kd833 wrote:
> I have a WinXP Home desktop. I'm trying to stop (block) IE6 and
> Firefox from having access to the Internet. The firewall does nothing
> to prevent either of them from accessing the Internet. I never get the
> "Keep Blocking", "Unblock" popup message. Is this the way the Windows
> firewall suppose to work?
Yes, it is. WinXP's native firewall doesn't monitor out-going traffic
at all, other than to check for IP-spoofing. It assumes that any
application you have on your hard drive is there because you want it
there, and therefore has your "permission" to access the Internet.
> Then I have a application called Tardis
> 2000. It keeps the system time current. After the first start, I was
> asked whether to "Keep Blocking" or "Unblock". I then unchecked the
> box to the application in the firewall properties. But the application
> continues to access the Internet. I'm unable to get the firewall to
> block it again. This firewall makes no sense.
WinXP's built-in firewall is usually adequate at stopping incoming
attacks, and hiding your ports from probes. What WinXP SP2's firewall
does not do, is protect you from any Trojans or spyware that you (or
someone else using your computer) might download and install
inadvertently. It doesn't monitor out-going traffic at all, other than
to check for IP-spoofing, much less block (or at even ask you about) the
bad or the questionable out-going signals. It assumes that any
application you have on your hard drive is there because you want it
there, and therefore has your "permission" to access the Internet.
Further, because the Windows Firewall is a "stateful" firewall, it will
also assume that any incoming traffic that's a direct response to a
Trojan's or spyware's out-going signal is also authorized.
ZoneAlarm, Kerio, or Sygate are all much better than WinXP's
built-in firewall, and are much more easily configured, and there are
free versions of each readily available. Even the commercially
available Symantec's Norton Personal Firewall is superior by far,
although it does take a heavier toll of system performance then do
ZoneAlarm or Sygate.
Having said that, it's important to remember that firewalls and
anti-virus applications, which should always be used and should always
be running, while important components of "safe hex," cannot, and should
not be expected to, protect the computer user from him/herself.
Ultimately, it is incumbent upon each and every computer user to learn
how to secure his/her own computer.
--
Bruce Chambers
Help us help you:
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/default.aspx/kb/555375
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. ~Benjamin Franklin
Many people would rather die than think; in fact, most do. ~Bertrand Russell
The philosopher has never killed any priests, whereas the priest has
killed a great many philosophers.
~ Denis Diderot