From: "Stefan Kanthak" .
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:
|
| Watch your line length!
|
>> From: "BassBlonde" <bassguitarblonde2000@yahoo.com>
>>
|>> Which is a better firewall to use ? Norton's or Windows ?
|>> I was told in school a few years ago that Windows supplied was the stronger
|>> one.
|>> Thanks for any advice given.
|>> --
|>> Lisa
|>> All the Worlds a Stage
>>
>> Norton's is bloated and will bog down your PC.
>>
>> The Windows XP SP2 FireWall is fine but what is *better* is the use of a FireWall
>> appliance or at the minimum a NAT Router.
|
| NAT is NOT a security feature.
|
| Especially SOHO "NAT" routers can show "funny" behaviour with UDP
| oder NAT helper modules which definitively undermines any network
| security. Cf. "cone NAT"
|
| See RFC 3489, section "5. NAT Variations", RFC 3022, RFC 2663,
| section "4.0. Various flavors of NAT" and verbatim in RFC 2993:
|
NAT Routers have simplistic FireWall constructs. With a SOHO NAT Router you can
SPECIFICALLOY block ports such as UDP/TCP posrt 135~139 and 445 which 'IS' a security
feature. With such a setting NetBIOS over IP will not leak out and NetBIOS over IP
intrusions will not leak in. A perfecvt example, a Win2K PC behind a NAT Router (even with
the specifically port blocking not in effect) will not receive Messenger Service PopUps
emanating from the internet.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV -
http://www.pctipp.ch/downloads/dl/35905.asp