Internet Security Firewall

OK. I have a new pc. WinXP. It comes loaded with a medium grade firewall which I finally realized that I had to enable myself after a few days went by while I was exploring. I notice that I have a CD named 'Norton Internet Security ver. 2002' in my pile of CD's that came with the computer. I have cable modem, so know that I should have a firewall. I was using Tiny Personal with the other machine, but was told that it was going obsolete and after a few more questions on firewalls was directed to Sygate. I haven't explored that yet, as I am wondering about this Norton one. Should I use it? Will it cost me too much for upgrades after the 6 month free usage? NAV only costs me $10 yearly to upgrade. I need some feedback on this firewall choice.

Thanks.

 

XP ships with its own firewall (ICF). However, as ICF is only an ingress filter (IOW, it offers no control over outbound traffic), it'd be a good idea to opt for another product. NPF? No! There are numerous free products which are just as good as NPF (if not better) and it therefore makes no sense to use a product which requires payment in order to access patches and updates. I'd suggest Kerio (which, as you have used Tiny in the past, will seem very familiar) but Sygate is also a good product.

 

Well. brett, looks like you won! LOL. With all the stuff I've been reading on firewalls and other people's opinions, I think it's down to Sygate or Kerio. Will be checking it out today and choosing.

Thanks for the tips and headsup.

 

Pardon me for chiming in. I just tested Tiny Personal Firewall's functionality the ShieldsUP website. It says that all my ports are hidden and everything is stealth. The site couldn't connect to my NetBIOS or anything else.

As long as TPF keeps everything stealth, it is not outdated and there's really no need to go to another firewall until TPF can no longer do the job, and that day is not yet here.

 

"Stealthing" is by far the least important funtion of a firewall!

TPF (the free version) is no longer being developed. It's default rules are outdated and, more importantly, it is vulnerable to a number of spoofing exploits. KPF is, in effect, an updated version of TPF and there is, therefore, no good reason to continue running the latter (and I'm not sure if it's still available for download anyway!).

 

I installed Kerio. Is its icon supposed to flash; does that mean it's blocking probes?

Where do I look to open and close my ports?

 

I agree with brett. Can't remember where I saw the info on TPF being outdated and not available after October or something like that. I'm even thinking I went to their homepage and didn't see it listed for d/l any more. I don't mind trying a new one, anyway.

Thanks.....

 

Kerio seems to work well. It looks and functions just like Tiny so there's no learning curve.

 

Got It!

Just wanted to let you all know that I ended up d/ling Kerio. You are right, it's just like TPF. I like it!

Thanks, again, for all the feedback on this.

 

Here's a tool which'll disable KPF's splash screen.

 

Why would I want to kill the splash screen? I don't mind that it pops up. What I usually do is, turn the puter on, then go make coffee. When I get back, it's all set up to go.

Thanks, anyway.

 

Is there a book Kerio PF for Dummies?

I downloaded Kerio as a replacement for ZoneAlarm (free version) but, being a dummy, I wan't sure what I was configuring and so, returned to ZA. ZA seems far more idiot friendly than Kerio which is why I'm sticking to it.

 

I don't think that KPF is any more difficult to use than ZAF. On a basic level, they both operate in a similar manner - a program attempts to establish a connection and the user is asked to permit or deny. Easy! KPF does, however, allow for a greater degree of "fine tuning" than ZAF and this can be somewhat daunting. Tweaking the rules ain't really necessary though; KPF will function perfectly well using only the defaults.

 

Hi,

I'm running Windows 2000 Server for use as a Web development machine. As a firewall I have Norton Personal Firewall 2003 installed and setup. When setting this up I was aware that you need to enable this manually each time Windows loads, otherwise it blocks certain services on a Win2k Server machine. On startup I'm receiving an Error in the System Event Log - Event ID 7022 and the source is Service Control Manager, and my machine takes about 3-4 minutes before popping a message saying that at Least one service failed on startup. I've visited the MS site and followed their instructions on this matter, but unfortunately this did not help. My IIS Admin Panel doesn[t load either, I've tried manual CMd prompt IISRESETs but to no avail.

I would be quite happy with starting the firewall manually myself each bootup, but I'm a situation where I have other people using the machine besides me - and I'm under the impression that they will forget to enable the firewall each time, thus leaving the machine open for attack.

I was looking at using Kerio Personal Firewall after reading a lot of good praise about it from people on this site.

Many Thanks

Justin

 

justinp - what description are you getting with that error?

 

Hi Newt,

Here is the event print out:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7022
Date: 09/01/2003
Time: 08:56:07
User: N/A
Computer: HOME-PJJU9LV64W
Description:
The World Wide Web Publishing Service service hung on starting.

Justin

 

Ok, I finally found the solution from a friend of mine, here is how to do it for anyone else.

1. On NPF 2003, Go into 'Program Control....' and remove ALL programs.
2. Manually disable the firewall and turn off the enable on system startup option.
3. Reboot machine and enable the firewall once the machine has started.
4. Then Use IIS and leave the machine running for a while (Use as many Microsoft Apps as you can)
5. You will be prompted to let certain Microsoft Apps access to the internet. Always allow access by ticking the option at the bottom.
6. Now renable the automatic startup option for the firewall.

After doing this I was able to use IIS with no problems and the annoying message on bootup disappeared also. I hope this helps other people.

Justin

 

Kerio splash screen killer

I downloaded this program, but haven't used it yet. Do I need to run it at every system startup, or does it do something to the registry? Any chance that it'll crash Kerio or hang my system? Please forgive my paranoia, but this machine is my baby.

 

Shadowhawk - it simply patches Kerio's executable and it need only be run once. It has certainly caused me no problems - nor have I heard of it causing problems for anybody else.

 

I ran it and so far so good.