Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
Posted: 10/25/2004 4:27:04 AM EST
[Last Edit: 10/25/2004 4:27:14 AM EST by AW-101]
I just got a new machine (nothing special), and I'm wondering what you all use for software firewalls. Any reccomendations?
Link Posted: 10/25/2004 7:31:08 AM EST
I'm still using Norton...version 2003. The 2004/2005 versions have more add-on's/popup blockers/online activation with Norton, which is probably why I haven't put them on my own machines. I use them on stand-alone test machines at work though. Zone Alarm is pretty straightforward. Security-wise, it's as good as any. And the non-Pro version is free! The protection is the same from the non-Pro to the Pro version, but the Pro version has add-on's that aren't related to the firewall. Another recommendation is Tiny Personal Firewall. Not sure if TPF has been updated in awhile, but last I heard, it was a solid performer.

McAfee seems to have a solid product too...protection-wise. But from the different versions I've run, I absolutely can't stand their interface. BlackICE Defender isn't quite a firewall...it's an "intrusion detector." I don't recommend it for firewall duties.

In addition to all that, if you're on cable/dsl, a $20 router (probably with a $20 rebate too) will add a measure of "firewall-like" protection from unsolicited packets from ye olde Intarweb. Routers say they have a firewall, but it isn't a true firewall. But I still recommend them (in addition to a software firewall) as they're good at what they do.
Link Posted: 10/25/2004 7:34:29 AM EST
Software firewalls are snake oil, crap, SHIT... Get it?

If you *really* want to run one, the one that comes with Windows is just as useless & innefective as the others, so go ahead, use it...

But in the end, the only firewall worth it's salt is the hardware kind...
Link Posted: 10/25/2004 7:45:07 AM EST
I'm running a Cisco PIX 501 here at the house. It's nice. 'Nuff said.
Link Posted: 10/25/2004 7:48:25 AM EST
My software firewall works just fine (stock OS X firewall with a shareware controller). Use this site to check your firewall: www.grc.com/x/ne.dll?bh0bkyd2

Avoid any kind of intrusion detection or "scanning the scanner" stuff. Neither one will tell you anything useful.

What kind of connection do you have, and how do you plan on using it? Always-on broadband connections need much better protection then dialup connections that are only on for an hour or two at a time.
Link Posted: 10/25/2004 7:53:25 AM EST

Originally Posted By Dave_A:
But in the end, the only firewall worth it's salt is the hardware kind...


Hardware, you can buy a 4 port router with a built-in firewall for something like $40, with a $30 rebate, so net cost is around $14 for a hardware router/firewall.
Link Posted: 10/25/2004 8:17:53 AM EST

Windows firewall


*shudder*


Originally Posted By warlord:

Originally Posted By Dave_A:
But in the end, the only firewall worth it's salt is the hardware kind...


Hardware, you can buy a 4 port router with a built-in firewall for something like $40, with a $30 rebate, so net cost is around $14 for a hardware router/firewall.



Not a true firewall, but they provide a measure of security. Most hardware firewalls start around $500-600 and go way up from there.
Link Posted: 10/25/2004 8:26:35 AM EST

Originally Posted By Robbie:

Windows firewall


*shudder*


Originally Posted By warlord:

Originally Posted By Dave_A:
But in the end, the only firewall worth it's salt is the hardware kind...


Hardware, you can buy a 4 port router with a built-in firewall for something like $40, with a $30 rebate, so net cost is around $14 for a hardware router/firewall.



Not a true firewall, but they provide a measure of security. Most hardware firewalls start around $500-600 and go way up from there.


Close! I got special NFR pricing on my PIX 501 - $450 w/3DES and 10 IKE peers (if I recall correctly).

How do some folks live without the ability to establish IPSec VPN tunnels with other IPSec devices or clients, anyway?
Link Posted: 10/25/2004 8:28:58 AM EST
WITH 3DES AND 10 IKE peers HOLY crap!!!!
Link Posted: 10/25/2004 8:31:50 AM EST


Close! I got special NFR pricing on my PIX 501 - $450 w/3DES and 10 IKE peers (if I recall correctly).

How do some folks live without the ability to establish IPSec VPN tunnels with other IPSec devices or clients, anyway?



Wow. I better than that (bandwidth shaping, detailed logging and intrusion detection, essentially unlimited IKE peers, VPN over either IPSec or PPTP, unlimited firewalling capability) with a $300 PC and OpenBSD....

Link Posted: 10/25/2004 8:33:47 AM EST

Originally Posted By Cleatus:
WITH 3DES AND 10 IKE peers HOLY crap!!!!





The licensed features affect the price, that's why I mentioned it (I know, who gives a crap). I can't recall if I had extra for 3DES. Something tells me I did.

Anyway...
Link Posted: 10/25/2004 8:38:35 AM EST

Originally Posted By ChiefPilot:


Close! I got special NFR pricing on my PIX 501 - $450 w/3DES and 10 IKE peers (if I recall correctly).

How do some folks live without the ability to establish IPSec VPN tunnels with other IPSec devices or clients, anyway?



Wow. I better than that (bandwidth shaping, detailed logging and intrusion detection, essentially unlimited IKE peers, VPN over either IPSec or PPTP, unlimited firewalling capability) with a $300 PC and OpenBSD....




Ya, I know. For a while I had one of my RedHat boxes performing VPN duty. It was older than dirt, and it died. I got reimbursed for the PIX. Either way works for me.
Link Posted: 10/25/2004 8:38:44 AM EST

Originally Posted By Dave_A:
Software firewalls are snake oil, crap, SHIT... Get it?

If you *really* want to run one, the one that comes with Windows is just as useless & innefective as the others, so go ahead, use it...

But in the end, the only firewall worth it's salt is the hardware kind...



Are there hardware firewalls that will allow application-specific access rules?
Link Posted: 10/25/2004 8:40:16 AM EST

Originally Posted By the:

Originally Posted By Dave_A:
Software firewalls are snake oil, crap, SHIT... Get it?

If you *really* want to run one, the one that comes with Windows is just as useless & innefective as the others, so go ahead, use it...

But in the end, the only firewall worth it's salt is the hardware kind...



Are there hardware firewalls that will allow application-specific access rules?



Yup.
Link Posted: 10/25/2004 8:41:29 AM EST
I tend to stay away from Symantec produts such as Norton after learning that they were antigun.

www.wmsa.net/prohibition/symantec.htm

I sent an email to them about a year ago asking about their policy and received no response.

Ed
Link Posted: 10/25/2004 8:49:28 AM EST
There is NOTHING wrong with software firewalls. Are you going to tell me Checkpoint sucks? What do you think hardware firewalls are? Software burned onto a chip.

I use open bsd 3.5. Works just great.
Link Posted: 10/25/2004 8:53:06 AM EST
I use Zone Alarm. Its free, and does an excellent job at what its supposed to do.
Link Posted: 10/25/2004 9:03:29 AM EST
I use Black Ice and am very happy with it. I tried Zone Alarm several years ago and was not pleased.
Link Posted: 10/25/2004 9:05:40 AM EST

Originally Posted By peekay:
There is NOTHING wrong with software firewalls. Are you going to tell me Checkpoint sucks? What do you think hardware firewalls are? Software burned onto a chip.

I use open bsd 3.5. Works just great.



checkpoint costs several thousand for a license.... (unless they have a home user version for several hundred.. )
Link Posted: 10/25/2004 9:08:00 AM EST
www.smoothwall.org

Use that old POS you have laying around to run this.
Link Posted: 10/25/2004 9:09:17 AM EST

Originally Posted By Flushdraw:
I use Black Ice and am very happy with it. I tried Zone Alarm several years ago and was not pleased.



Black Ice is no longer free that I'm aware of.....
Link Posted: 10/25/2004 9:19:48 AM EST
iptables

-foxxz
Link Posted: 10/25/2004 9:30:31 AM EST
I'd 2nd the smoothwall. My box ran forever without a reboot. Its free the only thing it'll cost you ia an old computer and 2 or 3 nics
Archived [ARCHIVED THREAD] - Firewall Suggestions
Page General » General Discussion
dsa
silencerShop
laRue
blackhills
gemtech
Faxxon
brownells
samson
Xtreme
primaryArms
handgunGrips
CA
ar15com
JRH
apex
delton
EagleLite
geissele
BearCreek
alienGearHolsters
bravocompany
jt
aeroPrecision
missing
Top Top