Additional firewall for Windows XP

What are the pros and cons of using an additional firewall in Windows XP? I thought of doing this for extra protection but need some opinions from others because I am not familiar with the subject o_O
 
My desktop XP machine (2006 vintage) has a mobo built with Nvidia Nforce 4 chipset, which provides the option of running Nvidia's NForce 4 firewall.

I have used it for many years without problems, but I am aware from chatter on the net, that a lot of people have experienced difficulties with NForce 4 firewall.

I have the Nvidia firewall protect ethernet trafffic, with the native XP firewall protection active for all other interfaces.

Any traffic in or out, I can list as 'allowed', and any traffic not so authorised generates a notification asking me if I want to permit it.
 
I have also heard that some users disable the Windows firewall and install and use third party firewalls which are supposed to be better and easier to customize and also afford better protection.
 
So you install a firewall. The first thing that will happen is that it will alert you of an attack which is just your service provider pinging you. You will get constant false alerts.
 
If your service provider is pinging you - they are trying to access your computer, which is illegal in the UK. Your service provider might occasionally ping your router that they very often supply. Some routers have cheapo Firewalls inbuilt. The inbuilt won’t bother alerting you unless you have set it to, or someone is trying to get past the router to your home network.

Always worth replacing ones router with a cheap but highly efficient and configurable Draytek.

An external hardware Firewall (A real actual Firewall) usually sits between your router and your home network and computers. That shouldn’t ever be pinged for any legitimate reason by your ISP, only reason that will be pinged is hacking intrusion. You can set to alert you if you want. Or usually one just sets it to block and log.

Anyone with the slightest idea of how real Firewalls work will set inbound and outbound rules. Most people with slightest of common sense – set all inbound traffic to denied. Even Email Pop3 is call and fetch.

Moving onto your computer and any software firewall – if that is pinged – I strongly recommend you give up using computers and get an Apple mac.
 
Pros and Cons of using an additional firewall with Windows XP

Installing any software firewall other than the original one provided by XP – some slight benefit, but in the end pointless to anyone who is serious about network security. Which is surprise surprise why Tec, engineering and large companies use real hardware firewalls. They regularly upgrade the Hardware Firewalls they spend thousands on.

This is what is important to you the home XP user - you can pick up Hardware Firewalls that originally cost thousands of pounds for peanuts on ebay. It only takes a few hours of reading on the Web to set this kit up.

So the Pro’s of a Hardware Firewall – Are they will stop intrusion if se up right and cost peanuts and are only slightly more difficult than a Software Firewall to set up.

Con’s - You will have to spend a few hours typing into Google, doing research and then scouring ebay for cheap bargains.
 
When I installed the SOFTWARE firewall "Zone Alarm" many years ago it would constantly alert me. I did not have a router. I was on dial up. Many security products are marketed to a gullible target market of home computer users who have been convinced to fear going online because of some THEORETICAL chance of being hacked or being infected with a virus. The chance of being hacked is about the same as winning the lottery. I do not think a hacker wants to see my Windows XP files or my cat pictures! If I do have a problem I can restore my operating system with a backup image but so far over the years I have not had to do this due to a hacker or a virus. Many security products will bog down a computer with additional running processes which in the end make system performance as bad as a it might be with a virus.
 
What are the pros and cons of using an additional firewall in Windows XP? I thought of doing this for extra protection but need some opinions from others because I am not familiar with the subject o_O

For the past three+ years I have used a software firewall (Agnitum Outpost Firewall 2009) and the hardware firewall on my MikroTik router (SPI & NAT). I would credit the latter for making my XP bulletproof. That said, Agnitum has alerted me to surreptitious outbound connections that SterJo Netstalker missed, and allowed me to block those attempts from BleachBit, CCleaner, etc. A software firewall and hardware firewall is perfectly compatible. Two software firewalls will most likely conflict.
 
For the past three+ years I have used a software firewall (Agnitum Outpost Firewall 2009) and the hardware firewall on my MikroTik router (SPI & NAT). I would credit the latter for making my XP bulletproof. That said, Agnitum has alerted me to surreptitious outbound connections that SterJo Netstalker missed, and allowed me to block those attempts from BleachBit, CCleaner, etc. A software firewall and hardware firewall is perfectly compatible. Two software firewalls will most likely conflict.

Yes, I have observed (ie been notified by firewall) just how frequently apps try to autonomously access the web. Expected following a log-on, if I have opted to allow them to automatically check for updates, but they are attempting web access far more frequently than that, without any action on my behalf to initiate such comms. Totally unknown to me why they are phoning home with such frequency: are they all spying on their customers?

Worst offender by far is HP printer support software, drivers etc, which I have pruned to bare minimum as there was obviously a lot of bloat.
 
Yes, I have observed (ie been notified by firewall) just how frequently apps try to autonomously access the web. Expected following a log-on, if I have opted to allow them to automatically check for updates, but they are attempting web access far more frequently than that, without any action on my behalf to initiate such comms. Totally unknown to me why they are phoning home with such frequency: are they all spying on their customers?

Worst offender by far is HP printer support software, drivers etc, which I have pruned to bare minimum as there was obviously a lot of bloat.

Yeah, inbound connections are not the only thing to watch out for these days. Way too many apps have decided to imitate M$ in its love of 'phone-home' spyware, requiring one to also monitor outbound connections, and ball-gag the lil gossipers when needed. Any firewall you pick absolutely needs to be able to monitor both incoming and outbound connections, and silence either/or.

Amazon has a ton of complaints in the reviews on most all HP printers (regarding its embedded spyware), and even though it is THE preferred brand for Linux, that alone was quite enough for me to pass on that brand.
 
If you're considering a software firewall for our XP machine, Sunbelt's last firewall was made free to anyone who used it. I use this firewall for my 32-bit XP machines.

For XP 64 bit, I prefer Comodo personal firewall.

Lots of options. If you're not familiar with them, they have modes/options that will make things run more simply for you, and without constant popups for activity.
 
Yeah, inbound connections are not the only thing to watch out for these days. Way too many apps have decided to imitate M$ in its love of 'phone-home' spyware, requiring one to also monitor outbound connections, and ball-gag the lil gossipers when needed. Any firewall you pick absolutely needs to be able to monitor both incoming and outbound connections, and silence either/or.

Amazon has a ton of complaints in the reviews on most all HP printers (regarding its embedded spyware), and even though it is THE preferred brand for Linux, that alone was quite enough for me to pass on that brand.

Blocking specific machines from reaching the internet can be done in a router configuration. So, it's rather simple to block an HP printer if it's constantly trying to phone-home.

The printers that I have are Samsung printers, which later on Samsung outsourced to HP. I didn't bother getting new firmwares on these printers.

However, I can say that if you use any sort of software that works with the printers on your network, a lot of times those individual programs will try to phone-home, or "check for updates."
 
Back
Top