TechSpot

Windows XP Firewall - What is Wrong With It?

By CCT
May 21, 2007
  1. This site and others recommend almost anything BUT Windows XP's built-in firewall.

    Are Zonealarm, Kerio or Comodo firewall programmes that much better?

    A little info please and thank you.

    :)
     
  2. Phantasm66

    Phantasm66 TS Rookie Posts: 6,504   +6

    As far as I am concerned, they really just offer more features than the built in XP firewall. The main job of blocking incomming traffic is done, though.

    Really, the best defence you can have is a NAT router. Being behind a NAT router means that insolicitied traffic does not come in. It has to be solicited from the inside. You don't really need to be running a software firewall at all on your client machines if they are behind a NAT router, but its probably a good idea to.

    Which one should you run, then? Well, i'd say the one with the least performance overhead. I've not installed Zonealarm, Kerio or Comodo firewall software recently, but I'm pretty sure that they all take up RAM and slow down your machine. Windows firewall does not.

    Personally, I run behind a NAT router, Windows XP (or Vista now) firewall, plus AV software and anti-spyware. And unless I do something silly I have no problems with security at all.
     
  3. jobeard

    jobeard TS Ambassador Posts: 13,446   +324

    A firewall should control both inbound and outbound traffic. Win/XP only does
    half the job -- so it's a half-A** firewall.

    Firewall configurations can be complex, so I recommend COMODO as it
    has a self-learning mode which is a great assistance. To simplify the setup
    and to avoid a bunch of stuff you really don't need/want to know, just
    disable the Component Monitoring feature.
     
  4. momok

    momok TS Rookie Posts: 2,272

    Hi,

    Personally I've used all of them except for Kerio. From my experience, my system kept getting infected even with windows firewall on. I find that it is simply not enough to defend against most nasties' attempts to infect the system. And that comes from a user with ad-aware, spybot, AVG and spydoctor installed and running.

    I have since stopped using spydoctor, and tried Zone Alarm and Comodo. I find both are good to use, and they give so much more as compared to the firewall windows provides. It may be a little annoying at times when the firewall pops up warning dialogs here and there, but it all goes toward informing the user and making the system a safer one; windows firewall rarely ever does so.

    That said, choice of firewall depends on each individual's needs, his/her knowledge and ability with regards to malware and online security. They are all different and nobody can tell you exactly which suits you the best. IMHO it is best to try out each and every one for a decent length of time to understand more about your own habits and which firewall and configuration suits you.

    Hope my lengthy explanation helps. lol.


    Regards,
    Your friendly Momok =)
     
  5. raybay

    raybay TS Evangelist Posts: 10,716   +6

    Yes they are ALL that much better because they work both ways... Windows XP only works on incoming data... but allows unlimited leakage to the outside.
    In our opinion, Kerio is the best. It costs a bit rather than being free, but we now load it on all customers because it is more reliable, and it is customizable.
    We also like Zone Alarm free edition a great deal for the budget minded, and find Comodo terrific as well.
    We do agree with Phantasm66 on the NAT router, but most customers will not put up with it.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.