Windows Firewall - any good?

Lucious Sweet

I'm running windows firewall along with AVG and AdAware. Seems to be working fine in keeping out unwanted crap. But then again, how do I know?
Question is, is windows firewall any good or should I upgrade to zonelabs or kerio? My browsing is quite limited to main steam websites like BBC, boards, AIB banking, ebay and all that kind of stuff. I use Firefox.
I was bit reluctant to upgrade because I heard that some firewalls are really fussy about leaving anything through. Also, should I be running any other security precautions?

Opinions please?

thanks,
moz

deimos

When setting up machines for others I generally like to leave things simple. I find Norton and other crap can cause far more problems then they are worth. Personally, I would think just running the standard windows firewall, with avg and adaware to be quite safe.

Martyr

Its possible to bypass windows firewall from inside the computer using programmed code, & MSDN shows you how to do it.

Although most of the malware i've seen bypassing it, used registry entries, its still relatively easy, perhaps too easy from the inside.

ZoneAlarm & Kerio would be presumed to be more secure because nobody really knows how to bypass the firewalls legitimately, as the protocols are not disclosed publicly.

I know for sure that Checkpoint make available an SDK to other security software vendors, & most others do the same.

There is also an SDK here: http://www.opswat.com/firewallsdk.shtml
which probably allows for a competent programmer to abuse for nefarious purposes.

I was told Sygate was the best, but then someone on here said it was canned by Symantec after a takeover.

Perhaps it is time for someone out there to develop a freeware firewall, based on an already robust & reliable firewall from the UNIX variant operating systems..

There are some open source firewalls out there already, but command line based, still very good all the same.All that is really needed for the average user is a GUI.

I think a secure firewall for windows in future should employ rootkit technology in order to protect itself from unauthorised entries by malicious software.

ZoneAlarm already does this, but it can be bypassed too on some earlier versions of windows pre XP SP2.

Hard to say what the best firewall is, probably ZoneAlarm, although alot of people might dispute that.

Windows Firewall will be improved (according to news reports) in SP3 for XP, but that won't be around for another..roughly a year.

Martyr

Its possible to bypass windows firewall from inside the computer using programmed code, & MSDN shows you how to do it.

Although most of the malware i've seen bypassing it, used registry entries, its still relatively easy, perhaps too easy from the inside.

ZoneAlarm & Kerio would be presumed to be more secure because nobody really knows how to bypass the firewalls legitimately, as the protocols are not disclosed publicly.

I know for sure that Checkpoint make available an SDK to other security software vendors, & most others do the same.

There is also an SDK here: http://www.opswat.com/firewallsdk.shtml
which probably allows for a competent programmer to abuse for nefarious purposes.

I was told Sygate was the best, but then someone on here said it was canned by Symantec after a takeover.

Perhaps it is time for someone out there to develop a freeware firewall, based on an already robust & reliable firewall from the UNIX variant operating systems..

There are some open source firewalls out there already, but command line based, still very good all the same.All that is really needed for the average user is a GUI.

I think a secure firewall for windows in future should employ rootkit technology in order to protect itself from unauthorised entries by malicious software.

ZoneAlarm already does this, but it can be bypassed too on some earlier versions of windows pre XP SP2.

Hard to say what the best firewall is, probably ZoneAlarm, although alot of people might dispute that.

If you want to just stick with windows firewall, avoid Internet explorer, & keep your AV & OS updated, aswell as wise about what you run on your system, you should be ok.

Windows Firewall will be improved (according to news reports) in SP3 for XP, but that won't be around for another..roughly a year.

Capt'n Midnight

To over simplify.
While the XP firewall may stop things trying to get in, it offers no protection or warning about anything trying to phone home. The improvements in Vista etc. will help bring it up to the level of any of the half decent free for personal use firewalls, maybe.

Here is one to watch for windows, they haven't released the source (yet)
Core Force - http://force.coresecurity.com/index.php?module=base&page=about

CORE FORCE provides inbound and outbound stateful packet filtering for TCP/IP protocols using a Windows port of OpenBSD's PF firewall, granular file system and registry access control and programs' integrity validation.

Lucious Sweet

Thanks for the info lads.
Core Force looks like the ideal ad on for windows.
Anyone here using it yet?

moz

Martyr

Nope, but it sounds good.