I entered the world of high speed cable modems this week, and boy, is it SWEET! [:D]

 Anyway, now I have to install firewall software, but have no idea which I should choose. I own an Apple G4, and any help in this matter would be appreciated.

I'm using the free one called "Zone Alarm".  It tests fine.  You can get it here: [url]http://www.zonelabs.com/CS/homeoffice.html[/url]

Oh, I forgot.........Zone Alarm has a "lock" function which will lock your connection after a certain period of inactivity.  Perfect for "always-on" internet connections.

Ditto the Zone Alarm, it's free

There was a thread about this awhile ago.. long while...


I have/had Zone Alarm PRO. I wouldn't go for it if I were you...

I got "hacked" twice with it. Plus, 3 times, it just "stoped working"   and I had to reinstall it.

For a good one, check out www.consealfirewall.com (i think). It's called PC CONseal Firewall. A VERY good one! 49.95, i know i know, but it is well worth it.

I'll second, or third, Zone Alarm.  Works great and you can't beat the price.

I have also used Zone Alarm, it is good.. I prefer another lesser known FREE firewall which I think is better, the tiny personal firewall, it also checks to make sure the programs that you are using to access the internet(IE ect.) have not been comprimised (trojan, net bus ect.) I have tested this one @ www.grc.com shields and port test ... all ports STEALTH..

much better than most of the pay ones..

you can get it @ [url]http://www.tinysoftware.com/download.php[/url]

just my opinion,

Agwood

If you're looking to spend some $. You're better off going with hardware.

Go here and start reading:

[url]http://www.practicallynetworked.com/[/url]

Thanks for the input guys, but none of the suggestions posted are compatible with the Apple OS.
Anyone out there running a Mac with a cable modem?   [:\]

My mistake, not Apple compatible..........sorry.

This might help..........
[url]http://www.apple.com/downloads/macosx/networking/brickhouse.html[/url]

If you really want to learn someting, go here:  [url]http://www.antionline.com/index.html[/url]

The best firewalls?
Are hardware ones.


Captain Obvious
Check what your configuration settings are, some proggie is acting as a local or internet server.. None need that, unless you are d/l'ing an upgrade etc, they only need access to the web.

Zone Alarm is not hack proof. If you can get Black Ice for that machine, do it. It's a more secure product.

Zone Alarm works for me

BlackIce.  Run in concert with Norton AntiVirus.  I'm getting 20-30 attempts to hack a day on cable modem (RoadRunner).  They are looking for trojan horses etc to enter your PC.  Do not store any account information, SSN, etc data on your computer.

[url]www.firewallguide.com/[/url]

[url]www.pcworld.com/resource/printable/article/0,aid,17759,00.asp[/url]

[url]www.securityportal.com/firewalls/[/url]

Try [url]www.blackice.com[/url]

Skip the whole software fiasco and get yourself a mini-firewall router.  They are a lot less trouble to maintain/configure, and multiple computers can share the cable.

[URL]http://www.smc.com/barricade/[/URL]

[URL]http://www.linksys.com/products/product.asp?prid=20&grid=5[/URL]

Black Ice with "nervous" settings works for me.

Jay
Arizona

I don't know anything about the apple platform, but not all firewalls are equal.  Agwood, you are absolutely correct, if you are serious about security, go to Steve Gibsons site at www.grc.com.

I've been following this guys work for awhile and he is top notch.  He describes the hot ticket for home network security as being a combination of the Linksys 4-port router (as mejames suggested) and the free Zonealarm product.  Tiny Personal Firewall is described as being as good but more difficult to implement.  I currently use the free Zone Alarm and have had no problems (still want to try-out TPF, though).

He has a good scorecard and explanation for different firewalls on his page.  Check under the "Leak Test" links.  If you use Black Ice Defender, you should really check this out.

For those hell bent on tight security, you also need to consider strong encryption of private files, file wiping software, up-to-date antivirus software, regular back-ups to CDROM or tape, consistant personal policies for file sharing and access, and maybe opt for the bonded, steel-mesh lined room to avoid TEMPEST monitoring (ok, don't gut the walls in your basement just yet).

If you do alot of banking, investing, financial record keeping, or remote access to critical systems on the same machine your family uses for entertainment/email/games/etc..., you should also put together a plan for what to do if and when you discover your system has been compromised.  A list of numbers you can call immediately to freeze your passwords and accounts is a good start.

No, I don't wear the "tinfoil hat", but my systems hold important and private data.  I intend to keep it that way, and I do believe that we will see more crimes that revolve around this issue in the future.

ControlFreak:
Nessus is an awesome security checking tool, but has limited viability for most people here I would imagine.  grc.com is crap for more than a very basic port scan.  

Best bet for security is the hub router doohickeys out there.  They are adequate for most people's needs.  Simple, pretty reliable and drop into place.  

Computer security is very similar to gun safety...it's only as good as the person handling it.  Never trust a firewall/proxy/router/triggerlock/chamberindicator/safety to tell you it's safe.  Control Freak has some good points.  
This message is worth every cent you paid for it.

You're right sfoo, the portscan is sort of weak in that it's not checking for the various services that could be running on your machine.  However, most PC's at home probably don't run any servers (at least, that they know of).

Without any protection, they will answer whether their ports are open or closed, thus confirming that there is a machine at a given address, and giving the attacker a starting point for checking services.  With protection, they may not answer at all, making it look like it is an unused address.  Any unknown servers, or trojans, will be stopped through permissives for outgoing transmission, and Zone Alarm (at least for awhile) was the only one that generated a sort of encrypted CRC on a per file basis for programs requesting outgoing transmission.  This keeps trojans from being renamed "explorer.exe" and working under the guise of being "Internet Explorer" and such.

You're also right in that hardware is the way to go.  Software firewalls will cost you some throughput.  Zone Alarm is still free for people who can't/won't go that route, and that's some pretty cheap insurance.

I hope I didn't get anyone worried that the firewall they use is junk.  It may depend on what version you use.  Most companies have been pretty good about fixing faults, but I haven't really kept-up on them all.  When the firewall craze hit the home PC, there were alot of them that got marginal ratings from what I've read (the advertiser-supported places are so hard to believe), but that was a year ago.

hackers see that and just laugh, all zone alarm will do for you is keep you in, sorta like the berlin wall.

Get you one of those linksys routers, with that your machine is not using a public address (imposible to hack) also it should work with Macincrap.

BlackIce is a joke too.

Have you found major flaws? I'm interested.

There's another free one out there: [url]http://www.sygate.com/products/shield_ov.htm[/url]

Anyone tried it?

First of all, I would like to say that ALL firewalls are software based. Some run on dedicated equipment, but the hardware always has an operating system and the OS then runs a Firewall app. That being said, for home use I use Black ice. Zone Alarm is OK, but Black ice is a little better. I like the feature that lets me know the perps IP addy and host name (if they are not using spoofing). That allows me to report the little pricks to their ISP. Most of the stuff you will see on your reports are going to be "Script kiddies". These are people who just search the net for tools or exploits other peole have created. I hate to say it, but if someone wants into your system and they know what they are doing, they will get in. The best you can hope for is to keep the script kiddies out. BTW, I was the network Security Manager for the Minnesota National Guard for a while. So I do kinda know what I am talking about.

Aviator

Nothing is impossible. Trust me.


Aviator

As a small example of how easy it is to hack a site or system. Let me use the following scenerio...

Lets say I am an anti gun person (I am not). I find a site that infuriates me. It's called www.ar15.com. I want to take this site down. Well, I have the name of the site. What I need now is an IP address, and what would really be useful is to know the Operating System and the Web server software it is running on. So first Ill go to network solutions or somewhere and do a whois... it returns the following info..

Organization:
     Edward Avila
     Edward Avila
     XXX XXXXXXXX XXX
     XXXXXXX, NY 14526
     US
     Phone: 716-230-XXXX
     Email: XXXXXXXXXXXXXXXX

  Registrar Name....: Register.com
  Registrar Whois...: whois.register.com
  Registrar Homepage: http://www.register.com

  Domain Name: AR15.COM

     Created on..............: Fri, Mar 28, 1997
     Expires on..............: Fri, Mar 29, 2002
     Record last updated on..: Tue, Feb 20, 2001

  Administrative Contact:
     Edward Avila
     Edward Avila
     XXXXXXXXXXXXXXXXXX
     XXXXXXX, NY 14526
     US
     Phone: 716-230-XXXX
     Email: XXXXXXXXXXXXXXXXX

  Technical Contact, Zone Contact:
     Register.Com
     Domain Registrar
     575 8th Avenue - 11th Floor
     XXXXXXXXXXXXXXXX
     US
     Phone: 212-798-XXXX
     Fax..: 212-629-XXXX
     Email: [email protected]

  Domain servers in listed order:

  DNS35.REGISTER.COM                                216.21.234.88    
  DNS36.REGISTER.COM                                216.21.226.88    

OK, now I have the DNS server, and site IPs. To get the OS and wb server stuff, I go to www.netcraft.com and go to what is that site running. from there I get the following...

The site www.ar15.com is running Microsoft-IIS/5.0 on Windows 2000

I also notice is has been 3.42 days since the last reboot.

Now, with all this info, all I (as a script kiddie) need to do is go find a exploit for that operating system. Fairly easy. I am not going to direct you to that info because this is not a hacking class, just wanted to show you how easy it really is to get into a system. So far I have spent 3 minutes on this. This works for home computers also.

Aviator


Edited to remove more info from the reports. Do not want to make the sysop mad  

Aviator, you're right.  The hardware routers will be running software (firmware for the os) to provide programmable filtering.  You're also correct that nothing is impossible.  Even so, most home users have the benefit of not running servers to attack (unless they have chosen to run web/ftp/napster/etc... or have already been compromised by a trojan).  I think alot of home users are still dial-up as well, which means they're not always available to attack.  Further, when they do connect, there is a limited amount of time to attack, and they probably won't be assigned the same ip address on the next connection (dynamic ip addressing).

I still recommend that people use firewalls and once they move to constant connections they should become mandatory.  This convenience usually comes with a static ip address, making it easier for repeat attemps to access, and being always on takes the limited time out of the picture (unless you shut your computer off at night).  

Again, if your not running servers, your safety is inherently better.  Also, if you only make use of TCP/IP protocols for what you do, by all means unbind the default NetBEUI and IPX protocols from your hardware adapter.  


http://grc.com/su-firewalls.htm

http://grc.com/lt/scoreboard.htm

http://grc.com/lt/hardware.htm


Check out the scoreboard link for how products compare.  There is alot of good info on Steve's site.

Another idea is Coyote Linux.  If you have an old 486 or better machine and two network cards you can setup an ip filtering firewall.  Download an executible (for Windows at least, not sure about Mac) and run it to create the OS (Coyote Linux) on a floppy disk.  When you create the floppy you tell it the kind of NIC's you have for it to includ drivers (only certain ones supported but good selection).  Then you boot from floppy (no HDD needed) and can setup rules to filter by IP address.  Includes telnet server so you can run without having a mouse, keyboard, or monitor hooked to it.  This would be similar to the Linksys firewall router someone mentioned - but this is free if you have the old hardware and more fun to play with if you are so inclined.

matthew, I remember looking for that awhile back.  It sounded like a good learning project, would you have a link?  Did it go by another name as well?  I keep thinking I've heard of this, but 'Coyote' doesn't ring a bell.