[starvinmarvin]

I cannot count the number of times that I've read that Windows Firewall is only one-way and, therefore, not much good compared to two-way firewalls. So why is it that seemingly every time I install a new program or game that includes any sort of internet component Windows Firewall pops up an alert with words to the effect that "ProgramX is trying to access the internet. What do you want to do? Unblock, Keep Blocking, or Ask Me Later?" If I click on Unblock then Windows adds that program to its Exceptions list.

So, it's blocking or allowing internet access for newly installed apps. Seems like a two-way firewall to me!

[smax013]

starvinmarvin said:

I cannot count the number of times that I've read that Windows Firewall is only one-way and, therefore, not much good compared to two-way firewalls. So why is it that seemingly every time I install a new program or game that includes any sort of internet component Windows Firewall pops up an alert with words to the effect that "ProgramX is trying to access the internet. What do you want to do? Unblock, Keep Blocking, or Ask Me Later?" If I click on Unblock then Windows adds that program to its Exceptions list.

So, it's blocking or allowing internet access for newly installed apps. Seems like a two-way firewall to me!

Which version of Windoze are you running? I am betting it is Vista. Vista's built-in firewall is "two-way"...it is XP's firewall that is only a "one-way" firewall.

[starvinmarvin]

Nope, I'm using Windows XP Home Edition with Service Pack 2 and Automatic Updates enabled.

[SpiritWind]

Hi :
Best to read the Info at http://netsecurity.a.../aa081804b.htm] , paying particular to :

"First of all, the Windows Firewall does not monitor or block outbound traffic. According to a [PCWorld article, Microsoft technical specialist David Overton argues that "it is not the firewall's place to stop malicious code from sending outbound packets--Microsoft contends that companies should use perimeter technologies to examine outbound traffic."

And as to the slight improvement in the "built-in" Firewall in Win Vista, see :

www.pcworld.com/businesscenter/article/128834/analysis[unew[/u]windowsvistafirewallfailsonoutboundsecurity.html] .

[starvinmarvin]

From that same article: "personal firewalls also generally monitor how programs interact with the operating system and which programs attempt to initiate outbound network or Internet communications and either alert the user or block the traffic when suspicious activity occurs.

As I said before, Windows XP is blocking every new program I install from accessing the internet until I tell it to "Unblock". However, it's not alerting me to suspicious activity as such. Furthermore, as the article states, it may be possible for a malicious program to de-activate the Windows firewall, thus giving unhindered internet access. So, for these reasons,it appears that a good two-way firewall offers greater security than Windows firewall.

Thanks for providing the link to the article that provided a satisfactory answer to my original question!

Here's a related point. Two-way firewalls like ZoneAlarm don't give a zillion popup alerts like they used to but they still put up a fair number while they are learning your preferences. Now, here's where it gets sticky. I've sat beside people at their own computer when they wanted to download something, open something, or bring up a webpage they shouldn't. Even though ZoneAlarm gave them a warning/alert message the person clicked to proceed in spite of the warning. The result was, of course, their computer was instantly infected or attacked or otherwise compromised. So, the two-way firewall's effectiveness is limited by the person using it and, therefore, it may be argued that two-way firewalls give just as much of a false sense of security as does Windows firewall.

[mphenterprises]

Hi StarvinMarvin. Since you have this Discussion marked as "Answered," please select the two (2) posts that you feel were "Helpful" and the post that you feel was "Correct."

[smax013]

starvinmarvin said:

Here's a related point. Two-way firewalls like ZoneAlarm don't give a zillion popup alerts like they used to but they still put up a fair number while they are learning your preferences. Now, here's where it gets sticky. I've sat beside people at their own computer when they wanted to download something, open something, or bring up a webpage they shouldn't. Even though ZoneAlarm gave them a warning/alert message the person clicked to proceed in spite of the warning. The result was, of course, their computer was instantly infected or attacked or otherwise compromised. So, the two-way firewall's effectiveness is limited by the person using it and, therefore, it may be argued that two-way firewalls give just as much of a false sense of security as does Windows firewall.

Very true. Which is why I don't "push" more advanced firewalls (aka two-way firewalls) on people that I help with computer stuff. You need to be somewhat more knowledgeable to use them AND be willing to deal with the added popups. Which is why such firewalls work for me. I generally can spot legitimate traffice rather quickly when they popup...and if I don't recognize it, then I either research before deciding or just deny it so that I can research it (you can always change the response later).