XP firewall or zone alarm

Discussion in 'Windows Desktop Systems' started by Johncki, Oct 11, 2002.

  1. Johncki

    Johncki Guest

    Hello all. After Tonybony turned me on to the mailwasher, I got to thinking about the firewall in xp. now I got all of the sudden mail
    blombed..157. I did some research and found that the 5000 port is always open and that it could be the sockets de troie trojan. Now nothing has been changing like programs and such, and did a scan. but it only showed that it could be the de troie..My question is this: Which firewall is the better? I have had the zone alarm pro, but it messed up all the time! After a complete format and install. I was told that the xp firewall such be good enough. I am at a standstill on this issue. What do you all think? and by the way. Thanks alot for the help Tonybony..Nice e-mail washer!!!:)
  2. Iceman

    Iceman Moderator

  3. Octopus

    Octopus Moderator

    XP firewall is useful if you're running a network.
    ZA...hmm I like this program because it tells me which program wants to connect to the internet.
    use ZA and set up everything to high.
  4. damnyank

    damnyank I WILL NOT FORGET 911

    Petal, Mississippi
  5. engel59

    engel59 Guest

    XP's Firewall is only good for incoming safety.
    If a program wants to send data out, without you knowing, you have no way of knowing.
    Something like ZoneAlarm checks outgoing information and gives you the option to allow it or block it.
  6. Johncki

    Johncki Guest

    Very Interesting Damnyank. I have downloaded and ran the .exe
    Port closed! Thanks for the link..Thankyou also Iceman,Octopus,and enqel59.
  7. G-Lizard86

    G-Lizard86 Guest

    Try BlackIce Defender....i use it and did the test on Symantec's Homepage, and they didn't got any response....
  8. Jz1397-5

    Jz1397-5 XP Bad Ass

    Philadelphia PA
    i have a linksys router so ZA is not really needed, but i do have it installed in my DMZ server machine. if you have an OLD PC, have that be your firewall. not really that hard, just need some software.
  9. peroxide

    peroxide Guest

    Im goning to have to say go with Zone Alarm pro.
  10. BonyTony

    BonyTony Moderator

    My Preference is...

    I use Sygate Pro it has never let me down and has some nifty little features you can enable too...also it has never arsed up once under windows xp unlike zonealarm which had a habit of getting all messed up and asking me again and agian if i wanted an app to access the net....even when i told it yes all the time.
  11. A.T

    A.T Guest

    this xp firewall, is it built into xp? how do u control it?
    cause i cant receive files thru icq and such. and it is either because of my ISPs firewall (which i am not even sure they have, i have just assumed this) or this xp firewall you are talking about.

    also, how do you block ports?
  12. BonyTony

    BonyTony Moderator

  13. Johncki

    Johncki Guest

    Sorry for the @ss backward on that BONYTONY...again thanks on
    the e-mail issue. I am going to try the spygate. Nothing against the rest. but just for the fact that you helped me out on the previous issue. Cool Beans!!! Also A.T. check out the link that Damnyank has on this thread..Lot's of reading but well worth it!
  14. Octopus

    Octopus Moderator

    you cant control XP firewall, all you can do is turn it off/on.
    I don't thik XP blocks anything from ICQ..it comes from your ISP..if you change your settings like proxy you will bypass your ISP's firewall..but their firewall is to protect you!
    about ports..there is a program from www.ntutility.com called active ports..it shows which ports are opened.
  15. laptop

    laptop Guest

    You'll think twice about black ice after you read what
    Steve Gibson has to say when he tried it to no avail.


    BlackICE Defender v2.5 ($39.95) —

    I did not have a current copy of BlackICE Defender around, but I felt that this was an important test. So I laid out $39.95 through Network ICE's connection to the Digital River eCommerce retailer and purchased the latest version (v2.5) of BlackICE Defender hot off the Internet. I had already removed all traces of ZoneAlarm and restarted the machine, so I installed BlackICE Defender, let everything settle down, and restarted the machine with my packet sniffer running on an adjacent PC.

    As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER on the dialogs being held by the Zombies and Trojans running inside the poor "Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal firewall, but this even surprised me.

    The Zombie/Bot happily connected without a hitch to its IRC chat server to await further instructions. The Sub7 Trojan sent off its eMail containing the machine's IP and the port where it was listening. Then it connected and logged itself into the Sub7 IRC server, repeating the disclosure of the machine's IP address and awaiting port number. No alerts were raised, nothing was flashing in the system tray. The Trojans were not hampered and I received no indication that anything wrong or dangerous was going on.

    I took a lot of grief after my LeakTest utility cut right through BlackICE Defender. Network ICE told everyone that LeakTest was "being allowed through" because it was a completely benign Trojan. I knew that was a load of bull (and they must have too), but it didn't really matter to me, and I had no affirmative means of proving otherwise.

    Well . . . I have that now, and so do you.

    I performed one final test: As I had with ZoneAlarm, I attempted to connect to the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and listening port number the Trojan was advertising all over the Internet . . . and it worked perfectly. I received Sub7's "PWD" prompt asking me to login.

    Anyone want an "only used once"
    copy of BlackICE Defender?
    I certainly have no use for it.

    (end snip)

    read this fascinating story about his DOS attack

  16. Iceman

    Iceman Moderator

    Steve Gibson is not really that credible as a expert, been many stories on his so-called website and stuff. Not saying BlackICE is a decent firewall, I have never tried it, however, I will not be following any advice from Steve Gibson.