Jump to content
duncan

The Kuta

Recommended Posts

Currently on windows startup:

- Microsoft Security Essentials

- Immunet Protect

- Windows Firewall

- Comodo Firewall

 

All free... all working together..

Running together in the background, they dont use a lot of resources.

 

MSE > caught 3 trojans before entry recently...

Comodo > caught a couple of suss websites

Immunet > caught a few trojans.

 

Malware scanners: (free)

MSE

Immunet

Exterminate It!

Malwarebytes

Eset Online

 

Exterminate It! > found a couple of trojans recently.

Share this post


Link to post
Share on other sites

Duncan, are you intentionally encountering trojans for testing purposes or are you running in them in the normal course of net usage?

 

Best,

al

Share this post


Link to post
Share on other sites

you shouldn't be running two firewall at the same time! it could cause instability issues and performance degradation and could explain some of those trojans (Microsoft firewall only alerts on somethings and comodo because of the hips component is enough to replace the windows firewall)

Share this post


Link to post
Share on other sites

Have been running both firewalls at the same time for a few months now. Research on the net has 2 views ie/ a: leave windows firewall on b: switch off when using commodo.

 

In my opinion they do not clash on my system. Microsoft windows prefers its components intact. 2 firewalls are better than one.

 

comments please.

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (alpha)

Share this post


Link to post
Share on other sites

Running two firewalls can slow your system down especially during bootup and shutdown. I also use Comodo Firewall and since it performed admiringly during recent leak tests I find it redundant to run both firewalls simultaneously. Of course that's my own preference. Duncan if your still getting adequate system performance and that added measure of security you feel you need by running both then I would say more power to you.

Share this post


Link to post
Share on other sites

Have been running both firewalls at the same time for a few months now. Research on the net has 2 views ie/ a: leave windows firewall on b: switch off when using commodo.

 

In my opinion they do not clash on my system. Microsoft windows prefers its components intact. 2 firewalls are better than one.

 

comments please.

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (alpha)

 

I am by no means an expert, but I do not believe running two firewalls is necessary, provides any additional protection, and could potentially cause conflicts. If I am not mistaken, only one firewall will hook and/or engage the network traffic. The second firewall will only check/pass the traffic filtered by the first firewall. Since Windows XP’s firewall only provides protection against inbound traffic, I would turn it off and use only Comodo. And as Ritchie has already stated, running two firewalls can slow down boot and shutdown times.

 

Pete

Share this post


Link to post
Share on other sites

Well I just spent over an hour and quickly looked at over 100 posts all over the internet and including commodo forums and microsoft forums.

 

There is no defined answer that I can find. A lot of guessing and jumping to conclusions.

 

The ongoing answer that it is not a good idea to run 2 firewalls together doesnt seem to have any foundation here.

 

I would really like to know the hard core tech aspects.

 

Ok, Running XP with all the latest microsoft updates intact and patched leaves you with

 

MSE, Windows firewall, .net framework, silverlight, etc

 

Given that is the windows XP SP3 operating system.

 

I then bolster the built in AV (MSE) with Immunet Protect cloud based AV.

I then bolster the built in Firewall with Commodo Firewall.

 

So what is the real answer to the question of wether to disconnect windows firewall when running windows security center and commodo firewall.

 

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (alpha)

Share this post


Link to post
Share on other sites

Here is some info on the subject that makes a lot sense. Using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (your router) and a software firewall (Kerio, Comodo or ZoneAlarm etc..) in conjunction. For more information see "The Differences and Features of Hardware & Software Firewalls".

Share this post


Link to post
Share on other sites

The artcle is interesting but still provides no facts relating to this issue.

 

your comment:

`Only one of the firewalls can receive the packets over the network and process them.'

 

Can you further validate this with a site recommendation.

 

I looked at more info on net and still not sure.

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

Share this post


Link to post
Share on other sites

The artcle is interesting but still provides no facts relating to this issue.

 

your comment:

`Only one of the firewalls can receive the packets over the network and process them.'

 

Can you further validate this with a site recommendation.

 

I looked at more info on net and still not sure.

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

 

Duncan,

 

You are correct that there are hundreds of article out there that discuss the use of two "software" firewalls simultaneously. The majority I read does not cite references, but appear to be personal opinion (like mine). Two articles I ran across came from Microsoft (see below). In the last analysis, you have to be satisfied with your security setup. If you are satisfied with using two firewalls and do not have any conflicts and/or problems and believe there is no compromise to your security setup then nothing else matters.

 

Pete.

 

Microsoft Windows XP: Internet Connection Firewall

 

…Another issue you may run into is enabling firewall software on your private network connection or on clients behind an Internet Connection Sharing host. This can cause problems with peer-to-peer connectivity, so file and printer sharing may stop functioning. You could also run into problems actually connecting to your Internet Connection Sharing host or connecting to the Internet depending on what you're doing. Enabling a firewall on a private network connection is generally not a good idea.

 

Remote assistance and/or Remote Desktop connections in Windows XP. You could have problems with these if both of the computers involved have ICF enabled or one or both are behind another third-party firewall software or hardware. Redirecting incoming Internet requests to a computer other than the one that is running the Internet Connection Firewall only works if the computer is also running Internet Connection Sharing, and we talked about that on the services redirection slide previously. Those are some of the common issues that you might run into.

 

The first question: Does Internet Connection Firewall interoperate with other software firewalls such as Norton and McAfee? I know that you mentioned in that article some information about Zone Labs, but it looks like this user is wondering about some of the other types of third-party firewalls.

 

Clifton: That's a great question. Actually, in general, it would not be a good idea to use more than one firewall software or hardware solution at a time. You can run into problems because they don't all operate the same way and you could possibly get unexpected results having multiples. What I would recommend doing is using the one that they feel most comfortable with. The one that we included as a free feature is not the most fully featured firewall on the market. There are products that are dedicated to that functionality and may serve their purposes much better. Generally speaking, no; we wouldn't want to use more than one firewall product at a time…

http://support.microsoft.com/servicedesks/webcasts/en/wc050702/wct050702.asp?SD=gn&LN=en-us&gssnb=1

 

Other software firewalls

Running multiple software firewalls is unnecessary for typical home computers. Using two firewalls on the same connection could cause issues with connectivity to the Internet or other unexpected behavior. One firewall, whether it's the Windows Firewall or a different software firewall, can provide substantial protection for your computer.

http://onecare.live.com/site/en-us/article/firewall_basics.htm

Share this post


Link to post
Share on other sites

Here's what a gentleman who WORKS for Microsoft has to say about the subject: Don't run two firewalls. You achieve no extra protection, you incur

the extra overhead of running two firewalls, and you run the risk

(probably small, but not zero) of conflicts between them.

 

See http://www.microsoft.com/athome/secu.../firewall.mspx

which includes the following:

 

"Q. Should I use both the built-in firewall and a software firewall

from a different company on my Windows XP computer?

 

"A. No. Running multiple software firewalls is unnecessary for typical

home computers, home networking, and small-business networking

scenarios. Using two firewalls on the same connection could cause

issues with connectivity to the Internet or other unexpected behavior.

One firewall, whether it is the Windows XP Internet Connection

Firewall or a different software firewall, can provide substantial

protection for your computer." Ken Blake, Microsoft MVP - Windows Desktop Experience Post copied from: Windows VistaForums

Share this post


Link to post
Share on other sites

Well thanks for that.

 

I have turned off windows firewall for a week and see if there is any difference.

 

I feel more inclined to start changing settings on commodo now.

 

It is still really theory and advice though.

 

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

Share this post


Link to post
Share on other sites

Actually Microsoft has changed how firewall works in Windows 7. Now it is to be programmed by 3rd party firewall, not necessarily turned off - more like limited in features without disabling those unique to Windows Firewall. What Avast do I think.

 

From http://technet.microsoft.com/en-us/library/cc755158%28WS.10%29.aspx#bkmk_7

 

Coexistence with third-party firewalls

 

Windows Firewall with Advanced Security consists of a set of services that provide much more than the traditional firewall. IPsec connection security rules, network service hardening, boot time filters, firewall filters, and stealth filters are all services provided by Windows Firewall with Advanced Security in Windows 7 and Windows Server 2008 R2. Because multiple firewall programs can be problematic due to conflicts, if you install a third-party firewall program, you need to turn off the Windows Firewall. In previous versions of Windows, turning off the firewall meant also disabling all of the related services. If the third-party program does not provide all of the same functionality, then you might be unintentionally exposing your computer to threats for which you no longer have protection. In Windows Server 2008 R2 and Windows 7, Windows Firewall with Advanced Security enables more specific disabling of its features through published application program interface (API) calls. When a third-party firewall program is installed, the installer can disable only those portions of Windows Firewall with Advanced Security that conflict with the services that are provided by the third-party program. Other Windows Firewall with Advanced Security services are left enabled, and continue to help protect your computer.

Share this post


Link to post
Share on other sites

Yes I think I might have to keep looking into this issue. I am still running with windows firewall turned off. There has been no noticeable difference.

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

Share this post


Link to post
Share on other sites

Leaving it alone only goes for Windows 7 and Windows Server 2008 RS - and 3rd party firewall should be programmed to this as well. You can hope for clear information from that maker.

 

Old advise will take years to change so might as well post something about it. For a long time to come it will be correct for some to turn it off on every Windows version, if not installation of 3rd party firewall did it already, and correct for others to leave it alone if on Windows 7/Server 2008 (why 3rd party firewall did not disable if we can assume installer is good).

 

There probably are more exceptions, here is one from Comodo http://forums.comodo.com/install-setup-configuration-help-cis/comodo-did-not-disable-windows-xp-firewall-t36599.0.html;msg260430#msg260430 Just a matter of getting the right information and good luck with that ;)

Share this post


Link to post
Share on other sites

The issue of windows firewall is still not clear,

 

Peoples opinions are really of little use especially if people just copy other peoples opinion.

 

 

Another factor is `using MSE' in other words microsoft designed MSE and firewall and updates to work together calling it security center.

 

And what if windows and comodo were running happily together then there is a possibility that malware would be picked up by one or the other (again a better situation)

 

Again it comes back to tech related stuff and where is that?

 

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

Share this post


Link to post
Share on other sites

Well you must remember that "layered" idea is not the same as stuffing computer with protection. If X and Y exclude each other or collide something is wrong. If that is the case or not depends on particular setup, not old or variations of old ideas. Default is Windows Firewall regardless of 3rd party name - so 3rd party should provide relevant info. If not all is automated through installation and you are not supposed to tinker on your own, (if it works correctly that is). Basically, do as they tell you. Problem or concern solved.

 

I forgot the links but you can search Avast forum for "disable Windows Firewall" look for Avast employees PK and VLK. From what I remember they see no reason to turn it off, was advised by Microsoft not to, extensive testing has shown blah blah. The link I gave to MS article is also mentioned. That was Avast. Of little use to Comodo users so check them. Do Avast only leave Windows Firewall alone because their own does not support ipv6? Don´t know but what they want users to do is clear enough.

 

Clear? Check security center in Vista or 7, don´t know about XP. "Note: Two or more firewalls running at the same time can cause conflicts with each other" Keyword is "can" if you happen to come from Avast forum. Fixed message everyone will see so forget about clear :)

 

There is more. If you check latest beta of MSE 2 you will see a window saying. "In order to optimize your computer´s protection, you should turn on Windows Firewall. If you use another firewall solution, clear this option" Then a tickbox with "Turn on Windows Firewall (recommended). Oh really, back to Avast then, heh. Another fixed message I think everyone will see.

Share this post


Link to post
Share on other sites

Here's what a gentleman who WORKS for Microsoft has to say about the subject: Don't run two firewalls. You achieve no extra protection, you incur

the extra overhead of running two firewalls, and you run the risk

(probably small, but not zero) of conflicts between them.

 

See http://www.microsoft.com/athome/secu.../firewall.mspx

which includes the following:

 

"Q. Should I use both the built-in firewall and a software firewall

from a different company on my Windows XP computer?

 

"A. No. Running multiple software firewalls is unnecessary for typical

home computers, home networking, and small-business networking

scenarios. Using two firewalls on the same connection could cause

issues with connectivity to the Internet or other unexpected behavior.

One firewall, whether it is the Windows XP Internet Connection

Firewall or a different software firewall, can provide substantial

protection for your computer." Ken Blake, Microsoft MVP - Windows Desktop Experience Post copied from: Windows VistaForums

 

As far as firewalls are concerned I would tend to agree. However, there is a *marked* difference in quality between the Windows XP firewall and that which ships native today with Windows 7. Essentially the XP firewall is inferior to what you can get in a third party where the Windows 7 firewall is as good or better than 3rd party offerings. IMO if you have a Windows 7 box, MS's firewall is fantastic and paying for another or installing a free one is likely wasteful.

Share this post


Link to post
Share on other sites

One of the problems with Windows 7 is there still are no GUI for outbound control. A feature available since Vista was born. That is what those not digging in to details of advanced firewalls can see as a potential "problem"/risk - so we can conclude it blows! And so they install Comodo, Outpost, Online Armor etc. or even buy a security suite since they claim firewall prevent theft of whatever. That view of Windows firewall is not dead yet, ask most not associated with MS security "experts". Used to be worse though. Windows 7 has changed opinions but "Firewall" is also a buzzword known by many people so is used in marketing.

 

Windows 7/Vista/(XP) firewall control to the rescue http://www.sphinx-soft.com/Vista/order.html Free version does not do anything but application control. Everyone can understand and what firewalls like in suites typically are used for, by majority at least. More or less just a nice GUI on top of Windows firewall, what Microsoft don't want to confuse people with.

 

I can think of some valid reasons to use "better" firewall but they shall remain unmoderated. Seems to me there are 2 groups who actually use and understand software firewalls, the paranoid or network/security hobbyists and then those on the other side of the fence. Majority in between just use what is installed or rely on maximum ease of use from Norton and friends.

Share this post


Link to post
Share on other sites

Just looked at a few comparison charts (free firewalls) and it seems that comodo and zone-alarm come tops in most. Also listings of features put these way ahead of Windows XP firewall.

 

At the end of the day will stick to the major opinion > comodo firewall - on > windows firewall - off

 

 

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

 

 

 

 

 

 

Share this post


Link to post
Share on other sites

It looks like you all have covered the debate well with regard to leaving Windows firewall on or not when running a third party firewall. I just want to add a few comments that are bound to help out some of you.

 

- In the days of XP, if I installed a third party firewall such as Norton or Zone Alarm, I think that I was generally clearly informed that the install would be disabling the Windows XP firewall.

 

- The above is often no longer the case with Windows 7, as Norton, Comodo, etc. may or may not turn off the Windows 7 firewall upon installation. I also have never seen Windows 7 show a popup warning that two firewalls are running. I run Comodo and it did not turn off the Windows firewall on any of my machines. If you turn off Windows firewall from the Control Panel, check your running Services and you will find that part of Windows firewall is indeed still auto start and running.

 

- Finally, this is the most important part of my post. There is some software that will not install unless Windows firewall (or at least part of it's services as referenced above) are actually running. A good example of this is with Microsoft Zune. If you have Windows firewall disabled in Services, Zune will not finish installing. So, if you all ever find there is no way a program will install, try enabling the Windows firewall and see if that does the trick. Then disable it again after the successful program install if that is what you want.

Share this post


Link to post
Share on other sites

The reason you don't see warning in Windows is probably because firewall did not register correctly. Another old bug with firewalls. You have to reset those values Windows believe are real I think. Been through that while testing Outpost long time ago. Google "firewall, Comodo not recognized security center" or similar. Called "action center" in W7 I guess. Add "+reset" perhaps. They get better, bugs get fixed but 3rd party firewalls are still mighty troublemakers when something is wrong. Disable = in Windows Firewall setings or also turning off service? And is choice the same on all Windows versions? Matter of having useful documentation from vendor or not ;)

Share this post


Link to post
Share on other sites

iTrendsNET stated:

 

 

 

 

``- Finally, this is the most important part of my post. There is some software that will not install unless Windows firewall (or at least part of it's services as referenced above) are actually running. A good example of this is with Microsoft Zune. If you have Windows firewall disabled in Services, Zune will not finish installing. So, if you all ever find there is no way a program will install, try enabling the Windows firewall and see if that does the trick. Then disable it again after the successful program install if that is what you want.''

 

I cannot use my Kaneva (virtual world) application over last few days and was wondering if having windows firewall turned off may have something to do with it. I switched it back on and checked and still cant use it but it may have something to do with it.

 

Also microsoft products and services in particular may be more fussy about firewalls.

 

Again this is with XP and I am not familiar with windows 7 firewall.

 

I have customised and established my system based on XP3 and all is up to date, most software I use is opensource. I dont want to move to windows 7 for many reasons, so I think my next step will be Ubuntu. But at this point everything on my system is fully patched and up to date and ongoing updates for MSE, XP, all anti-malware and just about every other piece of software onboard.

 

Also I have noticed that a hell of a lot of people and businesses are still using XP at this stage. Im not sure but in Australia would probably be 50/50 of pc's running windows are using XP.

 

note: I switched windows firewall off again and am sticking with comodo alone for awhile yet. (Also MSE updates are installing properly again, for awhile I was manually downloading definitions.. I think this is due to only having one firewall - but awhile back I had MSE, Immunet, Panda, windows firewall and comodo firewall all running and at that point you had to manually install MSE updates)

 

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

Share this post


Link to post
Share on other sites

Well I found out what my problem was with my Kaneva client.

 

It wont login with windows firewall on or off.

 

it wont login with comodo firewall turned off.

 

but after a few alerts with comodo switched on.

 

bingo its working.

 

 

 

 

isnt that strange...

 

 

 

 

firewalls..................

 

 

 

 

Windows XP - sp3

AMD Sempron 2600+

1.5 gig ram

128mb video card (nvidia)

telstra 3G internet connection

opera 11 (beta)

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...