Did Microsoft Make a two way firewall with Vista Home Premium?

Discussion in 'Windows Vista Security' started by JJ, Oct 11, 2007.

  1. JJ

    JJ Guest

    I am buying a new desktop with Vista Premium and it will have 4 gig of
    Kingston Memory. My problem is that I know nothing about Vista an would like
    to know if they did a better job on the firewall than in XP? I now use Norton
    Internet Suite 2008 and Norton Systemworks 2008 in my laptop with XP. Can I
    install both Norton products in the desktop with Vista premium and not have
    any problems with Windows defender. Also the desktop has AMD Athlon 64 X2
    5000. Thanks for the help an time, I just don't want to mess up my new PC.
    All have a great an safe day an weekend. Does Microsoft have a web site that
    will give me info on what I can add to Vista an what I should not add??
     
    JJ, Oct 11, 2007
    #1
    1. Advertisements

  2. Norton comes with its own firewall. It will automatically
    disable Vista's firewall so you should not have a problems.

    --
    Carey Frisch
    Microsoft MVP
    Windows Shell/User

    ---------------------------------------------------------------

    I am buying a new desktop with Vista Premium and it will have 4 gig of
    Kingston Memory. My problem is that I know nothing about Vista an would like
    to know if they did a better job on the firewall than in XP? I now use Norton
    Internet Suite 2008 and Norton Systemworks 2008 in my laptop with XP. Can I
    install both Norton products in the desktop with Vista premium and not have
    any problems with Windows defender. Also the desktop has AMD Athlon 64 X2
    5000. Thanks for the help an time, I just don't want to mess up my new PC.
    All have a great an safe day an weekend. Does Microsoft have a web site that
    will give me info on what I can add to Vista an what I should not add??
     
    Carey Frisch [MVP], Oct 11, 2007
    #2
    1. Advertisements

  3. JJ

    Kayman Guest

    You are not going to find anything better than the Vista FW and Vista in
    itself due to the advanced features the FW and Vista are using.

    http://www.microsoft.com/technet/community/columns/cableguy/cg0905.mspx
    http://www.microsoft.com/whdc/device/network/WFP.mspx

    Jesper's Blog
    http://msinfluentials.com/blogs/jesper/archive/2007/07/19/at-least-this-snake-oil-is-free.aspx
    http://blogs.technet.com/jesper_johansson/archive/2006/05/01/426921.aspx

    http://www.microsoft.com/technet/technetmag/issues/2007/06/VistaFirewall/default.aspx
    "If you try to block outbound connections from a computer that’s already
    compromised, how can you be sure that the computer is really doing what you
    ask? The answer: you can’t. Outbound protection is security theater—it’s a
    gimmick that only gives the impression of improving your security without
    doing anything that actually does improve your security. This is why
    outbound protection didn’t exist in the Windows XP firewall and why it
    doesn’t exist in the Windows Vista™ firewall."

    Vista Firewall Control
    http://sphinx-soft.com/Vista/
    You're one of the lucky ones :) The retail version of Norton can play havoc
    with the OS. A number of experts agree that the retail AV version of
    McAfee, Norton and Trend Micro has become cumbersome and bloated for the
    average user.
    You sure can.
    A very useful application for any new pc is the PC Decrapifier, it attempts
    to remove all of the crap on your PC that you never asked for or ...
    http://www.pcdecrapifier.com/
    Google is your friend; Good luck :)
     
    Kayman, Oct 12, 2007
    #3

  4. Yes, they did. It's not quite up to the ease-of-use standards of Kerio
    or ZoneAlarm, but it has been improved.

    There are two interfaces for Vistas built-in firewall:

    1) A simplified one accessed through the Control Panel that is the only
    one most people see. Sphinx's Vista Firewall Control
    http://sphinx-soft.com/Vista/) is a piece of freeware that makes the
    Vista Firewall much more useful to the average user.

    2) And the more advanced "Windows Firewall with Advanced Security
    (WF.msc), accessed via the Start Menu's Administrative Tools folder, for
    the experienced user who wants more granular control.


    I wouldn't count on installing any Norton product on any OS and not
    having problems. However, check with Symantec to determine if those
    products are safe to use on Vista. In particular, SystemWorks is pretty
    much worthless. Once a useful utility suite, back in the days of
    MS-DOS, when Peter Norton was more than a picture on the box, Norton
    Utilities (now marketed as SystemWorks) have been becoming increasingly
    useless and redundant over the years. There's little offered by NU/SW
    that Vista cannot already do natively. And some of its features, like
    CrashGuard and CleanSweep (if they're still included) cause far more
    problems then they prevent.





    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    They that can give up essential liberty to obtain a little temporary
    safety deserve neither liberty nor safety. ~Benjamin Franklin

    Many people would rather die than think; in fact, most do. ~Bertrand Russell

    The philosopher has never killed any priests, whereas the priest has
    killed a great many philosophers.
    ~ Denis Diderot
     
    Bruce Chambers, Oct 12, 2007
    #4
  5. JJ

    Rob Harmer Guest

    Don't forget that Vista is also sending a hell of a lot more telemetry data
    out when it phones home as well!
    see what else Vista is harvesting off your PC
    http://news.softpedia.com/news/Forg...s-Harvest-User-Data-for-Microsoft-58752.shtml

    Don't forget to check out the vulnerabilities with Teredo IPv6 as well
    see
    http://www.ietf.org/internet-drafts/draft-ietf-v6ops-teredo-security-concerns-00.txt
    and http://www.symantec.com/avcenter/reference/Teredo_Security.pdf
    and http://www.securiteam.com/securityreviews/6C00O2KHFK.html and
    http://www.symantec.com/enterprise/...g/2007/03/rtm_edition_of_windows_vista_n.html

    Rob
     
    Rob Harmer, Oct 12, 2007
    #5
  6. JJ

    NetLink_Blue Guest

    LOL - what beautiful Homer Simpson logic! Umm ... doughnuts.

    Building and enabling a 2-way firewall as part of Windows would make a
    support-hairball for Microsoft the likes of which hasn't been seen on Earth
    yet.

    Windows Geniune Advantage would be exposed - nekked to the world,
    continually asking to phone-home. Folks would realize that everytime they
    do a file search on their computers, Microsoft is listening in. The exposed
    collection of "helpful" Windows OS calls to Redmond would make a lot of
    folks start acting like Steve Ballmer. Now THAT is scarey. :~P

    Someone, please SLAP Homer Simpson for the above baloney. Thanks.

    netlink
     
    NetLink_Blue, Oct 14, 2007
    #6
  7. Maybe. But not for the reasons you assume.
    Not at all. See, MS is in charge of the OS kernel. If they want to
    phone home without ANY software firewall noticing it, they can just do
    so.

    If you don't trust MS you have no choice but to not run windows. It's
    that simple.
    Someone please educate yourself about the windows platform design to
    understand why outbound protection *is* security theater.
     
    Straight Talk, Oct 14, 2007
    #7
  8. JJ

    NetLink_Blue Guest

    I'm listening, Straight Talk. Give me some of your reasons.

    Are you confirming that MS is doing this? Maybe that recent "stealth"
    update on Windows OS update files themselves?

    More bee-autiful Homer Simpson logic. What OS would you recommend, Homer?
    How about MS customers continueing keeping an eye on MS, and being careful.
    That's not an option for you? Fine. It's an option for me, Straight Talk.


    netlink
     
    NetLink_Blue, Oct 14, 2007
    #8
  9. No. I'm saying they can easily do so if they want to. Also without any
    personal firewall illusionware noticing it.
    Get out of your cartoon world and into the real one.
    I'm not Homer.
    I'm not the one complaining here, am I? I have no problem using MS
    products. Thing is, your idea of being in control is flawed.
     
    Straight Talk, Oct 15, 2007
    #9
  10. JJ

    NetLink_Blue Guest

    Neither am I.
    So you're out-of-place on this forum. Take a hike, Homer.
    Nobody's perfect. Get over it.

    NetLink_Blue
     
    NetLink_Blue, Oct 15, 2007
    #10
  11. JJ

    netlink_blue Guest

    Sorry ST. I misread your having "no problem" running MS products as
    "I've had no PROBLEMS running MS products." :\

    Nobody gives a flying-farkle about your trust in MS. Please, can you
    just get over yourself? OK? Thanks. (Nl_B)
     
    netlink_blue, Oct 16, 2007
    #11
  12. JJ

    netlink_blue Guest


    ==== IN THE NEWS ================================

    Microsoft Windows Update Again in Auto-Reboot Controversy

    by Paul Thurrott,

    It seems that Microsoft hasn't yet fixed a problem with Windows Update
    that was causing Windows PCs all around the globe to automatically
    update themselves and then reboot overnight. But this time, the
    software giant isn't causing the auto-reboot behavior purposefully, it
    says. Which leads us to an even more disturbing scenario: Why can't
    Microsoft figure out why its own software is causing PCs to keep
    rebooting?

    According to a discussion thread on AeroXperience, users who had
    configured Windows Update to download but not install updates recently
    discovered that their machines had rebooted overnight after installing
    updates automatically. Additionally, the Windows Update setting had
    somehow reverted to "install automatically."

    Microsoft says it has made no changes to Windows Update or Automatic
    Updates that would cause this behavior. "We have been hearing some
    questions recently regarding Tuesday's update release changing
    automatic updating settings," Microsoft Update program manager Nate
    Clinton wrote recently in one of the company's blogs. "We are still
    looking into this to see if another application is making this change
    during setup with user consent, or if this issue is related to
    something else. We are continuing the investigation."

    Last month, Microsoft found itself embroiled in controversy after it
    was discovered that the company had silently updated the Windows
    Update components in various Windows versions without alerting
    customers. The software giant has since changed the way it delivers
    such updates, making this week's events all the more disturbing. But
    Microsoft seems to believe that components outside of Windows Update
    are making the changes this time. In other words, this isn't some
    insidious plot, at least not from those responsible for Windows
    Update.

    AeroXperience - Automatic Update feature forces machines across the
    globe to reboot:
    http://list.windowsitpro.com/t?ctl=6A003:B3558C247E7DC99DC8F8D06F24CFFB06

    http://list.windowsitpro.com/t?ctl=6A003:B3558C247E7DC99DC8F8D06F24CFFB06

    ========

    Those Teredo tweaks must be complex to code. Nips!

    Netlink
     
    netlink_blue, Oct 16, 2007
    #12
  13. My possible trust in anything is not the issue here. You're babbling.
    You still don't get it, do you?

    You can't be running windows without trusting MS. It's that simple.

    Obviously not.
     
    Straight Talk, Oct 16, 2007
    #13
  14. JJ

    netlink_blue Guest

    Straight Talk wrote:

    Possible Trust in Anything? What are you babbling about, Slinky-One.

    That you're a sly s-s-snake? That your name isn't Homer? Let's let the
    humble reader decide what's what, eh Forked-Tongue.
    You sure presume to speak on behalf of a lot of folks.

    Catch you later, s-s-snake,
    - netlink
     
    netlink_blue, Oct 16, 2007
    #14

  15. Okay. You're obviously here to troll.

    Thread-PLONK.
     
    Straight Talk, Oct 17, 2007
    #15
  16. JJ

    netlink_blue Guest


    I Googled on Windows "backdoors" this morning. Creepy.

    I stand corrected. Microsoft programmer(s) can insert backdoor code in
    an amazing variety of ways (I'm even now listening to a Steve Gibson
    podcast about the MetaFile vulnerability).

    ST had written
    "See, MS is in charge of the OS kernel. If they want to
    phone home without ANY software firewall noticing it, they can just do
    so."

    Not quite as easy-peasy as ST makes it sound, but I basically am in
    agreement. Almost impossible to catch Microsoft with their "hands in
    the cookie jar", unless by happenstance/fluke as described by Google
    search articles. And impossible to prove or disprove as deliberate.

    - = - = -


    This statement by ST is somewhat misleading and TOTALLY misses the mark:

    "If you don't trust MS you have no choice but to not run windows. It's
    that simple."



    From Richard's "Why I Hate Microsoft" Page
    http://www.twoengineers.com/Richard/microsoft.html

    Q: If you hate Windows so much, why don't you just quit bitching and use
    some other operating system??

    A: Perhaps you haven't heard: Microsoft is a monopoly. I don't jettison
    Microsoft for the same reason I wouldn't abandon gasoline as an
    automobile fuel.

    [snip] ...In short, defying the marketplace is easy to
    talk about, much harder to do. Note that this does not mean that
    Gasoline is in any way inherently superior to other fuel technologies,
    nor does it mean that I owe a debt of gratitude to the oil companies or
    OPEC. They just happened to be in the right place at the right time,
    just like Microsoft.

    I hate Microsoft, but not quite enough to tell my employer that I refuse
    to do my job, stop playing the games I enjoy, and stop using my scanner,
    video capture card, digital camera, removable disks, and the dozens of
    programs and thousands of files I have that are usable only on Microsoft
    systems. This situation was not my choice. It is precisely my lack of
    choice that created it.

    - = - = -

    My own example would be phone companies. I don't "trust" them or like
    them, but I sure am not about to give up on phone service.
     
    netlink_blue, Oct 17, 2007
    #16
  17. JJ

    netlink_blue Guest


    I have started to educate myself about "the windows platform design"
    re: outbound protection.

    Windows OS leaks like a sieve. There is no firewall that can contain
    all the "known" exploits that exist.

    Microsoft themselves can not build a firewall with reasonably secure
    outbound protection without "breaking" most/too-many Windows capablities
    & convenience features.

    When drama-queen Straight Talk mocks outbound firewall protection, he
    has a point (but his hair covers it up). In my eyes, ST is really
    mocking Windows OS. Firewalls don't really "leak" - it's Windows that
    leaks! Software firewalls get carried along for the ride on Windows OS
    code. And there is really no practical way on God's green earth to stop
    Windows from leaking, unless you keep yourself disconnected from the
    Internet.

    The real STAR of outbound "Security-Theater" is Windows.

    Do firewall companies play-up and overstate their capablities? I
    believe they do. (shock, gasp, dismay)

    Not all adware or malware goes to all 15 or so extremes of exploits ...

    http://www.firewallleaktester.com/index.html

    I have lived behind a router for many years now. I shutter at the
    thought of directly hooking up to the 'Net. The firewalls I have run
    with outbound filters have served me with a modicum of convenience and
    alerts. But, who knows ...

    the Shadow knows,
    NetLnk

    Get a router. Use Vista's firewall (or XP SP-2's) to at least cloak all
    your open ports if directily connected.
     
    netlink_blue, Oct 18, 2007
    #17
  18. An OS leaking? - Never heard about such a thing. What does a leaking
    OS look like?
    You don't necessarily need to exploit anything. Just using standard
    windows functionality will do.
    Right. But at least they admit that openly.
    Not really. It's not MS or windows claiming to be able to do magic, is
    it? It's the "firewall" vendors. At least MS is honest enough to admit
    that host based outbound protection on their windows platform is a
    waste of time and resources.
    This doesn't become true just by being repeated.
    Windows is a multi-purpose OS made with functionality and convenience
    in mind. What exactly do you expect?
    You bet. They are selling snake-oil.
    For several years I hooked up W2K machines directly to the Internet
    after having configured them properly. No problems.
     
    Straight Talk, Oct 18, 2007
    #18
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.