Results 1 to 12 of 12
  1. #1
    New Lounger
    Join Date
    Aug 2003
    Location
    Idaho, USA
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Firewall (XP SP1)

    We have several home PCs that get online using Win XP internet connection sharing. Is it enough to have the firewall enabled on the master PC, or should each PC connecting through the master have its firewall enabled as well?

  2. #2
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    I am on a Home Network and am not the host computer. The host is running Zone Alarm Pro and I am using the free version of Zone Alarm. I think it is necessary for all your machines to have a Firewall like Zone Alarm which will alert you to all access attempts both coming in and going out from your computer. Many nasties try to phone home and Zone Alarm will alert you and you can block them. I think it is essential for every computer to have a Firewall especially just now with Blaster and SoBig being so widespread.You can then stop any messages to and from them .
    Elaine

  3. #3
    Banned Member
    Join Date
    Jul 2002
    Location
    Newport Richey, Florida, USA
    Posts
    2,149
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    The only PC protected by the Firewall is the PC that the Firewall is Active on. If you are Networked at home you are probably running the other Computers through a Hub or Router, and not through your Computer would be my guess, so each Computer has direct Access to the Internet from the Router or Hub and therefore a Hacker has Access to those Computers, especially if they have no Firewall installed. That is my understanding of it anyway. I have three Computers Networked at home and all three have Kerio Personal Firewall installed and running, and of course PC-Cillin Antivirus Protection on all three.

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Firewall (XP SP1)

    It may be possible to test how well the host is protecting the other PCs by visiting the ShieldsUP! site, which last time I checked was linked through http://grc.com/default.htm/ (scroll down...).

  5. #5
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    Steve Gibson used to have a little program to check this called something like IP Shields Up. This is no longer available, but on using it in the past it told me that since I was not the host on a Home Network, my computer was invisible to hackers. This is apparently because a portion of the Internet is set aside for such Networks and no one can see it. That was not the exact words, but the jist is there. I still think you need a Firewall though as it protects you while surfing as everyone is at risk there.
    Elaine

  6. #6
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Firewall (XP SP1)

    Steve Gibson's site is http://www.grc.com and Shields Up! is still available - follow the links from his home page.

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Firewall (XP SP1)

    Regarding home use, yes and no: if you have a router that offers NAT (network address translation) then your computer's actual address (e.g., 192.168.0.1) is invisible and when you reach out to the web, the router tells web servers, for example, that your computer is at the router's address (otherwise, you'd never get anything back). When people scan for open ports, open shares, open printers, the router's simple firewall should ignore their probes. This is a good first level of protection, and can be supplemented with a software firewall such as ZoneAlarm.

    However, if you are plugging directly into a cable modem, for example, without a router than is running NAT, you are using a public address and receive the probes directly. And that can be followed by nasty things happening.

  8. #8
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    I`m afraid you`ve lost me here. I don`t know very much about networking, as our friendly local computer boys set it up for us. I do know that we don`t have a router. We have Broadband and are on a LAN with ethernet cards and a hub. That is the sum total of my knowledge. So how does your explanation apply to me? You`ve got me wondering about a few things now and I would be so grateful if you could please explain in the simplest way possible how your last reply affects me .The more I read this Forum, the more I realise how little I know, although it is also true to say that I have learned such a great deal here. Now my brain is hurting as it`s too late to sort that one out!Thanks for all your help. I`ll be back tomorrow.
    Elaine

  9. #9
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Firewall (XP SP1)

    To figure out if you're on a "private" network, you can check your IP address.

    Start > Run > cmd > ipconfig

    The second item is your IP address. If it starts with any of the following (the X can be any 1-3 digit number) then you are on a private network with a router performing NAT. Otherwise, you are on the wide-open Internet:

    10.X.X.X
    192.168.X.X
    172.16.X.X - 172.31.X.X

    (Source: RFC 1918: Address Allocation for Private Internets)

  10. #10
    2 Star Lounger
    Join Date
    May 2002
    Location
    Nr. Edinburgh, Fife, Scotland
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    Thanks for the explanation. My address is one of those you listed, so I feel better now. I have always run the free Zone Alarm and AVG so I think I am as safe as it`s possible to be. Don`t want to get paranoid!
    Elaine

  11. #11
    5 Star Lounger
    Join Date
    Feb 2001
    Location
    Youngstown, Ohio, USA
    Posts
    705
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    A set of online firewall / security scans can be found at http://scan.sygate.com. It is fairly comprehensive, but one of the nicer scans I found was the Trojan scan -- it specifically checks ports known to be used by trojans. I wouldn't be too worried about the 'estimated scan times' the site gives; even on my dialup connection they ran in less than half the times given.

  12. #12
    New Lounger
    Join Date
    Aug 2003
    Location
    Idaho, USA
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall (XP SP1)

    I appreciate all the responses and good suggestions. I had forgotten about the Shields Up site.
    We use a dial-up connection to the Internet. Our home PCs are networked using a simple hub. I went to the Shields Up site and ran its tests on two of the PCs that connect through the dial-up PC. Both PCs tested as secure. So, it looks like the PC that shares its dial-up Internet connection is providing protection for all the connected PCs.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •