Firewalls. Safe to have more then one running?

Has anybody had a conflict running two firewalls at the same time?

I'm using Zonealarm (Free version) at the moment. It turns off windows firewall by default. Is is wise to turn windows firewall back on while zonealarm is still running.

Or I might want to run comodo & zonealarm.


I'm asking because of the message (warning) mircosoft has about running two firewalls in the XP security center.

 

Why would you want to run more than one firewall at once? Just pick a good one and go with it. Zonealarm is a good choice, it's all you need.

 

I'd just figure two's better than one. Kind of like having multiple spyware apps.

I know zonalarm is better than windows fiewalls, being that zonealarm reports much more attempts. And I heard comodo is even better.

 

Comodo is better than the free version of ZA, but is probably equal with the paid version of ZA. Although theoretically you could run multiple firewalls at once, firewalls tend to conflict with each other quite often, and so its adviseable to only use one. Comodo for instance disable windows firewall by default because of potential conflicts; if it conflicts with windows firewall, it'll probably be incompatible with ZA. Also, multiple firewalls will overlap in functions, and will probably be more redundant than just using one.

 

Get a hardware firewall. It's much better than any software firewall.

 

Thanks for the links and info Omneus.

I think I would only get a hardware firewall if I was running a server, which I will be doing sooner or later.@kegobeer

 

Only for inbound traffic. It does nothing for outbound traffic. A hardware firewall is great but you should have a software firewall as well to monitor what the applications you have installed on your computer are transmitting out over the net.

 

i use both hardware and software firewall, this is recommended. while u can use 2 firewall at once, it will cause lots of conflicts and would cause no more security than running one firewall (it might even harm ur system). get one good firewall, zonealarm is probably the best one. so long story short; get hardware firewall eg. router. and only use 1 (ONE)) firewall!

 

Yes, I'm aware that personal and inexpensive hardware firewalls only monitor inbound traffic. Mid to high level switches and routers have the ability to monitor all traffic. Unless you are in the habit of installing questionable software, I don't feel a software firewall is necessary.

 

I would strongly advise against running more than one software firewall on any single systems. Such setups don't make much sense and very often cause problems. I would recommend hardware firewall (eg router) / software firewall setup.

P.S. in case you're wondering why you should listen to me: I have been troubleshooting network/internet connections for 6 years now (including over 3 years of working in tech support)

 

Can I use my LinkSYS wireless router settings ( http://192.168.1.1) as a hardware firwall? Is that what you mean by (eg router)?

If thats the case, I will read up on how to do that.

 

Most routers have hardware firewalls built in.

 

Does SPI firewalls (Linksys WRT54GL) check in and out traffic?

 

Most routers have their firewalls (and whatever people say - it is still a software firewall with pretty much the same or lower performance than Windows firewall). Their advantage is that the router (and its firewall) is in fact a computer in a chain before yours when the attack happens. I have tested many routers and found their firewall implementations rather simple - nothing that a ordinary user would need. IP filtering, wan ping reply and url filtering can help in a very specific situations. I see only ping reply as something that would be worth to turn on on my router firewall.

Two firewalls are not better than one good firewall. Good firewall is Windows firewall in my opinion. It is not the prettiest, but does what it says, it is in Windows already and not a resource eater.

Cheers,

Ivan

 

zone alarm is demon .. i hate it

 

If you are using something like a LinkSys router, then you already have a PRIMARY firewall. Your software firewall (i.e. ZoneAlarm, Comodo, Jetico, etc.) is your SECONDARY line of defense. In reality the only true purpose they can serve in this setup is to prevent illicit outbound traffic which is something the standard XP firewall cannot do.

 

Its more hassle and probably not worth the effort. And also it just plainly doesnt' make much sense.

 

Just to make sure there's no confusion: routers are NAT hardware firewalls due to the nature of what they do.

There are two kinds of hardware firewalls: NAT and SPI.

NAT (network address translation) is what a router does. This prevents outsiders from accessing a specific system behind a router unless you specifically allow such access to either a certain port or the whole system behind the firewall.

SPI (stateful packet inspection) allows routers to provide advanced protection against some advanced forms of attacks. The routers can 'understand' packets and filter out malicious ones.

This included in many new routers.

To answer earlier questions: routers do not 'filter' traffic in the common sense, they just decide whether to redirect it to your system or not providing a natural barrier for incoming attacks. Usually there is no outgoing traffic checking. So, a good setup would be
1. A hardware firewall or a router
2. A software firewall (eg ZoneAlarm Pro or Free)
3. Antivirus (very important)