Risks being online with no protection??

So what does everyone think about when you restore a system, what to load first? Do you load drivers and then get online and get all the XP updates? or do you first load an antivirus and firewall first and then get online to get all the Windows/DirectX stuff???

 

Well, I'd try to install from CD as much as I could first...it takes a little work, but this article describes how to make a windows update CD, and you could probably burn the .exe's to CD for some antivirus/firewall programs. SP2 comes with a firewall to get you started, and I am pretty sure you can order or download SP2 on CD if your original windows disk lacks it.

It's been a while since I've had to reinstall windows, so I havent installed much from CD lately...running from behind a firewalled router should help too

 

While I don't worry so much about the windows updates, I do put on a firewall and antivirus program (both as updated as I can) and then get windows updates.

Given that my firewall (Kerio) tells me of ANY program trying to run, I can control most stuff.

 

As long as the Windows Firewall is on, I wouldn't worry about trouble when updating XP...just don't do anything else on the net. Once the OS is fully updated, turn off Windows Firewall and then install your firewall and anti-virus of choice. In my experiences it is generally better to update the OS before installing AV...causes less trouble for me. Finally, update your AV/FW and you're good to go.

 

get a wireless router...

Then you have a hardware firewall and you won't hafta worry about security

BTW, some can come free after rebate at fatwallet.

 

I always use AutoPatcher on a fresh install. It's incredibly helpful; it installs all the windows updates, other useful programs like java, flash, windows live messenger, directx, .net framework(s), WMP, tweakui, etc (all optional of course), and includes a bunch of tweaks as well. Here's a list of what's in it. Saves a ton of time, as it installs all these things in one, uninterrupted installer (just 1 reboot is required when it's all finished). I think you need at least service pack 2 installed first to run it though.

So generally before I get online, I run AutoPatcher, make sure the windows firewall is on, and install an antivirus. But as long as you have a firewall you should be fine, the AV is not necessary.

 

Are hardware firewalls really THAT good? I have a router, but always have another firewall for my Windows Computers. For windows on my Macbook I only use the Windows firewall.

 

Hardware firewalls (or NAT routers, really), are generally very good at this, yes, simply because their job is to forward incoming connections to the appropriate computer on the network behind it. Only the router is even visible to the internet. Your computer isn't. That means if it receives a connection attempt from the internet, it has no idea that it's supposed to go to your computer. (You might have a LAN with 40 computers behind one router. How does it tell which one the connection attempt should be forwarded to?)
The received packet's destination IP is your router, not your own computer.

This also means that even if there was a bug in the router, it still wouldn't send the data to your computer. Why would it? The packet is destined for the router, not for your computer. And your computer may be one of hundreds on the local network behind it.
With software firewalls, it's different. The data it handles is destined for your computer, and a buggy firewall will let that data through quite naturally.

The only way you can be reached if you're behind a NAT router, is if you initiated the connection yourself.
So if you just reinstalled Windows, and is looking for Windows updates, or maybe an antivirus program, you're only initiating connections to those sites. To the rest of the internet, you're basically invisible.

Of course, you can still configure the router to forward everything to your computer, in which case you're just as exposed as you would be without the router.

(As an aside, I've seen tests showing that XP, without SP2, lasts roughly two minutes on the internet if it doesn't have a firewall, or is behind a router)

 

I guess I shouldn't talk about Vista with you Jalf, cause it seems we agree on everything else

The thing is though, like Jalf said, a hardware fireware would make you truly invisible. All that a software firewall does is put up a block on certain things. Hackers still know you're there, though, and if you were ever to disable your firewall, like they say to play bf2142, well, been nice knowing ya.

With a hardware firewall, you're only visible when you download something, and it's only to the site you download to, and only to the admin. So it's great protection.

 

Of course, it's not perfect. First, it's a pain in the butt when trying to play games online (because you can't be reached directly), and second, it doesn't offer any guarantee that the site you connect to is "the real thing". You don't have a simple way to check that the site you connected to was actually the one you'd *expect*. It is possible (if unlikely) to reroute your packets so they end up at an unrelated site, full of viruses and malware. But yeah, it makes you invisibile to third parties.

 

Another thing that's bad about software firewalls is the overhead they impose on your system because it is an additional application that needs to run in the background (think Norton/Symantec firewalls). Also if you block a connection and it keeps trying to connect to your ports, you'll log tens of thousands of alerts or events in the program in a short amount of time (tried with four different software firewalls), again something that will sap your system resources.