Performance SP2 Firewall

Discussion in 'other firewalls' started by martindijk, Aug 13, 2004.

Thread Status:
Not open for further replies.
  1. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Hi all,

    Does anyone has any insight in the performance of the SP2 FW so far like:

    Does it block any outbound connections

    Does it do a good job at GRC and other FW testing sites.

    Is it light on resourses etc.

    Any insight would be appreciated.

    cheers,
    Martin
     
  2. Jaska

    Jaska Registered Member

    Joined:
    May 7, 2004
    Posts:
    98
    First of all, it has never failed any of those online FW tests like GRC and PCflank. It conrols also outbound connections and if a program tries to connect out with an uncommon port it pops up a notification and asks what it should do.
    It is the lightes possible as resources matter, no slowdown at all. I cann't do anything else than recommend it. It does not have a lot bells and whistles but it does it job reliably.
     
  3. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Thanks Jaska for your input.

    cheers,
    Martin
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    No. It will prompt for applications that want to act as servers and allow you to make exceptions for inbound traffic.

    It will stealth you to unsolicited inbound packets and scans.

    Uses minimal system resources.

    Understanding Windows Firewall

    Another write up from earlier in the year:
    http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx

    Regards,

    CrazyM
     
    Last edited: Aug 13, 2004
  5. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Thanks CrazyM,

    I haven't installed SP2 yet, cause the release is due next week, that's why the FW question.

    Thanks for the links also.

    rgds,
    Martin
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Martin, this thread should have been started in "Other Firewalls".

    I would recommend staying with your favorite (Kerio), as Windows Firewall does not warn or display outgoing traffic.

    You have answered your own question ;)

    Hope this helps...

    Cheers :D
     
  7. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Thank you Blackspear :D

    I already moved it, so this one can be closed/removed.

    rgds,
    Martin
     
  8. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Re: SP2 Firewall performance

    The XP SP2 firewall only blocks incoming attacks. Outgoing is not controlled by the XP firewall.
    Keep Kerio.
     
  9. martindijk

    martindijk Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    537
    Location:
    Gorredijk - the Netherlands
    Re: SP2 Firewall performance

    Thanks André.

    Much apreciated,
    Martin
     
  10. Jaska

    Jaska Registered Member

    Joined:
    May 7, 2004
    Posts:
    98
    Re: SP2 Firewall performance

    Actually it checks also the outgoing traffic. This seems to be the hot potato just now in several forums. But if Kerio works fine there is no need to change it.
    In my machine many FW applications simly were resource hogs or didn't work adequately with XP's User switching. I use anti-virus products good enough to detect trojans long before they get any change to call out. If your firewall is the thing that detects the malware your system is already severely compromised!
     
  11. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    Jaska, it doesn't prevent outbound traffic, it only monitors it to allow inbound connections to programs which have started connections. ICF in XP SP2 is still inbound only with the exception of icmp controls. The prompts are for inbound connections only, basically allowing a program to act like a server.
     
  12. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    One serious issue with Windows firewall is that it can be disabled by other applications. This is intended to allow third party firewalls to be able to shut it down after their installation to avoid any conflicts - but if an application can shut it down then so can any malware. See SP2's firewall is not good enough for more details.
     
  13. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Paranoid 2000,
    Interesting article. Several things come to mind:

    Zone Labs is now a Checkpoint Company not really nimble any more. :'(

    If Microsoft buys a big Security Company the world wide regulators will scream, Microsoft now really will rule the world and the evil empire must be stopped. (this is not what I think but history tells me this is what would happen) :eek: does not mean they will not try however.

    I believe the low percentage of people using a firewall is very low like the article says. I am amazed at the number of people that run no firewall at all. Even after I warn them. They think nothing will happen to them especially the dial-ups, and the not always on folks. :eek:
     
  14. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Now, now - just because they are big does not mean they can't do great products. :) Look at what Symantec have done with the Norton product range. :D
    Well they did buy a little one instead. You can make the point that Microsoft are "damned if they do, damned if they don't" but they could try implementing more secure design principles into their products (there are some indications that this is happening, but more in a knee-jerk fashion at the moment - it would take some years to do fully though).
    Sad but true. What makes this more difficult is that the most visible problems are from browser hijackers and adware, neither of which really fall within the range of problems a firewall can prevent. And even the simplest of firewalls needs some user knowledge ("Hey! Should I be allowing this Iexplore thingy Internet access?").
     
  15. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Paranoid2000,

    "Rav" I heard about that. Just did not know who. Thanks for the link.

    Good thread and nice speaking with you. See you around. :)
     
  16. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    FYI Full Install is out already. Been for about a week.
     
Loading...
Thread Status:
Not open for further replies.