Here’s the scenario: cable connection with router, XP Professional with firewall turned on.
-
Should I consider any additional/alternative firewall software?
-
Should I consider any anti-adware/spyware packages (e.g., Ad-Aware)?
Thanks!
- My first inclination is to say yes, you should. The XP “firewall” doesn’t really live up to it’s name IMO. But I’ll let someone with more knowledge address this one. BTW ZoneAlarm is a great firewall solution.
2.) Yes. adware/spyware WILL find it’s way onto your computer, router or not.
#1 - Yes you should replace the XP Firewall. As Azael said, Zone Alarm. It’s free, and it works well. Google “free firewall”.
#2 - You should download Ad Aware and Spybot Search and Destroy. Update and run both regularly, one often picks up something the other missed. Both free.
Along with the above, I use Spyware Blaster, Spyware Guard, and Pop-Up Stopper, all free and work well. Google the names to get to their web pages
The easy default answer is “yes” but, in fact, not everyone needs both hardware and software firewalls and the Windows firewall is adequate for some people.
The average router, using NAT, does a good job of protecting you from external attacks since it “hides” your address. If you can keep your system clean of viruses, spyware, etc, this is adequate.
The software firewall will prevent programs from sending data out of the computer unless you want them too. This stymies adware, spyware and various noxious viruses. The WinXP firewall will handle this basic task, although there are various free firewalls that have more features and probably less overhead.
A slight hijack, if I may:
I have a home net with a cable modem attached to a Linksys router, and all the other computers attached to that router, safe and snug in the NAT cocoon.
All of the (5) home systems run ZoneAlarm, save one:
My development system runs sans firewall because the VPN I use cannot tolerate ZoneAlarm or XP’s firewall.
How can I protect from or, more to the point, even notice attacks on this machine?
Have you looked into the issue? Sometimes software firewalls will require extra configuration steps to allow the use of VPN client software. What VPN client are you using?
There are also other free firewalls, though I’m not sure if they support VPN. If you’re willing to pay $40, Sygate Personal Firewall Pro claims VPN support. They also have a freeware version, but it doesn’t offer that functionality.
neutron star, the VPN client I’m using is Cisco 3000. It includes a built-in firewall, but I can’t say I have high confidence that it protects me from rogue things inside the network I’m VPNing into. I wish I had some less-intrusive way than ZA etc to at least track when something is knocking on my door or doing ET-phone-home on my system.
I’m not sure what you’re saying here. What part of ZoneAlarm do you find intrusive?
I have no personal experience with Cisco VPNs, but from what I’ve read, the built-in firewall on their client is a version of ZoneAlarm that remains active whenever the VPN tunnel is active.
If you’e got an old PC available, try Smoothwall.
Sorry, I guess my post was not very clear. I meant that ZA and XP firewalls must be disabled if I want to use the C3000 client, which I find unfortunate. I was wishing for something that could coexist with C3000, and least log knock-knocks and phone-homes, since I’m at the mercy of whatever protection C3000 is ( or isn’t ) giving me from intrusion while I’m logged into the VPN.
Okay, I see what you’re saying. Do you know for a fact that ZA won’t work with the client? Have you asked your network administrator about it? Have you tried configuring it for the VPN according to the instructions on ZA’s site? This university seems to be able to use ZA with C3000.
I can’t vouch for its efficacy, but the newest pay version of ZA features automatic VPN configuration.
Well, I’ve been specifically told by IS that ZA is not supported over the VPN. Which doesn’t necessarily mean it can’t be used, but it’s not sanctioned. I’ve tried to get ZA to play nice with the C3k client, but without success. I’m told a Cisco VPN router upgrade is needed to fix this, and that an upgrade is not imminent. Which I can understand – there’s 1200 or more remote users on the net, and it works now so they probably don’t want to tinker with the setup.