User Panel
Posted: 5/19/2001 9:12:24 PM EDT
I entered the world of high speed cable modems this week, and boy, is it SWEET! [:D]
Anyway, now I have to install firewall software, but have no idea which I should choose. I own an Apple G4, and any help in this matter would be appreciated. |
|
I'm using the free one called "Zone Alarm". It tests fine. You can get it here: [url]http://www.zonelabs.com/CS/homeoffice.html[/url] |
|
Oh, I forgot.........Zone Alarm has a "lock" function which will lock your connection after a certain period of inactivity. Perfect for "always-on" internet connections. |
|
There was a thread about this awhile ago.. long while...
I have/had Zone Alarm PRO. I wouldn't go for it if I were you... I got "hacked" twice with it. Plus, 3 times, it just "stoped working" and I had to reinstall it. For a good one, check out www.consealfirewall.com (i think). It's called PC CONseal Firewall. A VERY good one! 49.95, i know i know, but it is well worth it. |
|
The best firewall software, why that must be Checkpoint's FW1, runs on NT, Solaris, it's about $5,000 for the software license (hardware not included) or more for a Nokia rackmount box that already has it installed.
|
|
I'll second, or third, Zone Alarm. Works great and you can't beat the price.
|
|
I have also used Zone Alarm, it is good.. I prefer another lesser known FREE firewall which I think is better, the tiny personal firewall, it also checks to make sure the programs that you are using to access the internet(IE ect.) have not been comprimised (trojan, net bus ect.) I have tested this one @ www.grc.com shields and port test ... all ports STEALTH..
much better than most of the pay ones.. you can get it @ [url]http://www.tinysoftware.com/download.php[/url] just my opinion, Agwood |
|
If you're looking to spend some $. You're better off going with hardware.
Go here and start reading: [url]http://www.practicallynetworked.com/[/url] |
|
Thanks for the input guys, but none of the suggestions posted are compatible with the Apple OS.
Anyone out there running a Mac with a cable modem? [:\] |
|
Originally Posted By NY Patriot: Thanks for the input guys, but none of the suggestions posted are compatible with the Apple OS. Anyone out there running a Mac with a cable modem? [:\] View Quote My mistake, not Apple compatible..........sorry. |
|
This might help.......... [url]http://www.apple.com/downloads/macosx/networking/brickhouse.html[/url] |
|
If you really want to learn someting, go here: [url]http://www.antionline.com/index.html[/url] |
|
The best firewalls?
Are hardware ones. Captain Obvious Check what your configuration settings are, some proggie is acting as a local or internet server.. None need that, unless you are d/l'ing an upgrade etc, they only need access to the web. |
|
Zone Alarm is not hack proof. If you can get Black Ice for that machine, do it. It's a more secure product.
|
|
I second Mattja's opinion. I had zone alarm but it didn't work right and I was told they aren't designed for ADSL hook-up's.*shrug* I use Black Ice now.
|
|
BlackIce. Run in concert with Norton AntiVirus. I'm getting 20-30 attempts to hack a day on cable modem (RoadRunner). They are looking for trojan horses etc to enter your PC. Do not store any account information, SSN, etc data on your computer.
|
|
[url]www.firewallguide.com/[/url]
[url]www.pcworld.com/resource/printable/article/0,aid,17759,00.asp[/url] [url]www.securityportal.com/firewalls/[/url] |
|
Skip the whole software fiasco and get yourself a mini-firewall router. They are a lot less trouble to maintain/configure, and multiple computers can share the cable.
[URL]http://www.smc.com/barricade/[/URL] [URL]http://www.linksys.com/products/product.asp?prid=20&grid=5[/URL] |
|
I don't know anything about the apple platform, but not all firewalls are equal. Agwood, you are absolutely correct, if you are serious about security, go to Steve Gibsons site at www.grc.com.
I've been following this guys work for awhile and he is top notch. He describes the hot ticket for home network security as being a combination of the Linksys 4-port router (as mejames suggested) and the free Zonealarm product. Tiny Personal Firewall is described as being as good but more difficult to implement. I currently use the free Zone Alarm and have had no problems (still want to try-out TPF, though). He has a good scorecard and explanation for different firewalls on his page. Check under the "Leak Test" links. If you use Black Ice Defender, you should really check this out. For those hell bent on tight security, you also need to consider strong encryption of private files, file wiping software, up-to-date antivirus software, regular back-ups to CDROM or tape, consistant personal policies for file sharing and access, and maybe opt for the bonded, steel-mesh lined room to avoid TEMPEST monitoring (ok, don't gut the walls in your basement just yet). If you do alot of banking, investing, financial record keeping, or remote access to critical systems on the same machine your family uses for entertainment/email/games/etc..., you should also put together a plan for what to do if and when you discover your system has been compromised. A list of numbers you can call immediately to freeze your passwords and accounts is a good start. No, I don't wear the "tinfoil hat", but my systems hold important and private data. I intend to keep it that way, and I do believe that we will see more crimes that revolve around this issue in the future. |
|
ControlFreak:
Nessus is an awesome security checking tool, but has limited viability for most people here I would imagine. grc.com is crap for more than a very basic port scan. Best bet for security is the hub router doohickeys out there. They are adequate for most people's needs. Simple, pretty reliable and drop into place. Computer security is very similar to gun safety...it's only as good as the person handling it. Never trust a firewall/proxy/router/triggerlock/chamberindicator/safety to tell you it's safe. Control Freak has some good points. This message is worth every cent you paid for it. |
|
You're right sfoo, the portscan is sort of weak in that it's not checking for the various services that could be running on your machine. However, most PC's at home probably don't run any servers (at least, that they know of).
Without any protection, they will answer whether their ports are open or closed, thus confirming that there is a machine at a given address, and giving the attacker a starting point for checking services. With protection, they may not answer at all, making it look like it is an unused address. Any unknown servers, or trojans, will be stopped through permissives for outgoing transmission, and Zone Alarm (at least for awhile) was the only one that generated a sort of encrypted CRC on a per file basis for programs requesting outgoing transmission. This keeps trojans from being renamed "explorer.exe" and working under the guise of being "Internet Explorer" and such. You're also right in that hardware is the way to go. Software firewalls will cost you some throughput. Zone Alarm is still free for people who can't/won't go that route, and that's some pretty cheap insurance. I hope I didn't get anyone worried that the firewall they use is junk. It may depend on what version you use. Most companies have been pretty good about fixing faults, but I haven't really kept-up on them all. When the firewall craze hit the home PC, there were alot of them that got marginal ratings from what I've read (the advertiser-supported places are so hard to believe), but that was a year ago. |
|
Originally Posted By WhoMe?: I'm using the free one called "Zone Alarm". It tests fine. You can get it here: [url]http://www.zonelabs.com/CS/homeoffice.html[/url] View Quote hackers see that and just laugh, all zone alarm will do for you is keep you in, sorta like the berlin wall. |
|
Originally Posted By NY Patriot: Thanks for the input guys, but none of the suggestions posted are compatible with the Apple OS. Anyone out there running a Mac with a cable modem? [:\] View Quote Get you one of those linksys routers, with that your machine is not using a public address (imposible to hack) also it should work with Macincrap. |
|
Quoted: Try [url]www.blackice.com[/url] View Quote BlackIce is a joke too. |
|
Quoted: hackers see that and just laugh, all zone alarm will do for you is keep you in, sorta like the berlin wall. View Quote Have you found major flaws? I'm interested. |
|
There's another free one out there: [url]http://www.sygate.com/products/shield_ov.htm[/url] Anyone tried it? |
|
First of all, I would like to say that ALL firewalls are software based. Some run on dedicated equipment, but the hardware always has an operating system and the OS then runs a Firewall app. That being said, for home use I use Black ice. Zone Alarm is OK, but Black ice is a little better. I like the feature that lets me know the perps IP addy and host name (if they are not using spoofing). That allows me to report the little pricks to their ISP. Most of the stuff you will see on your reports are going to be "Script kiddies". These are people who just search the net for tools or exploits other peole have created. I hate to say it, but if someone wants into your system and they know what they are doing, they will get in. The best you can hope for is to keep the script kiddies out. BTW, I was the network Security Manager for the Minnesota National Guard for a while. So I do kinda know what I am talking about.
Aviator |
|
Get you one of those linksys routers, with that your machine is not using a public address (imposible to hack) also it should work with Macincrap. View Quote Nothing is impossible. Trust me. Aviator |
|
As a small example of how easy it is to hack a site or system. Let me use the following scenerio...
Lets say I am an anti gun person (I am not). I find a site that infuriates me. It's called www.ar15.com. I want to take this site down. Well, I have the name of the site. What I need now is an IP address, and what would really be useful is to know the Operating System and the Web server software it is running on. So first Ill go to network solutions or somewhere and do a whois... it returns the following info.. Organization: Edward Avila Edward Avila XXX XXXXXXXX XXX XXXXXXX, NY 14526 US Phone: 716-230-XXXX Email: XXXXXXXXXXXXXXXX Registrar Name....: Register.com Registrar Whois...: whois.register.com Registrar Homepage: http://www.register.com Domain Name: AR15.COM Created on..............: Fri, Mar 28, 1997 Expires on..............: Fri, Mar 29, 2002 Record last updated on..: Tue, Feb 20, 2001 Administrative Contact: Edward Avila Edward Avila XXXXXXXXXXXXXXXXXX XXXXXXX, NY 14526 US Phone: 716-230-XXXX Email: XXXXXXXXXXXXXXXXX Technical Contact, Zone Contact: Register.Com Domain Registrar 575 8th Avenue - 11th Floor XXXXXXXXXXXXXXXX US Phone: 212-798-XXXX Fax..: 212-629-XXXX Email: [email protected] Domain servers in listed order: DNS35.REGISTER.COM 216.21.234.88 DNS36.REGISTER.COM 216.21.226.88 OK, now I have the DNS server, and site IPs. To get the OS and wb server stuff, I go to www.netcraft.com and go to what is that site running. from there I get the following... The site www.ar15.com is running Microsoft-IIS/5.0 on Windows 2000 I also notice is has been 3.42 days since the last reboot. Now, with all this info, all I (as a script kiddie) need to do is go find a exploit for that operating system. Fairly easy. I am not going to direct you to that info because this is not a hacking class, just wanted to show you how easy it really is to get into a system. So far I have spent 3 minutes on this. This works for home computers also. Aviator Edited to remove more info from the reports. Do not want to make the sysop mad |
|
Aviator, you're right. The hardware routers will be running software (firmware for the os) to provide programmable filtering. You're also correct that nothing is impossible. Even so, most home users have the benefit of not running servers to attack (unless they have chosen to run web/ftp/napster/etc... or have already been compromised by a trojan). I think alot of home users are still dial-up as well, which means they're not always available to attack. Further, when they do connect, there is a limited amount of time to attack, and they probably won't be assigned the same ip address on the next connection (dynamic ip addressing).
I still recommend that people use firewalls and once they move to constant connections they should become mandatory. This convenience usually comes with a static ip address, making it easier for repeat attemps to access, and being always on takes the limited time out of the picture (unless you shut your computer off at night). Again, if your not running servers, your safety is inherently better. Also, if you only make use of TCP/IP protocols for what you do, by all means unbind the default NetBEUI and IPX protocols from your hardware adapter. http://grc.com/su-firewalls.htm http://grc.com/lt/scoreboard.htm http://grc.com/lt/hardware.htm Check out the scoreboard link for how products compare. There is alot of good info on Steve's site. |
|
Another idea is Coyote Linux. If you have an old 486 or better machine and two network cards you can setup an ip filtering firewall. Download an executible (for Windows at least, not sure about Mac) and run it to create the OS (Coyote Linux) on a floppy disk. When you create the floppy you tell it the kind of NIC's you have for it to includ drivers (only certain ones supported but good selection). Then you boot from floppy (no HDD needed) and can setup rules to filter by IP address. Includes telnet server so you can run without having a mouse, keyboard, or monitor hooked to it. This would be similar to the Linksys firewall router someone mentioned - but this is free if you have the old hardware and more fun to play with if you are so inclined.
|
|
matthew, I remember looking for that awhile back. It sounded like a good learning project, would you have a link? Did it go by another name as well? I keep thinking I've heard of this, but 'Coyote' doesn't ring a bell.
|
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.