firewalls

[BassBlonde]

Which is a better firewall to use ? Norton's or Windows ?
I was told in school a few years ago that Windows supplied was the stronger
one.
Thanks for any advice given.
--
Lisa
All the Worlds a Stage

 

[Brian Komar]

What are your requirements?
What is your budget?
What are your attack points you are trying to protect?
Brian
"BassBlonde" <bassguitarblonde2000@yahoo.com> wrote in message
news:7E34F226-90CF-4317-A92F-5A83A9BD5404@microsoft.com...
> Which is a better firewall to use ? Norton's or Windows ?
> I was told in school a few years ago that Windows supplied was the
> stronger
> one.
> Thanks for any advice given.
> --
> Lisa
> All the Worlds a Stage

 

[David H. Lipman]

From: "BassBlonde" <bassguitarblonde2000@yahoo.com>

| Which is a better firewall to use ? Norton's or Windows ?
| I was told in school a few years ago that Windows supplied was the stronger
| one.
| Thanks for any advice given.
| --
| Lisa
| All the Worlds a Stage

Norton's is bloated and will bog down your PC.

The Windows XP SP2 FireWall is fine but what is *better* is the use of a FireWall appliance
or at the minimum a NAT Router.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[BassBlonde]

--
Lisa
All the Worlds a Stage


"David H. Lipman" wrote:

> From: "BassBlonde" <bassguitarblonde2000@yahoo.com>
>
> | Which is a better firewall to use ? Norton's or Windows ?
> | I was told in school a few years ago that Windows supplied was the stronger
> | one.
> | Thanks for any advice given.
> | --
> | Lisa
> | All the Worlds a Stage
>
> Norton's is bloated and will bog down your PC.
>
> The Windows XP SP2 FireWall is fine but what is *better* is the use of a FireWall appliance
> or at the minimum a NAT Router.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
Dave,

Dose that include Windows Vista also ?
>
>

 

[David H. Lipman]

From: "BassBlonde" <bassguitarblonde2000@yahoo.com>

|
| Dave,
|
| Dose that include Windows Vista also ?

Most definitely !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[Stefan Kanthak]

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

Watch your line length!

> From: "BassBlonde" <bassguitarblonde2000@yahoo.com>
>
> | Which is a better firewall to use ? Norton's or Windows ?
> | I was told in school a few years ago that Windows supplied was the stronger
> | one.
> | Thanks for any advice given.
> | --
> | Lisa
> | All the Worlds a Stage
>
> Norton's is bloated and will bog down your PC.
>
> The Windows XP SP2 FireWall is fine but what is *better* is the use of a FireWall appliance
> or at the minimum a NAT Router.

NAT is NOT a security feature.

Especially SOHO "NAT" routers can show "funny" behaviour with UDP
oder NAT helper modules which definitively undermines any network
security. Cf. "cone NAT"

See RFC 3489, section "5. NAT Variations", RFC 3022, RFC 2663,
section "4.0. Various flavors of NAT" and verbatim in RFC 2993:

| 9. Security Considerations
|
| NAT (particularly NAPT) actually has the potential to lower
| overall security because it creates the illusion of a security
| barrier

Stefan

 

[David H. Lipman]

From: "Stefan Kanthak" .

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:
|
| Watch your line length!
|
>> From: "BassBlonde" <bassguitarblonde2000@yahoo.com>
>>
|>> Which is a better firewall to use ? Norton's or Windows ?
|>> I was told in school a few years ago that Windows supplied was the stronger
|>> one.
|>> Thanks for any advice given.
|>> --
|>> Lisa
|>> All the Worlds a Stage
>>
>> Norton's is bloated and will bog down your PC.
>>
>> The Windows XP SP2 FireWall is fine but what is *better* is the use of a FireWall
>> appliance or at the minimum a NAT Router.
|
| NAT is NOT a security feature.
|
| Especially SOHO "NAT" routers can show "funny" behaviour with UDP
| oder NAT helper modules which definitively undermines any network
| security. Cf. "cone NAT"
|
| See RFC 3489, section "5. NAT Variations", RFC 3022, RFC 2663,
| section "4.0. Various flavors of NAT" and verbatim in RFC 2993:
|

NAT Routers have simplistic FireWall constructs. With a SOHO NAT Router you can
SPECIFICALLOY block ports such as UDP/TCP posrt 135~139 and 445 which 'IS' a security
feature. With such a setting NetBIOS over IP will not leak out and NetBIOS over IP
intrusions will not leak in. A perfecvt example, a Win2K PC behind a NAT Router (even with
the specifically port blocking not in effect) will not receive Messenger Service PopUps
emanating from the internet.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[David H. Lipman]

From: "Stefan Kanthak" .

A picture is worth a thousand words...

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[Stefan Kanthak]

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

> From: "Stefan Kanthak" .
>
> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:

> >> The Windows XP SP2 FireWall is fine but what is *better* is the use of a FireWall
> >> appliance or at the minimum a NAT Router.
> |
> | NAT is NOT a security feature.
> |
> | Especially SOHO "NAT" routers can show "funny" behaviour with UDP
> | oder NAT helper modules which definitively undermines any network
> | security. Cf. "cone NAT"
> |
> | See RFC 3489, section "5. NAT Variations", RFC 3022, RFC 2663,
> | section "4.0. Various flavors of NAT" and verbatim in RFC 2993:
> |
>
> NAT Routers have simplistic FireWall constructs.

You are confused/misinformed.
NAT and Filters/Firewalls serve different purposes.
They MAY be combined in one device.

> With a SOHO NAT Router you can
> SPECIFICALLOY block ports such as UDP/TCP posrt 135~139 and 445
> which 'IS' a security feature.

This security feature but does not originate in the NAT function
of these routers, it originates in the (simplicistic) filtering/
firewalling they (typically) provide too.

CAVEAT: most of these SOHO routers "route" incoming UDP pakets to
the source of the last outgoing UDP paket, and they most often have
NAT helper modules to allow FTP or even H.323 (NetMeeting) or SIP.

CAVEAT2: UPnP!

> With such a setting NetBIOS over IP will not leak out and NetBIOS over IP
> intrusions will not leak in.

Does EVERY SOHO NAT router filter OUTGOING CIFS/NetBIOS?
Most of them filter INCOMING CIFS/NetBIOS, but that can be turned off.
And even when turned on, incoming UDP pakets (especially for other
ports) might be delivered to your hosts behind a SOHO NAT router.

> A perfecvt example, a Win2K PC behind a NAT Router (even with
> the specifically port blocking not in effect) will not receive Messenger Service PopUps
> emanating from the internet.

TCP <> UDP.

A perfect counterexample: my Win2K here wont display Messenger
Service Popups despite a direct connection to the internet.
No, the messenger service is running, and there is no filter
on 135/tcp. The RPC service is but bound to my LAN only, not
to the WAN.

Stefan