…after using a dial-up for years. Actually, the cable service likely won’t start until tomorrow. I already have the modem set up and attached to my network card. The computer doesn’t seem to have any problem recognizing the networked device, though it thinks there is a cable disconnected since it can’t get to the Internet through the modem (the cable company hasn’t finished installing their end).
Anyway, I have had Windows XP firewall this connection. XP assures me that it will keep out connections not initiated by my own computer. It will also log (I believe) unauthorized attempts at access. My question: is there anything else I need to do to protect my machine from unwanted invaders?
The main difference being that not only does Zonealarm keep things out, it also keeps unauthorized programs IN. You can be alerted to spyware and other sneaky programs when they try to access the internet and Zonealarm pops up that access window.
Nope, just go download the free version off their site. It’s just missing a few bells and whistles from the pay version, but it’s protected my computer flawlessly.
I agree. While XP’s firewall is functional, it is basic. I believe it is worth the download time for ZoneAlarm. Also, get yourself a good freeware spyware scanner. Even if the firewall blocked everything, it’ll still free up space on your computer.
Other things, of course, include recommendations to switch browsers to something more secure than IE, antivirus software (which you should already have), and perhaps the Proxomitron.
I didn’t realize that ZoneAlarm was free. I will look into it when I get home this evening. I may also look around for something to check for spyware. Thanks for all the info. BTW, I do have an updated antivirus, so I think I’m okay there.
I seem to be disagreeing with the general consensus, but here goes:
Don’t use XP firewall - turn it off. Software firewalls, IMHO have cause more people more problems than they have fixed. Consult any XP newsgroup and 90% of network/internet connectivity problems are caused by keeping it on. Too many headaches for not enough payout.
To be honest, I don’t believe in any 3rd party (or 1st party for that matter) SOFTWARE solution. I STRONGLY advocate a hardware solution. Most DSL/Cable routers (about $99 at your local Best Buy, whatever) provide basic hardware firewalling for a low cost.
There are some simple and not so simple reasons for using a hardware based solution:
Pros
Hardware doesn’t reside in memory or take up memory/system resources
Can’t easily be corrupted
Computer has a private IP - cannot be directly addressed from the internet - provides your internal computer/network with a buffer against attacks
Allow for multiple computers to access the internet as if one computer was connecting - not exactly a security feature, but still a nice benefit
Can get technical support from the hardware manufacturer for free for a set time - Microsoft offers no free support with XP.
Cons
Can be daunting to end-users, but anyone here should have no problem
Additional cost
Can be misconfigured, just as anything
In either case, a good virus scan is worth it’s weight in gold and is required for healthy computing.
Ditto what PatrickMcGinley said. HW firewalls - though not perfect by any means - are definately the way to go. I got a router (with wireless) for Christmas and all I did was install the NIC on my PC (accepting the "typical settings’) and plug everything in. It was that simple! (To be honest there was additional setup involved, but that was for the wireless bit only)
And a good non-wireless router should cost around $65 or so, not $100.
Those are all good suggestions. I have a couple more to throw onto the pile. Unless you are have a home network and are going to be sharing files or playing games across them, I suggest you also turn off your Microsoft Networking and the File and Print Sharing functions within your Network Properties. It’s as simple as unchecking them and should you need them later you can just recheck them. All you really need for an internet connection is your TCP/IP stack. By turning off the unnecessary componants there is that much less to break or get broken into. Another thing to turn off is your Messenger Service. It’s used for networks to send messages between computers for things like letting you know your file has been printed. It’s not related to your AIM or MSN Messenger programs. However it can be used against you in the annoyinig tactic of spamming you directly. Your firewall should keep that out, but once again just one less thing to break if it’s not running. Just go into your services and change the settings to manual rather than disabled. It’s very unlikely that you have a program that will require it, but it can be started up should you need it.
And PatrickMcGinley is right about software vs hardware firewalls, but should you decide to go with a software solution I haven’t had any trouble with Sygate Personal Firewall. It is also free and can be downloaded from http://soho.sygate.com/products/shield_ov.htm
If you get a router, there should be on option for “wan blocking” in the config menu. With that feature enabled, you are basically invisible from the internet. Still keep the software firewall up, because there are still trojans that will try to “phone home”.
The cable is up and running, and I do mean RUNNING! My 56K modem generally connected at 49.2Kbps, and sometimes as slow as 26K. Now, I turn on the computer and the Internet is THERE. No lines, no waiting.
It’s great. Now the Internet is simply an extension of the computer. Programs are free to access it as required without waiting on the dialup. And people can still reach me while I’m online.
Just installed ZoneAlarm this morning, and things seem to be going great.
I’ll also agree that software firewalls are rather pointless. In general, the best bet is to simply forget a firewall and just disable anything that can be used against you. Google for “xp services functions” or something similar to find a lit of the services running on Windows XP, and which can be safely disabled. Its better to just disable the service than try to use a firewall to keep people from getting to it.
