Hi Andrew and all, May I ask, what is the different, if there's any, between a hardware firewall and a software firewall? I'm not an expert in this field at all but I used to think that they both work in the same way and give pretty much the same level of protection. Cheers, Amro ----- Original Message ----- From: "Andrew Hodgson" <andrew@xxxxxxxxxxxxxxxxx> To: <access-uk@xxxxxxxxxxxxx> Sent: Sunday, August 29, 2004 8:59 PM Subject: [access-uk] Re: SP2 and should you install it > Hi, > > Yes, but it may cause crashes etc. It depends on how well the firewall > is written. I would say that the best practise would be to have a > hardware firewall on a router and an application firewall. I really > don't see what benefits two software sirewalls will give you on the same > system, and as I have said, I have seen crashes when both are enabled, > admitedly not with the MS firewall, but the principal is the same. > > Andrew. > > > -----Original Message----- > > From: access-uk@xxxxxxxxxxxxx=20 > > [mailto:access-uk@xxxxxxxxxxxxx] On Behalf Of Barry > > Sent: 29 August 2004 18:35 > > To: access-uk@xxxxxxxxxxxxx > > Subject: [access-uk] Re: SP2 and should you install it > >=20 > > Can we run a third party firewall and the SP2 firewall at the=20 > > same time? > > Barry H > >=20 > > ----- Original Message -----=20 > > From: Colin @ New Vision=20 > > To: access-uk@xxxxxxxxxxxxx=20 > > Sent: Sunday, August 29, 2004 5:26 PM > > Subject: [access-uk] Re: SP2 and should you install it > >=20 > >=20 > > Hi John > > That's where most of the flaw reports are now coming from,=20 > > as companies test > > it with their own bespoke software. We can safely assume=20 > > all the Microsoft > > software and the major software vendors have put it through=20 > > extensive tests. > > I totally agree with you when you say it has to be better=20 > > for the home PC > > user as they tend to use the more standard application software. > >=20 > > The point of more concern being users tending to rely on=20 > > SP2 being the fix > > to their security problems and ignoring or taking off their existing > > firewalls and security measures. > >=20 > > I think it has already been mentioned on this list if they=20 > > download SP2 can > > they remove their existing firewall. > > I think ZoneAlarm was the one mentioned. > >=20 > > I would certainly recommend not removing any backup=20 > > security measures until > > we can be assured that SP2 is functioning as it should. > >=20 > > Regards > > Colin > >=20 > > ----- Original Message -----=20 > > From: "John Farley" <john_farley@xxxxxxxxxxxxxx> > > To: <access-uk@xxxxxxxxxxxxx> > > Sent: Sunday, August 29, 2004 4:08 PM > > Subject: [access-uk] Re: SP2 and should you install it > >=20 > >=20 > > > It is not necessarily the flaw reports that are stopping=20 > > companies from > > > installing SP2. It is because they have not yet tested=20 > > and proved it with > > > all of their applications, many of which will be bespoke=20 > > and not, by their > > > very nature, tested by Microsoft. > > > > > > > > > For the home user, not using any particularly special=20 > > software, there is > > no > > > real reason not to install SP2. In fact the extra=20 > > security in it probably > > > means that the home user should install it as soon as practical. > > > > > > As usual there are too many scare stories going around=20 > > about the odd > > > potential issue where the real fact is that it will=20 > > improve the situation > > of > > > security. > > > > > > Please be aware that I am not saying that SP2 will cure=20 > > all ills, just > > that > > > it will improve the security of the home PC. > > > There will, of course, be issues found in it; there will=20 > > be subsequent > > > fixes. Install them! > > > > > > > > > > > > > > > > > > > > > Regards, John > > > > > > Contact on : (Home) > > > john_farley@xxxxxxxxxxxxxx > > > or : (work) > > > john.farley@xxxxxxxx > > > > > > -----Original Message----- > > > From: access-uk@xxxxxxxxxxxxx=20 > > [mailto:access-uk@xxxxxxxxxxxxx] On Behalf > > Of > > > Colin @ New Vision > > > Sent: 29 August 2004 15:49 > > > To: access-uk@xxxxxxxxxxxxx > > > Subject: [access-uk] SP2 and should you install it > > > > > > The flaw reports are causing companies to hesitate even=20 > > more before > > > installing Microsoft's latest step to secure Windows.=20 > > Many companies have > > > said they will hold off on the update until it has been=20 > > thoroughly vetted. > > > SP2 is designed to add better security to the operating=20 > > system's handling > > of > > > network data, program memory, browsing activity and=20 > > e-mail messages by > > > changing the system's code and configuration. For=20 > > example, a revamped > > > firewall is intended to keep attackers out and attempts to prevent > > malicious > > > applications from connecting to the Internet by requiring=20 > > that the user > > give > > > specific permission to each application. > > > > > > The major software update, which took almost a year to=20 > > create, came to > > life > > > after the MSBlast worm hit the Internet on Aug. 11.=20 > > Almost 26 days before, > > > Microsoft had issued a patch for the security hole the=20 > > worm exploited, but > > > many people did not install the fix even though there was=20 > > widespread > > > expectation that a virus would be created to take=20 > > advantage of the flaw. > > > > > > Microsoft have never claimed that SP2 would close all the=20 > > security holes. > > > > > > Microsoft firewall protects only against inbound threats,=20 > > not outbound > > > threats, such as keystroke-logging Trojans that report=20 > > your passwords and > > > credit card information to others. Also, the lack of=20 > > outbound protection > > > means your infected PC could still participate in distributed > > > denial-of-service attacks. In short keep your=20 > > third-party firewall > > enabled > > > alongside Microsoft's. Two firewalls are better than one. > > > > > > > > > Since we're talking about Microsoft software, it's=20 > > entirely possible that > > > virus writers will soon write code that turns off the=20 > > Windows Security > > > Centre or at least leads it to falsify its status reports=20 > > (saying, for > > > instance, that a security measure is enabled when it's=20 > > really not). So > > don't > > > just rely on the Security Centre's status messages.=20 > > Periodically check > > your > > > antivirus and firewall applications independently of the centre. > > > > > > Bottom line: Microsoft made significant progress toward=20 > > remedying its past > > > problems, but it still falls far short of putting=20 > > Microsoft on the leading > > > edge in PC security. Install Windows XP SP2 when you get=20 > > the opportunity > > but > > > don't expect this one update to solve all your Internet=20 > > security issues. > > To > > > be safe, keep and maintain third-party antivirus and=20 > > firewall programs. > > > > > > Regards > > > > > > Colin > > > > > > ** Going on holiday and want to halt messages? Send a message to:- > > > ** access-uk-request@xxxxxxxxxxxxx > > > ** and in the Subject line type > > > ** vacation ## d > > > ** where ## is the number of days followed by d for days. > > > ** For other things like digest mode, send a message, to > > > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > > > > > > ** Going on holiday and want to halt messages? Send a message to:- > > > ** access-uk-request@xxxxxxxxxxxxx > > > ** and in the Subject line type > > > ** vacation ## d > > > ** where ## is the number of days followed by d for days. > > > ** For other things like digest mode, send a message, to > > > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > >=20 > >=20 > >=20 > > ** Going on holiday and want to halt messages? Send a message to:- > > ** access-uk-request@xxxxxxxxxxxxx > > ** and in the Subject line type > > ** vacation ## d > > ** where ## is the number of days followed by d for days. > > ** For other things like digest mode, send a message, to=20 > > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > > ** Going on holiday and want to halt messages? Send a message to:- > > ** access-uk-request@xxxxxxxxxxxxx > > ** and in the Subject line type > > ** vacation ## d > > ** where ## is the number of days followed by d for days. > > ** For other things like digest mode, send a message, to=20 > > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > >=20 > ** Going on holiday and want to halt messages? Send a message to:- > ** access-uk-request@xxxxxxxxxxxxx > ** and in the Subject line type > ** vacation ## d > ** where ## is the number of days followed by d for days. > ** For other things like digest mode, send a message, to > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > ** Going on holiday and want to halt messages? Send a message to:- ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** vacation ## d ** where ## is the number of days followed by d for days. ** For other things like digest mode, send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq