Can I have 2 firewalls?

Discussion in 'other firewalls' started by Vantzos Kostas, Mar 22, 2006.

Thread Status:
Not open for further replies.
  1. Vantzos Kostas

    Vantzos Kostas Registered Member

    Joined:
    Mar 20, 2006
    Posts:
    36
    I have installed in my PC Outpost firewall Pro 3.5. I wonder if I can activate Windows XP firewall to combine them. Are they compatible? In case they are not comtatible to each other , can you syggest to me a firewall compatible to outpost , in order to combine them. I also use adware Se , Spybot , spywareblaster , nod32 antivirus , tauscan , winpatrol , regdefend and CWSshredder.
     
  2. dog

    dog Guest

    Generally you can only run one software firewall. The MS Firewall does little more than a router, if you want to add something ... a NAT router is the direction you should go.
     
  3. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    Agree with dog. In general, two software firewalls should not be used at the same time to avoid potential conflicts.
     
    Last edited: Mar 22, 2006
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    As mentioned above, it's not advisable to use more than one concurrently. One has to ask why you'd want to do that anyway, since Outpost should cover you fine?
     
  5. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    Perhaps, it might be a strange and not conventional reply, if you look at the posts above,
    but i've been testing a lot with multiple firewalls, to find out WHAT is going wrong.

    If you are using two AV's it becomes clear very fast what goes wrong,
    but if you combine two firewalls and one of the is a VERY SIMPLE one like
    the Microsoft firewall you will see that NOTHING goes wrong.

    Of course you can expect that if port A is blocked in one firewall and NOT in the other, that this can give confusion.

    And if you use 2 firewalls that have extra's you can expect problems
    with the extra's.

    So i can't agree with the posts above.
    The explenations why this would give conflicts are never explicit.

    Please show me a screen shot of a problem with the 2 firewalls above,
    and i will be convinced.
    it must be reproducable if it gives conflicts.
    But in this combination i don't think so.

    But with the 2 mentioned above i could not reproduce a problem.
     
  6. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    There have been several times that I've accidently left the XP firewall on while installing my firewall, or worked on someone else's computer who had done the same, and the result was general instability including hangs, crashes, and a couple times even blue screens. It's pretty much the same scenario as back in the Windows 9x days when you would end up with more than one driver installed for the same device, it just caused a lot of issues that reduced system stability in general. Sometimes it's obvious, sometimes it's not.

    Really, though, I don't think there would be any particular advantage to using more than one firewall. If you feel that your current firewall is insufficient, it would be better to find another firewall that you are more comfortable with, or perhaps invest some time into learning how to really tighten down the rules.
     
  7. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    I agree about that you should not need 2 firewalls,
    but i never saw those problems you've mentioned with the combination mentioned above, and i would not now a reason WHY these would happen
    I've been testing it for weeks and never saw any blue screen! or system hang , or even a slow down!
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I once had kerio 2.1.5 installed and even though I had it disabled, I got a BSOD when I tried to install Outpost at the same time. Had to remove Kerio completely to solve the problem. I think this is perhaps more common than you might think.

    On the other hand, I have run CHX concurrently with just about every other firewall and never had one problem, just for experimentation purposes.

    So it pretty much depends on which ones you're combining. But again, why do something like run 2 at once when there is no need to do so? Filtering traffic twice is redundant, inefficient and pointless generally speaking.
     
  9. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    I don't see why you cannot use Windows Firewall with a another firewall, so long there are no noticable conflicts. I have used Windows Firewall with Kerio 4, as because because later's driver kept on being shutdown, Windows Firewall (my second firewall) saved me the bothered of having to reimage and I could just shut down Kerio 4 (because it wasn't doing anything) and cotninue my activies with just Windows Firewall.

    So you see, if you use a firewall that is easily exited as simply by clicking on the icon and exit, I DO see a need for another firewall. If you have password protection feature that does not allow you to exit and or make changes (such as moving down the slider to OFF in ZoneAlarm) then there is no need for another light firewall such as the in-built Windows one.

    Personally nowadays, I use Windows Firewall ONLY. But you may use Outpost for outbound filtering and easy log view.

    Most of the security guys on this forum will throughly disagree, but I can say that I personally have no BSOD or anything from running another firewall with the Windows one.
     
  10. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    One problem that can happen and you may not be aware of it when running two firewalls unless it locks up your machine is that they might actually for lack of a better word just cancel each other out and neither firewall might be doing what it is supposed to be doing, most firewalls don't like to share resources. Is it really worth useing two firewalls when one that is set up correctly should be sufficent to afford you protection and running two might actually give you less protection.
     
  11. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    Don't get me wrong, i never said that it would help you to improve your security by using two.

    The fact is that there are combinations of two firewalls possible.
    And that is the case when you use a very simple Firewall-only firewall
    like Microsoft.

    In general i would not recommend to use two, it has little use.
    I recommend to use a good hardware firewall and use a sw firewall like Tiny Personal Firewall Pro or Kerio etc.

    But i think it is too simple to say that you can't have two firewalls on your system. As i said before, the combination mentioned works
     
  12. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    Your mistake, tuatara, in this claim, is using the word "you", instead of "I".

    You can test firewalls all you want on your system but the results are not transferrable to everyone else. Maybe you have invented the definitive firewall test...that tests every aspect of every firewall on the market under all conceivable conditions. I've had only 2 BSOD on XP and both were related to using 2 firewalls at the same time, and both "simple" ones, to borrow your description, were configured to block fragmented packets only. The causes of conflicts are more involved than your concept of...

    When I noticed the problems I moved on to something else. Other people with different hardware and software have successfully used the same combinations without problems. I never bothered to save a screenshot of the BSOD for proof. Probably would have needed a camera to get one. I know that Outpost certainly has its devotees, but I have tried most of the older Outpost releases (including v2.7) and have not found any of them stable enough to use even by themselves. Some firewall developers will warn you or not even allow an install if another firewall is detected. Some people have successfully used 2 firewalls running at once...then after upgrading one of them to a newer version, the conflicts begin. So it's a bit of a crap shoot. You got away with it. Others may not. So every individual needs to decide for himself, weighing personal experience, consensus of opinion, the importance of system stability, what happens if something goes wrong (is there a system backup, will someone lose their job, will a business go offline, etc.), and the "are you feeling lucky?" factor.

    I agree with Kerodo's answer "why you'd want to do that anyway..." It's kind of like towing a car behind the one you're driving, just in case the one you're driving has a mechanical breakdown. But the simple act of towing itself may present dangers greater than the mechanical breakdown. If anyone caught me doing this I would be afraid that someone would take away my driver's licence for good and lock me up for being so paranoid!
     
  13. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Mr. V. Kostas, whatever the reason why you want to combine two software firewalls, MS Firewall is among the simplest you can combine with a "high tech" software firewall. An alternative to MS, is GhostWall/CHX who also are very simple an should go along well with Outpost. Currently I´m "playing" with the combo ZA Free for outbound controll and GhostWall for the inbound controll. So far I´ve not noticed any stability issues yet. The only reason I can think of for using two software firewalls (even if I doesn´t normally use this), is for example if one of the firewalls been "hacked" because there is an security gap who is exploited. Then the other firewall will still protect you. However, then you have to know/detect that there is a security gap in one of your firewalls... :)

    Regards, C.
     
  14. Vantzos Kostas

    Vantzos Kostas Registered Member

    Joined:
    Mar 20, 2006
    Posts:
    36
    If there is no reason to combine to firewalls , then can someone explain to me why esset in Nod32 site (www.nod32usa.com) suggests that except the other security systems , it is wise to combine Look n. Stop firewall with Netgear FR328S ProSafe firewall for a tight security? Esset must has a reason for that.
    Best Regards!
     
  15. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    BTW i used many together. NIS, Jetico can run together. NIS, ZA PRO and Jetico also can run. Kerio will not run with any one. All of above ( except kerio- not tried) can run with windows firewall.

    BUT 2 FIREWALLS ARE NOT NEEDED AND NOT TO BE USED.
     
    Last edited: Mar 23, 2006
  16. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    They advise to use a SOFTWARE firewall (Look 'n' Stop) and a HARDWARE router / firewall (Netgear). Not to use two software firewall's at the same time :)
    This combination is meant to block inbound traffic on the router, and do outbound filtering on the firewall.
     
  17. Upasaka

    Upasaka Guest

    Look n Stop is a SOFTWARE firewall-------------Netgear FR328S Pro Safe is a
    HARDWARE firewall/router.

    I use a Thompson Speedtouch 510 hardware firewall/router and Kerio 4.2 software firewall.

    Hardware firewalls or router firewalls replace a modem and give a great deal of security,simply put they stand between your computer and the internet.
     
  18. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Outbound and inbound networkcontroll is a very good way of tighten up your security. As mentioned above you normally have a hardware firewall or NAT router to controll the inbound traffic, and a software firewall for the application controll (allow/block). I you use this combo, a hardware and software, you don´t have to worry for stability issues, because there is none. However, in some cases you have to configurate both if you e.g. want to allow some connection with a special gameserver by using this setup.

    Regards, C.
     
  19. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Whether you can get away with running two software firewalls depends on the products in question, other software on your system and even your network hardware (drivers could trigger or exacerbate a conflict).

    It is therefore far safer to advise against running two software firewalls - only the most expert users could verify (and diagnose any conflicts with) a multiple firewall setup.

    However with products like AppDefend, Safe'n'Sec and (in the future) Online Armor including some level of firewall functionality, it may well be that more users end up with multiple firewalls. At least in this case, compatibility issues will need to be addressed specifically by the program vendors.
     
  20. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Recently I have noticed on several forums including Outpost forum itself discussions for the need for even a software firewall with a router firewall - I really am getting a bit confused now o_O some are running with router and antispyware only.
    I agree with the points made about running 2 software firewalls and would not consider this as I fear there would be conflict and even risking security (especially if the user configures incorrectly) I know I had several issues when I first installed Outpost which is why I haven't upgraded it in fear of a blue screen but know my inbound is protected by my router.

    I have been to several forums where once the members had maintained the use of a software firewall with a router but have gone the opposite now and are only running the router firewall - would be nice if we could have an outbound application level firewall without the extras some are offering now especially when a router is involved.

    The more products on the market now the more confusing security has become which is why I think there are so many asking if we need to have 1 2 3 +++++ I always used the layered levels but have stopped adding any more as I feel resources and conflicts were going to arise at somestage. It used to be we could list the security needed for a fresh install but now = confusion o_O
     
  21. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    The simplest software I know of if you only want to controll the outbound traffic, without controlling processes, memory etc., is ZA Free and Look n Stop. Otherwise I prefer AppDefend + router

    Regards, C.
     
  22. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    I looked at LnS when searching for firewall previously but discovered it was not that easy to set up when running behind a router.
    I will have another look at Application defend for protecting the apps. ZA doesn't appeal to me at all - I have Outpost but without all the added bits it has released in v3. I know I am stealth with the router just wish software firewalls hadn't added so much to the software away from outbound control.

    Thanks for your reply to my little bit in - apologies for hijacking the thread - back to the original post :oops:
     
  23. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    A software/router firewall combination is a very good choice - the software firewall provides control over what applications can connect to the Internet (information which routers have no access to) while a router firewall cannot be shutdown by a Windows crash or malware activity and can provide protection during Windows startup/shutdown (which can be an issue if your PC has an "always-on" connection).

    Using a router only will provide good protection from outside attack but means that you have no control over application network access (which can be a privacy, as well as a security, issue).
     
  24. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's what I have read on several security websites over and over again. So it must be true.
    So my new computer will have both.
     
  25. EASTER.2010

    EASTER.2010 Guest

    I almost got away with running 2 firewalls recently. I added the new Jeti along with the Kerio 2.15 i run routinely on Xp Pro. In fact for some moments everything was peachy, but Jeti was experiencing some issues apparently because it was disconnecting my browser online connections.

    It just may have been some setting i was overlooking but thought it not the best idea or even neccessary to run both. They did however not create any crashes or slowdowns working in tandem. LoL
     
Loading...
Thread Status:
Not open for further replies.