with outbound) and AV.

 

So an Antispyware probably isn't really needed with a Third Party Firewall and a good AV, especially using FireFox with NoScript?

 

3rd party firewall is good for trying to keep personal info. and such for getting out. For prevention, NoScript and maybe a Sandbox, depending on your needs, will do more that AS, i guess, because it won't be looking for signatures. If you download things, and do it outside the sandbox' scope, then that's another problem altogether

 

Yeah, but I allways recommend AV + firewall as a min even for safe surfers, just to be sure.
I use only firewall and no scripts (browser & PC) and etc and I visit any webpage without fear.

 

Well most of the time its probably gonna get in through something you have downloaded. Once inside your computer it'll do its dirty work and hopefully your security setup will catch it in action. Comodo would probably catch it attempting to phone home. Comodo would be the better option for a firewall.

 

"3rd party" firewalls are good, but then is so Win Xp sp2 firewall.
We run those other firewalls, cause we are also interested what goes outbound.
And, to restrict also stuff and have as a diagnostic help.
This is my last post in here.

~un-necessary spillage\private correspondence removed and suggest one contact an Admin if they have issues with moderator actions....Bubba~

 

No firewall in the world is going to stop a hacker gaining your information if he/she really wants to, All a firewall will do is block access to your computer to a certain extent of time, to where a hacker gets frustrated and in the end gives up, or decides your really not worth the trouble. However if they want to, they will get you in the end, dont be fooled on that

 

I think the latest version of outpost does a good job of protecting me online. I especially like its id theft feature which makes it pretty much impossible to steal private data.

 

From the early days of Windows 95/98 I used the free Zone Alarm firewall, when I migrated to Windows XP I started using their ICF firewall, then with Windows XP SP2 I started using the XP firewall, I have tried other firewalls out of curiosity, but the Windows firewall has always worked well for me, I like the fact that it's integrated into the operating system and does not impact system performance like some of the 3rd party firewalls. Outbound connection monitoring is not a big concern for me, you can check that within Windows. I have used the Windows firewall with an antivirus program and Internet Explorer as my default browser for years, with no problem. The Windows firewall gets the job done, efficiently and effectively.

 

Can you explain how "they will get you in the end?"

thanks,

-rich

 

I also am using the XP firewall on my Windows XP system, but there has been a lot of discussion regarding outbound protection and termination abilities of firewalls. There have been warnings about malware being loaded into your system and then either shutting down the firewall or hacking your system and then routing the information out to a server. Windows firewall doesn't have outbound protection and may have a very weak ability to be prevent being turned off. It is a very simple and non-conflicting component of the overall Windows Security Center. But I guess you may need some kind of alert or monitor utility to notify you if the firewall is shut down? Even the Security Center makes a note about replacing the installed firewall with another vendor's program. So I guess they have given you a shield to protect you, but if the hacker comes from behind and gets you, then well it is your bad luck.

 

So far, I have had good luck!

 

Windows Firewall, when using the Shields Up test at www.grc.com, shows Port 80, i.e. not all ports are in stealth mode. I use Panda Antivirus + Firewall 2007 and, using that same test, all ports are stealthed.

 

Well good for you!

 

I got all ports stealthed when I ran the shields up test.

 

Rmus. It's quite simple really, remember a few years back when Yahoo had a total crash, and was hacked, they were closed down for almost 24 hours. Hackers (Really Good Ones) not the average user find ways of by-passing almost all firewalls by running codes/scripts etc.. untill they manage to unlock your system firewall or totally shut it down. Everyday hackers are gaining access to thousands of Computers, the simplest termination technique,and one that often terminates Personal Desktop Firewalls is in fact the Microsoft Visual C++ Runtime Library. Several patches and updates have been released to fix this problem,as an example as of today this simple script will terminate Outpost Pro 4.0 without any trouble at all. In hindsight the home user in general isnt likely to be at such a risk from hackers,however Personal Bank Accounts have at some point or another been hacked, this is no fault of the customer, but rather lack of security at the Banks Side,but we all know they dont admit that.Banks/Credit Card Companies/and other Conglomorates are big fish for hackers, The average man in the street really is no concern to these type of people. A firewall with protect you to a certain level by allowing programs to comuinicate with the web or blocking them,but thats about it, the average computer browser uses 128bit encryption,and generally thats enough, What these hackers are realy Interested in is cracking 1000bit encryption,but to me and you, that isnt even logical for our daily needs. Let me clarify in the simplest way I can about how a personal desktop firewall is totally vulnerable to the simplest of attacks, Have you ever been in a Chatroom (Yahoo) and been booted out of it? and Messenger closes down? most people have, these idiots just run a Visual Script,and Bingo, your gone, anyone can do it if they look up how to, Its quite annoying isnt it? Proof itself I'm afraid that your Firewall just isnt capeable of stopping this attack,and Nor will it ever be, Firewall Software Developers dont find this important, Nevertheless, its an port attack,and it hasent been remedied yet. Hope this clarifies that a hacker is capeable of anything if he puts his mind too it.

 

DVD+R, are you saying Windows XP Firewall and all Third Party Firewalls are vulnerable to this type of attack, but it is however highly unlikely?

 

That sounds a bit strange, i always get a perfect stealth rating with the windows firewall.

 

DVD+R,

I see we are thinking of different scenarios. I thought you were referring to the daily onslaught of port scans that home users encounter, somehow something getting through closed ports.

Scripts have many ways of getting in through open ports the firewall permits: in normal web browsing, P2P, IM, chat rooms, etc, so this is not to blame the firewall, unless you are thinking of a scenario that I'm not aware of.

What the script can accomplish once in, is another matter, and here other security programs have to take over.

For instance, if the firewall is terminated, then what can happen?

regards,

-rich

 

Hello,

DVD, I suggest you invest a bit time investigating the principles of networking, firewall etc before you state something like you did. There is no black magic involved. Honestly.

You should read about the layers of communication, networking, tcp/ip stack, what packets are and how they look - physically, what ports are etc. You will sleep better at night.

As to Yahoo, Messenger etc, Firewalls have nothing to do with badly coded or unpatched software.

Mrk

 

Ok, well firstly Rmus port scans are not nessecarily attacks, and Mrkvonic, I think you missed the point I made earlier, just because you have a firewall, no matter how good it is, doesnt mean you wont get infiltrated

 

Hello,
It does not mean you will.
Mrk

 

Okay, say I'm using FireFox with NoScript, have McAfee Site Advisor to guide me on which websites are safe, plus a good AV, and yes even an AS running, then do I really need a Third Party Firewall on top of all that yet, or would simply using the Windows XP Firewall definitely be good enough?