Additional firewall for Windows XP

Discussion in 'Windows XP Security' started by Janice, Nov 14, 2020.

  1. Janice

    Janice

    Joined:
    Dec 31, 2017
    Messages:
    525
    Likes Received:
    136
    Location:
    Canada
    What are the pros and cons of using an additional firewall in Windows XP? I thought of doing this for extra protection but need some opinions from others because I am not familiar with the subject o_O
     
    Janice, Nov 14, 2020
    #1
  2. Janice

    Darren Elliott

    Joined:
    May 12, 2018
    Messages:
    32
    Likes Received:
    10
    Location:
    London Ontario Canada
    im nor even sure that pyscially possible....can i see where you got the idea
     
    Darren Elliott, Nov 19, 2020
    #2
  3. Janice

    priscus

    Joined:
    Jun 1, 2016
    Messages:
    396
    Likes Received:
    152
    My desktop XP machine (2006 vintage) has a mobo built with Nvidia Nforce 4 chipset, which provides the option of running Nvidia's NForce 4 firewall.

    I have used it for many years without problems, but I am aware from chatter on the net, that a lot of people have experienced difficulties with NForce 4 firewall.

    I have the Nvidia firewall protect ethernet trafffic, with the native XP firewall protection active for all other interfaces.

    Any traffic in or out, I can list as 'allowed', and any traffic not so authorised generates a notification asking me if I want to permit it.
     
    priscus, Nov 19, 2020
    #3
    Janice likes this.
  4. Janice

    Janice

    Joined:
    Dec 31, 2017
    Messages:
    525
    Likes Received:
    136
    Location:
    Canada
    I have also heard that some users disable the Windows firewall and install and use third party firewalls which are supposed to be better and easier to customize and also afford better protection.
     
    Janice, Nov 19, 2020
    #4
  5. Janice

    Compaq_8200_Elite

    Joined:
    Jul 15, 2017
    Messages:
    43
    Likes Received:
    16
    So you install a firewall. The first thing that will happen is that it will alert you of an attack which is just your service provider pinging you. You will get constant false alerts.
     
    Compaq_8200_Elite, Nov 23, 2020
    #5
  6. Janice

    Mr Siamese Cat

    Joined:
    Nov 22, 2019
    Messages:
    99
    Likes Received:
    45
    Location:
    Glossop UK
    If your service provider is pinging you - they are trying to access your computer, which is illegal in the UK. Your service provider might occasionally ping your router that they very often supply. Some routers have cheapo Firewalls inbuilt. The inbuilt won’t bother alerting you unless you have set it to, or someone is trying to get past the router to your home network.

    Always worth replacing ones router with a cheap but highly efficient and configurable Draytek.

    An external hardware Firewall (A real actual Firewall) usually sits between your router and your home network and computers. That shouldn’t ever be pinged for any legitimate reason by your ISP, only reason that will be pinged is hacking intrusion. You can set to alert you if you want. Or usually one just sets it to block and log.

    Anyone with the slightest idea of how real Firewalls work will set inbound and outbound rules. Most people with slightest of common sense – set all inbound traffic to denied. Even Email Pop3 is call and fetch.

    Moving onto your computer and any software firewall – if that is pinged – I strongly recommend you give up using computers and get an Apple mac.
     
    Mr Siamese Cat, Nov 23, 2020
    #6
    Madeleine Takam and Janice like this.
  7. Janice

    Mr Siamese Cat

    Joined:
    Nov 22, 2019
    Messages:
    99
    Likes Received:
    45
    Location:
    Glossop UK
    Pros and Cons of using an additional firewall with Windows XP

    Installing any software firewall other than the original one provided by XP – some slight benefit, but in the end pointless to anyone who is serious about network security. Which is surprise surprise why Tec, engineering and large companies use real hardware firewalls. They regularly upgrade the Hardware Firewalls they spend thousands on.

    This is what is important to you the home XP user - you can pick up Hardware Firewalls that originally cost thousands of pounds for peanuts on ebay. It only takes a few hours of reading on the Web to set this kit up.

    So the Pro’s of a Hardware Firewall – Are they will stop intrusion if se up right and cost peanuts and are only slightly more difficult than a Software Firewall to set up.

    Con’s - You will have to spend a few hours typing into Google, doing research and then scouring ebay for cheap bargains.
     
    Mr Siamese Cat, Nov 23, 2020
    #7
    priscus likes this.
  8. Janice

    Compaq_8200_Elite

    Joined:
    Jul 15, 2017
    Messages:
    43
    Likes Received:
    16
    When I installed the SOFTWARE firewall "Zone Alarm" many years ago it would constantly alert me. I did not have a router. I was on dial up. Many security products are marketed to a gullible target market of home computer users who have been convinced to fear going online because of some THEORETICAL chance of being hacked or being infected with a virus. The chance of being hacked is about the same as winning the lottery. I do not think a hacker wants to see my Windows XP files or my cat pictures! If I do have a problem I can restore my operating system with a backup image but so far over the years I have not had to do this due to a hacker or a virus. Many security products will bog down a computer with additional running processes which in the end make system performance as bad as a it might be with a virus.
     
    Compaq_8200_Elite, Nov 24, 2020
    #8
  9. Janice

    Compaq_8200_Elite

    Joined:
    Jul 15, 2017
    Messages:
    43
    Likes Received:
    16
    Maybe have your ports probed to see if they are visible.
    One the 2nd page click "All Service Ports"
    (You can configure the Router not to respond to an ICMP Ping (ping to the WAN port). This offers a heightened level of security.)
    https://www.grc.com/shieldsup
     
    Compaq_8200_Elite, Nov 24, 2020
    #9
    Madeleine Takam and Janice like this.
  10. Janice

    trimis

    Joined:
    Sep 19, 2013
    Messages:
    505
    Likes Received:
    164
    For the past three+ years I have used a software firewall (Agnitum Outpost Firewall 2009) and the hardware firewall on my MikroTik router (SPI & NAT). I would credit the latter for making my XP bulletproof. That said, Agnitum has alerted me to surreptitious outbound connections that SterJo Netstalker missed, and allowed me to block those attempts from BleachBit, CCleaner, etc. A software firewall and hardware firewall is perfectly compatible. Two software firewalls will most likely conflict.
     
    trimis, Nov 26, 2020
    #10
    Janice and priscus like this.
  11. Janice

    priscus

    Joined:
    Jun 1, 2016
    Messages:
    396
    Likes Received:
    152
    Yes, I have observed (ie been notified by firewall) just how frequently apps try to autonomously access the web. Expected following a log-on, if I have opted to allow them to automatically check for updates, but they are attempting web access far more frequently than that, without any action on my behalf to initiate such comms. Totally unknown to me why they are phoning home with such frequency: are they all spying on their customers?

    Worst offender by far is HP printer support software, drivers etc, which I have pruned to bare minimum as there was obviously a lot of bloat.
     
    priscus, Nov 28, 2020
    #11
    trimis and Janice like this.
  12. Janice

    trimis

    Joined:
    Sep 19, 2013
    Messages:
    505
    Likes Received:
    164
    Yeah, inbound connections are not the only thing to watch out for these days. Way too many apps have decided to imitate M$ in its love of 'phone-home' spyware, requiring one to also monitor outbound connections, and ball-gag the lil gossipers when needed. Any firewall you pick absolutely needs to be able to monitor both incoming and outbound connections, and silence either/or.

    Amazon has a ton of complaints in the reviews on most all HP printers (regarding its embedded spyware), and even though it is THE preferred brand for Linux, that alone was quite enough for me to pass on that brand.
     
    trimis, Nov 29, 2020
    #12
    Janice likes this.
  13. Janice

    secpar

    Joined:
    Jan 31, 2020
    Messages:
    166
    Likes Received:
    89
    If you're considering a software firewall for our XP machine, Sunbelt's last firewall was made free to anyone who used it. I use this firewall for my 32-bit XP machines.

    For XP 64 bit, I prefer Comodo personal firewall.

    Lots of options. If you're not familiar with them, they have modes/options that will make things run more simply for you, and without constant popups for activity.
     
    secpar, Dec 1, 2020
    #13
  14. Janice

    secpar

    Joined:
    Jan 31, 2020
    Messages:
    166
    Likes Received:
    89
    Blocking specific machines from reaching the internet can be done in a router configuration. So, it's rather simple to block an HP printer if it's constantly trying to phone-home.

    The printers that I have are Samsung printers, which later on Samsung outsourced to HP. I didn't bother getting new firmwares on these printers.

    However, I can say that if you use any sort of software that works with the printers on your network, a lot of times those individual programs will try to phone-home, or "check for updates."
     
    secpar, Dec 1, 2020
    #14
    trimis likes this.
Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.