Black Ice free firewall

I'm sure we'll get the usual round of "it only blocks incoming traffic" counters regarding this, but the practical fact of the matter is that, as long as you're not using any P2P applications, the built in WinXP firewall is more than enough.  In any event, I'd trust it far more than I would Black Ice, which has gotten a number of poor reviews in the last couple years.  I haven't been at all impressed with the last few releases of ZA, either.

The XP firewall is all I use, and I show complete stealth at every test site I visit.  It's small, it's free, it's easy to use, and it works.  That's enough for me.

If you had both firewalls active (bad idea), there's no telling what might be out of configuration.  By the same token, which ports are open are going to depend on your local configuration, and what you've given permission to utilize those ports.  If you have an IM client running when you do the tests, that can affect things.  It's hard to guess what you might have installed/running that might be affecting your test results, just as it's hard to guess which ports might be open.

Are you on a dialup connection, or cable, etc.?  If you're on a cable connection, you can lock things down real tight just by putting a router between the cable modem and your system.  Something like a Linksys BEFSR41 (real cheap) will work fine for this, and will also allow multiple connections to the net, as well as file/printer sharing between systems, if you have more than one.

I have been on cable and started getting the problems after unhooking a router that my former roommate had. Was ZA not even doing anything then?

I was getting zlclient error messages and finally had to reinstall O.S. which  I did twice in the same day. I was having the same problem using cable modem.

Yesterday my apartment installed a wifi connection which works pretty good.

I still have the cable until I'm sure about wifi working properly. I unplug the USB wireless adapter/ethernet cable to switcht back and forth. System seems to work same using each.

I have XP firewall enabled but pots are still open. If I remove ZA will that make them all stealth?

That's one of the reasons I don't care for more recent versions of Zone Alarm - it's gotten increasingly bloated and buggy.  While it's marginally useful on a dialup connection with Win9x, as far as I'm concerned, it's unnecssary under XP.  Even Win9x can do without a firewall if you have a router between the modem and the system, again, assuming you're not engaged in P2P operations, which is just like leaving the front door of your house unlocked and open, with a sign saying "Come on in" out by the road.

WiFi or hard wired, if you lose the ZA, activate the XP firewall (it's gotten better with the release of SP2), and stick that router between you and the modem, you should come up clean on port scans, as long as you haven't allowed some application carte blanche in and out access, which shouldn't be the case with Windows XP in the default state of installation.  Only you are in a position to evaluate the other applications you might have installed.

---

@parickmlyons wrote:
The router is for cable modem only. I was told by someone that a wireless router won't replace/augment firewall

---

I have a Linksys WRT54G Wireless G router here, with 7+ (depending on the day of the week) systems connected to it, and I can safely say that you've been misinformed.  Some systems are connected via wireless, some are hardwired via a hub, and all show complete stealth at www.grc.com and a variety of other security sites.  Once again (and I'm repeating this because you still haven't specified whether you're running any P2P apps), this depends on what kind of house you keep.  If you're allowing apps open access in and out (sometimes through the mere act of installing them), no firewall in the world is going to be able to overcome user ignorance.  If you aren't reasonably certain how a particular application is going to affect your system security, you're slitting your own throat by allowing it to run.  

Sorry is P2P peer to peer stuff like file sharing? If so I don't. The router you describe sounds good. I really don't need a router but if it'll secure this system I'll be glad to get one.

Thanks

The router is for cable modem only. I was told by someone that a wireless router won't replace/augment firewall

Thanks for all your help, I really do appreciate it.

The wifi was setup for the aprtment complex where I live, I'll have at most 3 Pc's ever and really only need one now - will the router work in this environment?

P2P is indeed peer-to-peer, so you're all set there.  Bear in mind that this router thing assumes you have local control over what's coming from the modem.  If you're on some elaborate dorm setup or other type of access configuration, you may have to make other arrangements.  In a standard residential environment though, if youy plant the router between the modem and the PC(s), you'll test better at places like GRC than you will without it.

http://search.ebay.com/befsr41_W0QQfromZR8QQsospellrecommendationZ1

Okay..thanks

I tend to doubt it, but, having never tried such a thing, I couldn't say for sure.  What you might want to do is to contact the service provider for the high speed access, and see what they suggest.

Thought this was the firewall that went belly up after hackers used the firewall to gain access?