Results 1 to 12 of 12

Thread: Firewalls

  1. #1
    New Lounger
    Join Date
    Oct 2005
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Firewalls

    If you have a third party Firewall such as McAfee, is it necessary to keep the Windows Firewall turned on?

  2. #2
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,580
    Thanks
    5
    Thanked 1,058 Times in 927 Posts

    Re: Firewalls

    You should only run one firewall.

    Joe
    Joe

  3. #3
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Firewalls

    To add to Joe's post...

    ... and if you have almost any firewall other than the Windows XP Firewall, then you will be protected from these problems from both directions -- outgoing as well as incoming! (If your PC had become infected, then you could be sending 'stuff' out onto the internet, and the Windows XP Firewall wouldn't trap it...).

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  4. #4
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Cumberland, Maryland, USA
    Posts
    880
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewalls

    Out of curiosity, what problems can develop if you have more than one firewall running?

  5. #5
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts

    Re: Firewalls

    They tend to get in each other's way and can be difficult to manage.
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Firewalls

    > what problems can develop if you have more than one firewall running?

    Apparently, they fight. But beyond that, you may lose control of the features you think the firewall is providing you. I use Outpost Firewall PRO, which checks the identity of the program or service making an outgoing connection before permitting it. If all traffic was first routed through a different firewall, I think this probably would bypass Outpost's program control feature. Conversely, if another firewall ran "behind" Outpost and received incoming traffic initially, Outpost might not see the originating port and address correctly, and mistakenly believe that the traffic originated from another process on my computer. Then the entire burden of properly filtering incoming traffic would fall on the other firewall. For these reasons, I would not want to let a second software firewall software run on my computer.

  7. #7
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Cumberland, Maryland, USA
    Posts
    880
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewalls

    Jefferson--and Doc,

    Thanks for your informative and clear explanation. I guess what prompted my question is the emphasis on redundant programs for PC protection, i.e., spyware. Obviously, the same doesn't hold true for firewalls.

    The value of the Forum constantly impresses me. <img src=/S/thumbup.gif border=0 alt=thumbup width=15 height=15>

  8. #8
    New Lounger
    Join Date
    Oct 2005
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewalls

    <img src=/S/clapping.gif border=0 alt=clapping width=19 height=23> Thanks to you and everybody else who answered! You're right, this forum is great!

  9. #9
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Firewalls

    It kind of holds true for firewalls, it's just that they mustn't both be on the same system. A combination of a Stateful Packet Inspection Firewall on your router and a software firewall on your PC is best.

    StuartR

  10. #10
    5 Star Lounger
    Join Date
    May 2003
    Location
    Pittsburgh, Pennsylvania, USA
    Posts
    629
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewalls

    I had a user buy a laptop, but she wasn't able to connect to their home wireless network. She brough it in, and I noticed that both the Windows firewall and the Dell-supplied McAfee firewall were turned on.

    Basically, if you run two firewalls at the same time on your workstation, something's likely to stop working, and it may not be clear what the problem is until after it causes you hassles.

    Now, if you had a firewall running at your networks entry point to the internet (say on the router). and then had another one running on your workstation, that can be configured without asking for trouble.

  11. #11
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Firewalls

    I just came across this interesting article where a columnist is attempting to justify not having a software firewall on each PC when there are multiple PCs wishing to share resources on a LAN behind the hardware firewall...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  12. #12
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Firewalls

    He makes a fair point. If you have multiple PCs and you want to share resources then
    <UL><LI>you have to know how to open the correct holes in the firewalls. This may be complex depending on the software.
    <LI>You lose some of the protection that the firewall offers, because you have opened some specific holes[/list]So there are probably some users for whom this is too difficult to configure, but I would still always recommend using a software firewall in addition to the hardware, for the exact reason that he identifies - it can alert you to outgoing connections that you weren't expecting.

    StuartR

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •