3CDaemon Security Issues or Windows Firewall Issue?

I was recently trying to configure syslog on my Windows XP PC … typically, what I do is on the firewall, have it send logs to an external syslog server … that being my PC.  So I was trying a test, to see if using a different listening port on syslog what work.  I do have 3CDaemon on my PC, but it doesn’t allow me to change the syslog port.  So I went ahead and downloaded Kiwi syslog server.

In my testing, I was not able to see Kiwi log any messages.  I thought that was strange … should be slam dunk.  I went to my 3CDaemon syslog server, and I was able to see messages being logged, so I know it’s not a configration issue with my firewall.  After looking through the help files on Kiwi, I see that Windows Firewall will block all incoming connections.  I normally don’t enable Windows Firewall, because usually, I am behind a firewall … but this time, I saw that it was enabled.  So I went into the Control Panel, disabled the firewall, and voila …. I now see messages being logged.  Cool.

But what is disconcerting is that 3CDaemon is logging even with the Windows Firewall enabled.  Hmmm … is 3CDaemon using some special process that communicates at a different stack level than Windows Firewall?  That’s a little bit alarming … maybe that’s why some don’t like 3CDaemon.  However, it is quick and convenient, but may not be the most secure thing … or should we say that Windows Firewall is not the most secure?