Why do I need a firewall ?

Discussion in 'other firewalls' started by egghead, Aug 27, 2005.

Thread Status:
Not open for further replies.
  1. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    Hello everybody,

    I have tried a couple of firewalls (ZA free, Kaspersky, built in XP Firewall, Outpost, Sygate, Filseclab and right now I’m running NetVeda).

    With any one of the firewalls I get the same result when testing Shields up at Steve Gibson’s site:
    1.Solicited TCP packets: fail
    2..Unsolicted packets: pass
    3..Ping reply: fail
    4.Ports 21, 23, and 80 are steatlh, the other ports are closed.
    5.Leak test: pass (that is with ZA, filseclab and NetVeda; the others I cannot remember anymore)

    Furthermore, when I disable the built in XP firewall (thus NO firewall running at all) I also get the same results (1, 2,3,4). [NB When I do not drink alcohol I have the same results].

    Windows XP home SP 2
    Kaspersky Personal ( and yes, I have disabled the built in “firewall”)
    Giant Anti Spyware (is now microsoft antispyware beta)

    Any thoughts ?


    o_O o_O o_O o_O
     
  2. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Do you have a router on your conection? If so it may be blocking or some ISPs block common ports which may also be the case.
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    do u have a router/firewall or proxy/anonymizer? also try LnS, ive gotten a full stealth pass on grc.com with it.
     
  4. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    You are not configuring ZA properly. The others I haven't used.
     
  5. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    Atomic Ed/WsFuser/The hammer

    thanks for your reactions.

    I don't have a router nor a proxy but I do have an ISP. I read they sell a Norton firewall in their package. I did not pay for this ( I avoid Norton/Symantec as my mother in law). but i'm gonna contact them. My ISP is the only thing I can think of right now that might be the cause of the problem.

    I have installed Look"n"stop. I had the same results with Shields Up as mentioned above. BTW I like LnS, nice firewall, gonna give it a try.

    ;) ;) ;) ;)
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Keep in mind some modems also double as router. How are you connecting/modem? If you do an "ipconfig /all" at the command prompt on your system is your IP showing as your public IP or a private IP?

    When you do the online scans is anything showing up in the software firewall logs?

    Regards,

    CrazyM
     
  7. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    egghead,

    My preference, get a router then if you wish to have some control of outbound communications, consider a software firewall. If you are looking at paid solutions, I definitely go this route; if you were looking at free firewalls, I just recommend it. Things like stealth, etc. are, IMHO, irrelevant and/or highly overrated.

    Since you're considering LnS, that is the product I use. It's very effective, very light, though I generally use it for application control only - just my preference.

    Blue
     
  8. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    CrazyM/Blue Zanetti

    Thanks for your reactions.

    It appears that my modem is indeed also a router. I have found out that it uses package filtering; thus it works more or less as a firewall. I guess this modem/router causes the problem.

    Returning to my origingel question: why do I need I a firewall?
    Even if I don’t use a firewall at all (see my first posting) the modem/router takes care that ports 21, 23, 80 being stealth and that the other ports being closed. This is a "safe" situation. If I do use a firewall these results stay the same, thus configuring the firewall makes no sense.
    When using a firewall the only advantage is then that I can control outbound communication? If the answer is yes, what is then the advantage of using a “paid” version, e.g. looknstop, over a “free” firewall?

    o_O ;)
     
  9. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    shields up said all ports stealthed when i tested xp2 firewall (dial up)
     
  10. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    That does explain your results no matter which software firewall you used. Your modem/router will deal with all unsolicited inbound connection attempts, including the online scan tests, and the software firewall on your system will not see these. You will need to determine what configuration options are available, if any, to change how the modem/router responds to these. As long as nothing is showing as open to the Internet you are secure.

    The reason many will use a software firewall, in addition to a router, is for outbound application control. If this is something you have determined you want/need, there are plenty of good software firewalls out there both paid and free. It is a matter of finding the one that best suits you and has the configuration/features you want.

    Regards,

    CrazyM
     
  11. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    I have never used LnS, other then that I will save my fingers the work out and second this one as I could not have said it better. ;)
     
  12. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    well using ZA as an example, the paid version (pro) includes privacy features (cookie, javascript handling etc) and the latest v6 has teh OSFirewall. i dont know about other firewalls tho. i do know that kerio and lns have lite versions. outpost has a free one but very limited (no component control, plugins etc) and very old.
     
  13. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    egghead,

    As with most paid versions, the advantage is often convenience, maybe somewhat more detailed or automated usage and so on.

    Blue
     
  14. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    Thank you all for responding, you have been very helpful.

    :) :) :) :)
     
  15. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    107
    I think really you kind of answered your query :D
    Along with a good router..You could elect by choice to use some type(s) app monitoring utility to alert of any changes to registry or files and no soft 'wall.
    You could also go into the local security policy editor, tighten some items in there+ plus a few more items in the OS (my network places, properties,in lac general tab, uninstall client for ms,file and print share,qos packet thinghy-IF you don't useem' ...mine are gone lone ago you can still print off the net I do, wins tab disable that stuff in there untick lm hosts lookup(I never use it) and disable net bios.
     
  16. Wai_Wai

    Wai_Wai Registered Member

    Joined:
    Dec 28, 2004
    Posts:
    556
    Not really answering your question.
    But the test in Shields up at Steve Gibson’s site is too simple.

    Try this instead. It performs much more tests:
    http://scan.sygate.com/
    From the tests, I think you can see the basic values of Firewall.

    The above tests are still basic. A normal firewall should pass all the tests.
    For a competitive est, you may wish to read this at well:
    http://www.firewallleaktester.com/tests.htm

    In the test, it shows the capabilities of different Firewall to block leak attacks.
    You may try it yourself by downloading them in its main page.
     
Loading...
Thread Status:
Not open for further replies.