Windows XP + DSL + Router ... should I be running a firewall?

LordJezo

Banned
May 16, 2001
8,140
1
0
Should I be running some kind of firewall since I am behind a router on a DSL connection in Windows XP?

I tried running something like Tiny Personal Firewall but I have no idea what to allow and what to deny..

Things like the Windows XP svchost and all the internal networking.. how do I know what is safe and what is not?
 

dmcowen674

No Lifer
Oct 13, 1999
54,889
47
91
www.alienbabeltech.com
Originally posted by: LordJezo
Should I be running some kind of firewall since I am behind a router on a DSL connection in Windows XP?

I tried running something like Tiny Personal Firewall but I have no idea what to allow and what to deny..

Things like the Windows XP svchost and all the internal networking.. how do I know what is safe and what is not?

The Router keeps a lot of ports shut down for you but with all the Ad-Ware/Spy-Ware/Mal-Ware out there etc from just surfing it is a good idea to keep any extra eyes possible on what's happening.

I use Zone Alarm and keep the settings so that anything that wants to make a connection either in or out has to ask me first.

I just cleaned a neighbors machine that had nearly 1,000 Ad-aware and Spybot hits as well as 3 Nasty Viruses that got through. Windows wouldn't even boot anymore.

Had to load their Hard drive in another machine and run Ad-aware and Spybot on the machine before it would boot in their Motherboard again. They were connected to the Internet without a Router or Firewall. I am now installing both over there this week.

 

LordJezo

Banned
May 16, 2001
8,140
1
0
But with all the internal stuff that goes on between the LAN how do I know what to allow and what to deny?

Just that svchost thing in Winodws itself does a whole lot of different things. And with file and printer sharing enabled I can't tell whats safe internal network activity and what is bad...
 

prosaic

Senior member
Oct 30, 2002
700
0
0
Which version of Tiny Personal Firewall are you using? If you're using an older version then the version 4 interface may seem more friendly. It sounds as though you need to focus on the concept of trusted versus non-trusted networks. TPF and ZoneAlarm both allow you to define differences in the way applications are allowed access to the Internet and to your local network.

But, yes, even though it's a bit of a pain you should probably be running a software firewall to complement the protection that NAT on your router provides. NAT can't protect you from something that might make it past even watchful eyes to get installed on your systems. Security works best when it's implemented in layers.

- prosaic
 

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,510
406
126
1. NAT Firewall.

2. Software Firewall

3. Anti Virus Progarm

4. Ad-ware Frequent Run

5. Examin the StarUp Folder at the end of the Day.

6. Take it Easy.
 

Mitzi

Diamond Member
Aug 22, 2001
3,775
1
76
I've always been happy just being behind a NAT router, running regular spyware/virus scans and exercising a bit of common sense. Though I do recommend to others to use a software firewall...do what I say and not what I do...
 

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,510
406
126
I am trying to use a lot of "Common Sense", and even some Knowledge.:D

So I do not click on attachments that came from unknown sources. I do not click on any of the "You Won the Price of the Day". I ignore the ?You have 6 Urgent Messages? , and I do not take seriously the attempts to improve on line my computer's ?Memory?, ?Speed?, ?Longevity?, etc.
rolleye.gif


However how common sense is going to show me the content of the code that is coming in when it comes legally through port 80? You would be amazed what kind of ?Junk? is embedded in a bona fide code from bona fide Sites.:Q

How common sense is going to tell me when programs are calling home, or automatically try to update them selfs, or sending "Important" information to the originated site?:brokenheart:

Of course if some one is also a ?Clear Voiance? than with the combination of Common Sense he needs no protection. ;)