Welcome to Tactical Gamer

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 15 of 18
  1. #1


    Join Date
    Jun 2003
    Posts
    198
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    XP Firewall Question

    Here it is....I currently have XP home and am having some difficultly hosting games..IE Battlefield and JO. I am pretty sure it has something to do with the built in firewall that came with XP.
    Is it better to disable the firewall all together or select certain items within the network connection?

    This is what I see for options...

    Under LAN properties, I can disable the firewall by checking a box....

    or, go into advance settings and select the following:

    -FTP server
    -internet mail access protocol version3(IMAP3 )
    -internet mail access protocol version4(IMAP4 )
    -internet mail server (SMTP)
    -post office protocol version3(POP3)
    -remote desktop
    -secure web server(HTTPS)
    -telnet server
    -web server(HTTP)

    Whatcha think?
    Last edited by patorean; 07-10-2004 at 09:00 AM. Reason: spelling

  2.  
  3. #2

    =Sarc='s Avatar

    Join Date
    May 2003
    Location
    Ottawa, Canada
    Posts
    3,082
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Disable it. It won't provide much protection and you'll probably never configure it for what you want. A third-party firewall like Sygate, Norton, etc. will work much better. SP 2 for XP should be out soon that features a better firewall. I've heard that it's much more configurable so you can wait to try that out. It might be riddled with security holes though since it's the first real attempt at a firewall.
    JO Guides & Tutorials
    Team Element - It's who you game with.

  4.  
  5. #3


    Join Date
    Jun 2003
    Posts
    198
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Thanks Tim.. I'll disable it.

  6.  

  7. #4

    CingularDuality's Avatar

    Join Date
    May 2003
    Location
    Dallas/Ft. Worth area of Texas, USA
    Age
    41
    Posts
    16,861
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Yeah, I'd disable it and install a real software firewall. ZoneAlarm works great for me.

  8.  
  9. #5

    TheFeniX's Avatar

    Join Date
    Jan 2004
    Location
    Houston, TX
    Age
    34
    Posts
    3,281
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by patorean
    I currently have XP home and am having some difficultly hosting games..IE Battlefield and JO. I am pretty sure it has something to do with the built in firewall that came with XP.
    Running without a firewall when you have access to a public IP is a bad idea. XP's firewall will offer support for advanced port forwarding/allow with Service Pack 2. Basically you'd just forward/allow the needed ports (J-O uses a few ports around the 28000 range).

    I assume you're using the PC itself to get your public IP address and are not using a linksys/d-link router? In the case, you either need to wait for SP2 or download another firewall program.

    Quote Originally Posted by =Sarc=
    Disable it. It won't provide much protection and you'll probably never configure it for what you want.
    Not true. XP's firewall basically says:
    I don't let anything that the PC did not expressly request through my WAN port (the Internet) and I allow everything to go outward. This is all a firewall needs to do it's job.

    XP's firewall just isn't configurable and no matter what some "loloooll M$ suxors" junky tells you that's not an inherent flaw. XP's firewall is in fact secure. The issue is these other programs are not just firewalls. Take this example.

    Two identical PCs: one uses XP's firewall. One uses say Zonealarm. All with default settings.

    1. Some script kiddy tries to hammer his way into your PC with some exploit. Both computers look at their access list and decide to not let the info in because it violates the "nothing in" rule. Both PCs are unharmed.

    2. You goto gethacked.com and download trojan.exe. Both PC's become infected because you initiated the connection and requested the data be sent to you. Now the trojan decided to "dial home." The XP firewall fails to stop it because it's not designed to. Zonealarm detects that by no user intervention, a program is trying to access the Internet. It blocks it and asks you what to do.

    In that instance Zonealarm is better than XP's firewall, but not because it's a better firewall, but because it's a firewall AND IDS (Intrusion Detection System). It's a program that does more. Saying Zonealarm is a better firewall than XP's because it has features not relating to a firewall makes no sense.

    Then again, in my opinion: software firewalls suck anyways. Go buy yourself a hardware one and quit letting some crappy software eat up precious resources that could be used to garner more FPS. Mwhaha!

    EDIT: I should clarfiy something. The PC/networking world is full of people who use hold-overs from things they know when talking about newer technology. Take DSL Modems for example. They don't exist. There is no Modulation/demodulation. Modems take an Digital signal, convert in to analog, then do the opposite on the other end: hence the name.

    It should be called a DSL Bridge. Bridges can connect disimilar networks and change protocols (PPPoE to Ethernet). But if you call the phone company and ask them for a DSL Bridge, they don't know what you're talking about. In further conclusion: Firewall != Firewall + IDS. Know the technology.

  10.  
  11. #6

    CingularDuality's Avatar

    Join Date
    May 2003
    Location
    Dallas/Ft. Worth area of Texas, USA
    Age
    41
    Posts
    16,861
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by TheFeniX
    Take DSL Modems for example. They don't exist. There is no Modulation/demodulation. Modems take an Digital signal, convert in to analog, then do the opposite on the other end: hence the name.
    Umm, a modem isn't always digital to analog or vice versa. There are many ways to modulate signals, both analog and digital, and anytime you want to switch the type of modulation, you're going to need a modem.

    You very clearly explained why ZoneAlarm is superior to WinXP's firewall, but the rest of your little rant was a bit misguided. There's nothing that says that a firewall (by definition) can only block incoming traffic. ZA controls incoming and outgoing in the exact same manner: you give permission on an application by application basis. You can give permission each time the application needs information to pass through the firewall, or you can let it have access whenever it needs it. There are other firewalls that are controlled by ports. Once you close a port, it blocks incoming and outgoing traffic. This is not "intrusion detection". This is what a firewall is supposed to do: block traffic.

  12.  

  13. #7

    TheFeniX's Avatar

    Join Date
    Jan 2004
    Location
    Houston, TX
    Age
    34
    Posts
    3,281
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by CingularDuality
    Umm, a modem isn't always digital to analog or vice versa. There are many ways to modulate signals, both analog and digital, and anytime you want to switch the type of modulation, you're going to need a modem.
    But in this instance, you aren't even playing with the analog at all. You're just converting PPPoE transport protocol into Ethernet protocol. That's what a bridge does: merges dissimilar networks.

    There's nothing that says that a firewall (by definition) can only block incoming traffic.
    And I never made that statement. My arguement was that there is nothing wrong with the XP firewall unless you want to host services (which it will do once SP2 comes out).

    A firewall blocks traffic based off user defined settings. Every firewall I've seen runs the basic: all out/nothing in. And this works fine until you are trying to host services.

    ZA controls incoming and outgoing in the exact same manner: you give permission on an application by application basis.You can give permission each time the application needs information to pass through the firewall, or you can let it have access whenever it needs it. There are other firewalls that are controlled by ports. Once you close a port, it blocks incoming and outgoing traffic. This is not "intrusion detection". This is what a firewall is supposed to do: block traffic.
    Firewalls don't function on that high a level of the OSI. They don't care about applications, they care only about IPs and port #s. Zonealarm gives you access to block both ports and applications. This pulls it out of the realm of a standard firewall.

    My arguement is not that Zonealarm isn't better than a standard firewall. It's built in security measures and easy to use (but highly annoying) settings make it a robust application. But for your standard user who runs anti-virus: a default XP firewall with no open ports would protect them just fine.

    The only reason you would want to allow applications to access the Internet one by one would be so you could examine each application and it's location. Although, you are correct in the assumption that it's not "true" IDS. An IDS is more geared toward someone coming in rather than you getting trojaned and it trying to get out. But something like "Do you want to give 'yougotserved.exe' to access the Internet?" would be more along the lines of a program designed to detect an intrusion rather than being just a "dumb" firewall.

    Zonealarm is just too smart to be considered a firewall and it's not fair to compare them.

  14.  
  15. #8

    =DdogG='s Avatar

    Join Date
    Nov 2003
    Location
    Ennis, TX
    Age
    39
    Posts
    2,082
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    fenix is correct in not comparing za to the xp firewall. a firewall never cares about what app is trying to get access.... it says "what port are you trying to use?" a firewall is there only for one reason... plug the 65,534? (i think thats right) holes that allow someone in or data back out. no more no less.

    that is the definition of a firewall. getting into stateful packet inspection and pinholing configuration (if traffic out on port x then listen on port x -or- y-z) etc are the only real options that could be put into a firewall to increase security.

    spi is the technology whereby a firewall actually reads the tcp header and verifies the data contained in the packet is valid (very crude explaination, but you get the picture I hope)
    Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -Albert Einstein
    The two most common elements in the universe are Hydrogen and stupidity. -Harlan Ellison

    If all else fails: "rm -rf /"

  16.  
  17. #9


    Join Date
    Jun 2003
    Posts
    198
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    I've downloaded Zonealarm. Should I disable XP firewall before installing Zonealarm?

  18.  

  19. #10


    Join Date
    May 2003
    Posts
    186
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by patorean
    Should I disable XP firewall before installing Zonealarm?
    Leave it up untill you get ZA installed, then disable it.

  20.  
  21. #11


    Join Date
    Jun 2003
    Posts
    198
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by eternal
    If you have a slightly outdated pc and want to play the newest games you might want to check out smoothwall it's a free firewall/router +, you install on an old machine. All it requires is an old low end machine (* Minimum hardware specification: i486SX (or compatible) processor, 32 MB RAM and a 512 MB Hard Disk Drive.) and 2 network cards. It is easily configurable and does not take up resources on your main pc.
    I ran it for a few years when I had dsl with no problems. It doesnt need a keyboard, or monitor, just the box sitting there.
    I just finished putting together this machine. Its new from the power supply up.

  22.  
  23. #12

    =DdogG='s Avatar

    Join Date
    Nov 2003
    Location
    Ennis, TX
    Age
    39
    Posts
    2,082
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    uh oh.... patorean got a new gaming machine.........................
    Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -Albert Einstein
    The two most common elements in the universe are Hydrogen and stupidity. -Harlan Ellison

    If all else fails: "rm -rf /"

  24.  

  25. #13

    CingularDuality's Avatar

    Join Date
    May 2003
    Location
    Dallas/Ft. Worth area of Texas, USA
    Age
    41
    Posts
    16,861
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by patorean
    I just finished putting together this machine. Its new from the power supply up.
    So, you have an old machine laying around, now, right? Can't beat a hardware firewall for free...

  26.  
  27. #14


    Join Date
    Jun 2003
    Posts
    198
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    I had 3 old junkers kicking around the basement. I took all the viable parts from all three and put a computer together for "The Boy". Now he can play games on his own machine and I don't have to worry about my setting getting scewed up.

  28.  
  29. #15


    Join Date
    Jun 2003
    Posts
    198
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: XP Firewall Question

    Quote Originally Posted by eternal
    You dont have enough parts to make a box out of the rest? A motherboard, cpu, ram, and hard drive? Plus any old crappy video card? I guess a router isn't that much but smoothwall does alot more than a good $50-$100 router.
    Ah well it was a suggestion. As long as you use something you will be fine. Gone are the days when we all have to figure out to help Rob fit GR on a little hard drive so he can shoot us.
    Yep those days are gone....I have currently:
    80 gig HD
    MSI K7N2 Delta MoBo 400FSB
    512 DDR Ram
    Geforce 5200fx 128MB card
    Big kick ass case with some cool blue lights (3 fans)
    Yamaha sound card
    350w power supply
    Motorola surfboard modem (fast).

    I made for the Boy:
    Some kind of k7 pro Mobo
    868 MB sdram
    geforce3 64MB card
    15 Gig HD
    Etc etc.....
    He can play GR, Red Alert2, Age of empires and games like that.

  30.  
Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Back to top