2 firewall programs running?

2 firewall programs running?

am 07.09.2007 19:39:51 von David Azose

Does having both XP firewall enabled and at the same time Norton
Internet Security enabled cause problems?

David A.

Re: 2 firewall programs running?

am 07.09.2007 19:48:41 von Sebastian Gottschalk

David Azose wrote:

> Does having both XP firewall enabled and at the same time Norton
> Internet Security enabled cause problems?

Most likely, and running NIS causes problem for sure (since this is what
it's supposed to do).

Re: 2 firewall programs running?

am 07.09.2007 19:55:50 von David Azose

Sebastian G. wrote:
> David Azose wrote:
>
>> Does having both XP firewall enabled and at the same time Norton
>> Internet Security enabled cause problems?
>
> Most likely, and running NIS causes problem for sure (since this is what
> it's supposed to do).
Does than mean I should turn off NIS?

David A.

Re: 2 firewall programs running?

am 07.09.2007 20:05:26 von unknown

Post removed (X-No-Archive: yes)

Re: 2 firewall programs running?

am 07.09.2007 21:38:27 von David Azose

Straight Talk wrote:
> On Fri, 07 Sep 2007 10:39:51 -0700, David Azose
> wrote:
>
>> Does having both XP firewall enabled and at the same time Norton
>> Internet Security enabled cause problems?
>
> Norton will cause problems all by itself.
Thanks to all for the prompt replies. I've turned off NIS. Is the basic
hardware firewall that comes with my Linksys router plus the Windows
firewall in XP sufficient or should I be looking at other programs?

David A.

Re: 2 firewall programs running?

am 07.09.2007 21:51:12 von Sebastian Gottschalk

David Azose wrote:

> Sebastian G. wrote:
>> David Azose wrote:
>>
>>> Does having both XP firewall enabled and at the same time Norton
>>> Internet Security enabled cause problems?
>> Most likely, and running NIS causes problem for sure (since this is what
>> it's supposed to do).
> Does than mean I should turn off NIS?


No, it means that you should uninstall it. Turning it off isn't sufficient.

Re: 2 firewall programs running?

am 07.09.2007 21:55:19 von Sebastian Gottschalk

David Azose wrote:


> Thanks to all for the prompt replies. I've turned off NIS. Is the basic
> hardware firewall that comes with my Linksys router plus the Windows
> firewall in XP sufficient or should I be looking at other programs?

Since it's already sufficient without all of this, it's obviously sufficient
with all of this. So why the question anyway?

Re: 2 firewall programs running?

am 07.09.2007 21:57:25 von unknown

Post removed (X-No-Archive: yes)

Re: 2 firewall programs running?

am 07.09.2007 23:24:03 von MR. Arnold

"David Azose" wrote in message
news:noGdnQsXU9OgNHzbnZ2dnUVZ_u_inZ2d@comcast.com...
> Straight Talk wrote:
>> On Fri, 07 Sep 2007 10:39:51 -0700, David Azose
>> wrote:
>>
>>> Does having both XP firewall enabled and at the same time Norton
>>> Internet Security enabled cause problems?
>>
>> Norton will cause problems all by itself.
> Thanks to all for the prompt replies. I've turned off NIS. Is the basic
> hardware firewall that comes with my Linksys router plus the Windows
> firewall in XP sufficient or should I be looking at other programs?
>

What Linksys router do you have? The XP FW is performing the same function
of the router, which is to stop unsolicited inbound traffic. If the router
can stop outbound traffic by setting rules, then you can supplement the
router with the XP FW. If the router cannot stop outbound traffic, then dump
XP's FW and use Norton, because with Norton, you can set rules to stop
outbound traffic from leaving the computer if you had to stop outbound
traffic.

Re: 2 firewall programs running?

am 08.09.2007 00:25:05 von Kayman

"David Azose" wrote in message
news:k9udndlQqp7tEHzbnZ2dnUVZ_jqdnZ2d@comcast.com...
> Does having both XP firewall enabled and at the same time Norton Internet
> Security enabled cause problems?
>

The retail version of Norton can play havoc with your pc. Uninstall it using
Norton's own uninstall tool
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/200 5033108162039
and get a refund :)
As suggested on the site, you may wish to print out the directions before
proceeding.

If this doesn't work use this:
Revo Uninstaller Freeware - Remove unwanted programs and traces easily
http://www.revouninstaller.com/

and/or
RegSeeker
http://www.hoverdesk.net/freeware.htm
Then use NTREGOPT to compact the registry then do a reboot immediately.
http://www.larshederer.homepage.t-online.de/erunt

While Norton's removal tool usually gets the job done, you may also want to
go to:
http://www.snapfiles.com/get/winsockxpfix.html
and download a copy of winsockxpfix just in case. Rarely, the removal of NIS
breaks the networking components in XP to the point where internet access is
impossible. This little utility will fix it back up.

Use/activate Win XP SP2 built-in Firewall
and uncheck *all* Programs and Services under the Exception tab.
Read through:
http://www.microsoft.com/windowsxp/using/security/internet/s p2_wfintro.mspx
http://www.microsoft.com/windowsxp/using/networking/security /winfirewall.mspx
http://support.microsoft.com/kb/308127

How to Configure Windows Firewall on a Single Computer
http://www.microsoft.com/technet/security/smallbusiness/prod tech/windowsxp/cfgfwall.mspx

Read these articles:

"Personal Firewalls" are mostly snake-oil
http://www.samspade.org/d/firewalls.html

At Least This Snake Oil Is Free
http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at -least-this-snake-oil-is-free.aspx

Deconstructing Common Security Myths.
http://www.microsoft.com/technet/technetmag/issues/2006/05/S ecurityMyths/default.aspx
Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

Exploring the windows Firewall.
http://www.microsoft.com/technet/technetmag/issues/2007/06/V istaFirewall/default.aspx
"Outbound protection is security theater-it's a gimmick that only gives the
impression of improving your security without doing anything that actually
does improve your security."

Re: 2 firewall programs running?

am 08.09.2007 11:20:06 von Volker Birk

David Azose wrote:
> Does having both XP firewall enabled and at the same time Norton
> Internet Security enabled cause problems?

Yes. Compared to only having Windows-Firewall enabled, you don't gain
any additional security effects, but you're adding the security holes
Norton InSecurity brings with it.

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: 2 firewall programs running?

am 08.09.2007 11:21:09 von Volker Birk

David Azose wrote:
> Thanks to all for the prompt replies. I've turned off NIS. Is the basic
> hardware firewall that comes with my Linksys router plus the Windows
> firewall in XP sufficient or should I be looking at other programs?

Sufficient for what?

If we're talking about packet filtering for you at home, this usually
is enough.

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: 2 firewall programs running?

am 08.09.2007 14:44:48 von David Azose

Volker Birk wrote:
> David Azose wrote:
>> Does having both XP firewall enabled and at the same time Norton
>> Internet Security enabled cause problems?
>
> Yes. Compared to only having Windows-Firewall enabled, you don't gain
> any additional security effects, but you're adding the security holes
> Norton InSecurity brings with it.
>
> Yours,
> VB.
Thank you for the clarification. I'm reading up on uninstalling NIS.
Apparently, there may be some problems with using the Windows uninstall
option from the control panel. Some here have suggested downloading the
Norton uninstall program from their website. That's probably what I'll
do. Thanks again for your help.

David A.

Re: 2 firewall programs running?

am 08.09.2007 16:46:34 von MR. Arnold

"David Azose" wrote in message
news:csCdnZ779MlXBH_bnZ2dnUVZ_gWdnZ2d@comcast.com...
> Volker Birk wrote:
>> David Azose wrote:
>>> Does having both XP firewall enabled and at the same time Norton
>>> Internet Security enabled cause problems?
>>
>> Yes. Compared to only having Windows-Firewall enabled, you don't gain
>> any additional security effects, but you're adding the security holes
>> Norton InSecurity brings with it.
>>
>> Yours,
>> VB.
> Thank you for the clarification. I'm reading up on uninstalling NIS.
> Apparently, there may be some problems with using the Windows uninstall
> option from the control panel. Some here have suggested downloading the
> Norton uninstall program from their website. That's probably what I'll do.
> Thanks again for your help.

If you want to be bold and beautiful, why don't you get rid of the XP FW
too? Since you have a router setting there protecting the machine or
machines from the Internet. What do you need the XP FW for, because it's
buying you nothing -- no added protection.

The router and XP FW/packet filter are doing the same thing, and it's
unclear amount your router, because you make no mention of the model of the
Linksys router to determine if it can stop outbound traffic. If the router
can't stop outbound traffic, XP's FW for sure cannot stop outbound traffic
and both can only stop inbound traffic, then why do you need the XP FW
enabled?

And as long as XP's FW is sitting behind that NAT router, because XP's FW
can only stop inbound traffic just like the NAT router, then using the XP FW
router behind the NAT router is pointless. It buys you nothing.

http://www.homenethelp.com/web/explain/about-NAT.asp

Re: 2 firewall programs running?

am 08.09.2007 17:06:09 von Volker Birk

Mr. Arnold wrote:
> If you want to be bold and beautiful, why don't you get rid of the XP FW
> too?

I see no reason why to do so.

> And as long as XP's FW is sitting behind that NAT router, because XP's FW
> can only stop inbound traffic just like the NAT router, then using the XP FW
> router behind the NAT router is pointless. It buys you nothing.

This is wrong.

Following the "defense in depth" strategy, the heuristics used for
packet filtering usually have holes, so a second filtering could help.

Of course, it would be better not to offer network services at all if
one does not need to.

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: 2 firewall programs running?

am 08.09.2007 17:48:34 von MR. Arnold

"Volker Birk" wrote in message
news:46e2ba61@news.uni-ulm.de...
> Mr. Arnold wrote:
>> If you want to be bold and beautiful, why don't you get rid of the XP FW
>> too?
>
> I see no reason why to do so.

That's if he or she knows what he or she is doing. So, why not be bold and
beautiful if one knows that or she doen't need a packet filter running on
the machine due to he or she running machines behind a FW router.

You know, everyone is not as weak as you make them out to be.

>
>> And as long as XP's FW is sitting behind that NAT router, because XP's
>> FW
>> can only stop inbound traffic just like the NAT router, then using the XP
>> FW
>> router behind the NAT router is pointless. It buys you nothing.
>
> This is wrong.

You're going to have to come up with more than just wrong. If that router is
using SPI, then how is Windows using the XP FW doing any more than that. The
only thing the XP FW can do is stop inbound traffic no more than what a NAT
router using SPI is doing. The only time using XP's FW makes any senese is
when the machine has a direct connection to the modem and therefore a direct
connection to the Internet or the machine is in a LAN setting like a
wireless cafe.

>
> Following the "defense in depth" strategy, the heuristics used for
> packet filtering usually have holes, so a second filtering could help.

I disagree. The only time it makes sense is if the first solution like a NAT
router cannot stop outbound traffic, then a packet filtering solution at the
machine level sitting behind a NAT router that cannot stop outbound makes
sense.

>
> Of course, it would be better not to offer network services at all if
> one does not need to.
>

Well of course, if the machine doesn't need to be in a network situation
with other machines then why have the services enabled, period?

On the other hand, as long as my machines are behind a border device like a
packet filtering FW router or FW appliance, then I have no need to for a
filter running on the machines behind them Windows, Linux or otherwise.

Re: 2 firewall programs running?

am 09.09.2007 07:30:04 von David Azose

Mr. Arnold wrote:
>
> "Volker Birk" wrote in message
> news:46e2ba61@news.uni-ulm.de...
>> Mr. Arnold wrote:
>>> If you want to be bold and beautiful, why don't you get rid of the
>>> XP FW
>>> too?
>>
>> I see no reason why to do so.
>
> That's if he or she knows what he or she is doing. So, why not be bold
> and beautiful if one knows that or she doen't need a packet filter
> running on the machine due to he or she running machines behind a FW
> router.
>
> You know, everyone is not as weak as you make them out to be.
>
>>
>>> And as long as XP's FW is sitting behind that NAT router, because
>>> XP's FW
>>> can only stop inbound traffic just like the NAT router, then using
>>> the XP FW
>>> router behind the NAT router is pointless. It buys you nothing.
>>
>> This is wrong.
>
> You're going to have to come up with more than just wrong. If that
> router is using SPI, then how is Windows using the XP FW doing any more
> than that. The only thing the XP FW can do is stop inbound traffic no
> more than what a NAT router using SPI is doing. The only time using XP's
> FW makes any senese is when the machine has a direct connection to the
> modem and therefore a direct connection to the Internet or the machine
> is in a LAN setting like a wireless cafe.
>
>>
>> Following the "defense in depth" strategy, the heuristics used for
>> packet filtering usually have holes, so a second filtering could help.
>
> I disagree. The only time it makes sense is if the first solution like a
> NAT router cannot stop outbound traffic, then a packet filtering
> solution at the machine level sitting behind a NAT router that cannot
> stop outbound makes sense.
>
>>
>> Of course, it would be better not to offer network services at all if
>> one does not need to.
>>
>
> Well of course, if the machine doesn't need to be in a network situation
> with other machines then why have the services enabled, period?
>
> On the other hand, as long as my machines are behind a border device
> like a packet filtering FW router or FW appliance, then I have no need
> to for a filter running on the machines behind them Windows, Linux or
> otherwise.
>
>
Mr. Arnold and others,

I'm ignorant of much of what constitutes networking and of what "packet
filtering" is. And I make an assumption that "outbound traffic" is
anything I type on my computer while connected to the internet that goes
out over the internet.

My main concern is attempting to discourage hackers from taking control
of my computer while I'm on the internet.

My router is a Linksys model WRT54G. The disk that came with it may have
an electronic users manual, but since I just plugged the thing in and it
worked (I was able to get on the internet from the computers connected
to it), I didn't see the need to go any further. Ignorance may not be bliss.

As for having both the basic (hardware?) firewall built into the router
AND the Windows Firewall enabled, would that cause any problems? I
really don't care if what they each do is redundant, if no harm is done.

David A.

Re: 2 firewall programs running?

am 09.09.2007 15:11:20 von MR. Arnold

"David Azose" wrote in message news:j8WdnW4b-



> Mr. Arnold and others,
>
> I'm ignorant of much of what constitutes networking and of what "packet
> filtering" is. And I make an assumption that "outbound traffic" is
> anything I type on my computer while connected to the internet that goes
> out over the internet.

I am not going to get into outbound traffic as opposed to inbound traffic. I
made a post here in this NG a few weeks ago to another poster about what
solicted and unsolicted traffic is about that a FW deals with and links
about how a FW works. What is a FW? What is not a FW? What does a FW do?
What are the differnt types of FW(s)? -- ETC ETC -- If you like, you can
find that post based on my posting name and read-up.

>
> My main concern is attempting to discourage hackers from taking control of
> my computer while I'm on the internet.

The only way that's going to happen is if the machine gets compromised,
which if it does, then *you* have contributed to it yourself in someway, by
going to a Web Site that installed the malware/compromise or you opened an
email with an attachment that installed something etc, etc.
>
> My router is a Linksys model WRT54G. The disk that came with it may have
> an electronic users manual, but since I just plugged the thing in and it
> worked (I was able to get on the internet from the computers connected to
> it), I didn't see the need to go any further. Ignorance may not be bliss.
>

You have a WRT54G packet filtering FW router there that can stop inbound and
outbound traffic, and it can do a whole lot of other things too. You need
to understand how that device works and how to use that device. You should
be more concerned about how can someone hack the wireless network, join my
network, and in doing so, be all over the top of my machines hacking them or
use my network to do something illegal.

http://compnetworking.about.com/od/wirelesssecurity/tp/wifis ecurity.htm

You'll need to change the frimware, which is free that's being talked about
in the WW link for the 54G. That's if you know what frimware is about, look
it up use Google. You shouldn't fly blind and not know the traffic coming to
and leaving your network.

http://sonic.net/wallwatcher/


> As for having both the basic (hardware?) firewall built into the router

That 54G is NOT a basic router. It's more than that.

> AND the Windows Firewall enabled, would that cause any problems? I

Windows XP firewall is NOT a FW. It is a machine level packet filter that
protects at the machine level. A FW separates two networks and sits at the
junction point between the two networks, with one network it's protecting
from the WAN (Wide Area Network)/Internet, and the other network it's
protecting the LAN (Local Area Network). A FW has at least two interfaces
with one interface facing the WAN the untrusted zone and the other interface
facing the LAN the trusted zone. The 54G is a FW solution and any software
like XP's FW or a 3rd party (personal FW) solution is not a FW. They are
machine level packet filters running at the machine level.

> really don't care if what they each do is redundant, if no harm is done.

They are NOT doing the same thing and and ignorance is no excuse.

However, since you have a wireless solution, then it's best to have a
machine level packet filter such as XP's FW/packet filter running in case
someone hacks the wireless side of your network and starts hacking your
machines.

If you don't know what War Driving is about, then look it up using Google.

The buck stops with the person sitting behind the keyboard and mouse and is
doing the driving and not with the FW or packet filter. That also holds true
for the Windows XP O/S. The buck stops at the O/S and not with some FW or
packet filter.

http://www.claymania.com/safe-hex.html
http://labmice.techtarget.com/articles/winxpsecuritychecklis t.htm

Re: 2 firewall programs running?

am 10.09.2007 09:23:23 von Volker Birk

David Azose wrote:
> As for having both the basic (hardware?) firewall built into the router
> AND the Windows Firewall enabled, would that cause any problems?

Usually not.

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: 2 firewall programs running?

am 10.09.2007 09:41:21 von Volker Birk

Mr. Arnold wrote:
>>> And as long as XP's FW is sitting behind that NAT router, because XP's
>>> FW
>>> can only stop inbound traffic just like the NAT router, then using the XP
>>> FW
>>> router behind the NAT router is pointless. It buys you nothing.
>> This is wrong.
> You're going to have to come up with more than just wrong. If that router is
> using SPI, then how is Windows using the XP FW doing any more than that.

Usually, such routers (as other packet filters, too) implement
heuristics to implement protocols like FTP, which cannot be filtered
easily.

Because of that, they're vulnerable.

This is why shutting down unwanted network services is much more secure
than packet filtering.

Having two different packet filters can help with some issues, if you
know exactly what you're doing.

I'm not requesting you to do so. I just wanted to point out, that you
forgot some scenarios, where your original statement is not true.

>> Following the "defense in depth" strategy, the heuristics used for
>> packet filtering usually have holes, so a second filtering could help.
> I disagree. The only time it makes sense is if the first solution like a NAT
> router cannot stop outbound traffic, then a packet filtering solution at the
> machine level sitting behind a NAT router that cannot stop outbound makes
> sense.

Your mistake is to believe in NAT as a security feature. The opposite is
true. The security comes from filtering, not from NAT.

Yours,
VB.
--
"Es muss darauf geachtet werden, dass das Grundgesetz nicht mit Methoden
geschützt wird, die seinem Ziel und seinem Geist zuwider sind."

Gustav Heinemann, "Freimütige Kritik und demokratischer Rechtsstaat"

Re: 2 firewall programs running?

am 10.09.2007 13:50:27 von MR. Arnold

"Volker Birk" wrote in message
news:46e4f521@news.uni-ulm.de...
> Mr. Arnold wrote:
>>>> And as long as XP's FW is sitting behind that NAT router, because XP's
>>>> FW
>>>> can only stop inbound traffic just like the NAT router, then using the
>>>> XP
>>>> FW
>>>> router behind the NAT router is pointless. It buys you nothing.
>>> This is wrong.
>> You're going to have to come up with more than just wrong. If that router
>> is
>> using SPI, then how is Windows using the XP FW doing any more than that.
>
> Usually, such routers (as other packet filters, too) implement
> heuristics to implement protocols like FTP, which cannot be filtered
> easily.

The person didn't say he was using FTP.
>
> Because of that, they're vulnerable.
>
> This is why shutting down unwanted network services is much more secure
> than packet filtering.

Man, tell me something I don't know.

>
> Having two different packet filters can help with some issues, if you
> know exactly what you're doing.

And if you know exactly what you're doing, you don't need one running behind
a border device.
>
> I'm not requesting you to do so. I just wanted to point out, that you
> forgot some scenarios, where your original statement is not true.
>
>>> Following the "defense in depth" strategy, the heuristics used for
>>> packet filtering usually have holes, so a second filtering could help.
>> I disagree. The only time it makes sense is if the first solution like a
>> NAT
>> router cannot stop outbound traffic, then a packet filtering solution at
>> the
>> machine level sitting behind a NAT router that cannot stop outbound makes
>> sense.
>
> Your mistake is to believe in NAT as a security feature. The opposite is
> true. The security comes from filtering, not from NAT.
>

I never said that NAT was a security feature. A router is a border device
that acts in a FW like manner that is using NAT, and some even with SPI,
which separates two networks. And then there are packet filtering FW routers
that this OP has, which is a WRT54G router.

You forget that I have been in this NG since 2001, and I have talked with
and taken the advice of the best in this NG. Please man don't talk to me
about this, as I already know. In a wireless situation like this person has,
I would us a packet filter behind the router.

I don't run with packet filters on my machine behind a FW appliance. It's as
simple as that, and I wouldn't do it for some routers either. It's a simple
as that.

The OP can do what he wants. It's his network and not my network.

Please man, what you are talking about to me is pointless.

I am not here for a debate with you or any argument about this, that or the
other, and you need to stop or slow your roll on this, because I am already
tired of it.