whats so bad about 2 firewalls?

[mushroom3]

At the moment, im running comodo firewall and windows firewall, why do everyone say that running 2 software firewalls are bad?

 

[jdw2]

I would imagine it creates confusion when one firewall is granting access to the network for one connection and the other firewall is blocking the connection. Well, that's one reason at least 🙂
Either way I would disable Windows firewall since you got Comodo on there. Its redundant.

 

[stevem326]

All the "experts" out there recommend not running two at the same time. The reason for this is that they are both performing the same task and they'll start to conflict with one another. "I'm blocking this port..." "No, I am..." "No, you're not...I am!!"

Well, I don't know if they actually say that to each other but you get the picture 😀

 

[indigo196]

Originally posted by: mushroom3
At the moment, im running comodo firewall and windows firewall, why do everyone say that running 2 software firewalls are bad?

Software conflicts and resolving issues when you need to open a port.

Personally I would never trust a software firewall anyway -- hardware is the best way to go.

 

[spikespiegal]

Personally I would never trust a software firewall anyway -- hardware is the best way to go.

:thumbsup:

Always amazing that whenever I have a friend call me up because their PC has been trashed due to malware/spyware they are usually running some mainstream software firewall. A lot of good it did them, eh? Gee, I guess that good ol' OSI layer chart means something after all.

I have a couple Win2K servers running Apache sitting wide open on my router. No software firewall....nothing. Been that way for a couple years. Since they are fully patched and not running IIS (nor security suites ful of their own exploit problems) I could care less when somebody port probes them.

 

[gsellis]

The rules for each firewall are in a race condition. You never know who is going to win and they can block legitimate opens intermittantly, so it is difficult to diagnose any issue. Also, some components may be signature based in their blocking and there is an opportunity to interpret the other applications check as a malicious signature (bad programming mistakes).

 

[Captante]

The problem with running two firewalls is the same as running to AV's ... often you'll end up with a conflict & be completely unprotected.

And the best bet is to run a hardware & a software firewall (software helps manage outbound connections) plus do your daily computing on a none-admin account.