Jump to content
Compatible Support Forums
Sign in to follow this  
bobbinbrisco

Best free firewall software

Recommended Posts

does anybody know of a good free firewall software that can run on Win2k?

 

or is a firewall unneccessary?

Share this post


Link to post

Well, if you use an always-on connection (DSL, cable) it's something you really should get. If you have dial-up, it's not something that's really necessary.

Zone Alarm is my recommendation.

Share this post


Link to post

It is not necessary on my opinion.

If you are W2k, disable the guest account and remove file and printer sharing binding on your connection TCP IP.

 

If you are really paranoid you can actually define which ports to be open or blocked on you leisure.

Firewall SW especially "AMATOUR" ones like zone alarm etc. does not relly protect you it gives you a toy to play with.

Symantec corporate and the Lucent ones are good.

I have heard good about the Cisco Although I have not tryed/tested it myself smile

Share this post


Link to post
Quote:

It is not necessary on my opinion.
If you are W2k, disable the guest account and remove file and printer sharing binding on your connection TCP IP.

If you are really paranoid you can actually define which ports to be open or blocked on you leisure.
Firewall SW especially "AMATOUR" ones like zone alarm etc. does not relly protect you it gives you a toy to play with.
Symantec corporate and the Lucent ones are good.
I have heard good about the Cisco Although I have not tryed/tested it myself smile


I use Zonealarm myself and I really like it, but your not the first person I've heard that isn't impressed with Zonealarm. But, it does block all your ports when you're in high security mode and restricts program's access to the internet so I don't understand why alot of network people don't think it's very good. Maybe I don't need it since I use W2K and have my guest account disabled?

Share this post


Link to post

ZoneAlarm and Black Ice Defender are decent little firewalls. I believe they allow for both inbound and outbound reporting (who's knocking at your door) and port control. I guess they could be considered "amateur" level packages, but they do work well for small networks. They are much better than the "built-in firewalls" that some consumer level routers claim to have. Those are, in fact, NAT (Network Address Translation) devices and just by virtue of design have the side effect of obscuring your systems behind one IP. I have heard that Norton has a decent software package, but I do know that Checkpoint puts out top-shelf packages for commercial level protection, and Cisco has nice units (like the PIX 520 that I work with) that are hardware devices with proprietary software running them.

Share this post


Link to post

Well said clutch!

i would really recommend the Symantec and Lucent packages. Symantec even let's you try it (trial).

I have never come across checkpoint but heard nothing but good about it. I have no need for a new one but I will keep it in mind in the future.

 

ZoneAlarm BlackIce etc. does not impress me much since they are usually quite easy to fool or crash. And anyway the real security threat nowadays is the Microsoft itself.

Just look at the IIS.

Some seurity expert said it has more holes than swiss cheese.

 

For home computing there is not much threat since the number of people who can really get in are very limited despite what every 15-17 yrs old who can install windows or connect 2 compute4rs claim smile

 

So It is not the quality of protection rather unnecessity in my opinion.

Share this post


Link to post

If you have an old box lying around, give SmoothWall a go. Runs on 'I think' a 486 or above and is dead easy to use and install. It is a distro on Linux, but don't let that throw you off, it's actually quite good. Totally controlled through a browser on any of the clients machines in the network. I've only been using it for a few weeks, but haven't had any probs as yet. But like I said, you need another box to run it off, so might not be very convenient for you.

 

SmoothWall

Share this post


Link to post

Guys. You don't have to know *anything* to get into anyone's box. Heck there are guides and programs now that tell you what to do to get into someone's box. One program off the top of my head can list all of your local admin accounts and categorizes the different things that are open and it's FREEWARE!

 

If someone's angry at you. In 1 HOUR using www.google.com they can have everything they need to screw you over. It's that simple.

Share this post


Link to post

Totally right dos freak but you should also know this stuff does not actually hack smile

They exploit security hole's on MS software or Linux or whatever. And even they can list the adminsitrative users etc. there is not much they can do.

If you are really paranoid you can also disable the remote acces on Local security Policy snap in. So no matter what password nobody can do anything.

 

So as a result if you have to have remote access and such Firewall helps (web servers etc) but Microsoft messes it up anyway.

For home computing It is not needed in my opinion just slows down the machine and wastes memory and also costs money. smile

But I am gonna have a look at that smoothwall.

 

BTW what do you use Dosfreak?

Share this post


Link to post

ZoneAlarm is actually one of the most secure firewalls (for it's price point).

 

It generates a unique code everytime an application trys to access the net. If the code doesn't match up, the app is denied.

 

If you have a little torjan program, the easiest way to fool the firewall into letting it out it to have the torjan file called something like 'ftp.com' If the firewall has already allowed access to that app, a number of firewalls will let this pretender out to do its thing.

 

ZoneAlarm won't. It knows that this program is only pretending to be the ftp.com app and will block it.

 

For a quick test of how vulnerable (or otherwise) your PC is, visit http://grc.com and run the Shields Up and Port Probe tests.

Share this post


Link to post

I run both Zonealarm and BlackIce laugh

 

Zonealarm catches any outbound stuff and blocks most of the incoming, but Black Ice has caught a few that got past ZA though.

Share this post


Link to post

Yes bursar but this is only with the recent patches. I do remember trying Zone alarm and being able to fool it with msie.exe file name and using simple http instead of more secured UDP.

Just to show an arrogant customer of mine how much he was protected.

Now u can not do anything from http, except maybe downloading an active X you prepared earlier smile

 

At the end of the day they look cool and give you something to talk about with your mates over a burger (if you are really sad smile )And they definetly have cool interface designs.

 

Use it, do not use it. it is up to you...

Share this post


Link to post

That a good idea but I dont know if having 2 firewalls will work.

 

BlackIce is known to have a lot of security holes. And from what I can think of logically, if BlackIce has access to your system, and has security holes that a hacker knows about. Whats to say the hacker cant hack BlackICE and get into yer system while Zone Alarm didnt even see it cause it though BlackICE was taking care of it.

 

Is this possible? Just a theory of mine. If this works way better, then I'll install BlackICE too cause I bought that POS a while back and liked it but got hacked a few times so I said screw it.

Share this post


Link to post

With both progies running, ZoneAlarm shields BlackIce from most of the attacks/probes. BlackIce has picked up a few though.

Share this post


Link to post

yeah... But I think there might be a way around all that and still hack your system with out either of them knowing...

Share this post


Link to post

I personally use Zonealarm, mainly coz it catches outbound traffic, There is a way you can test your firewall whatever it is.

Go to www.grc.com there you can test your firewall for intrusion security via the web using his 'shields up' test . This Gibson guy wrote optout , to test for spyware and has since written lots of other security related testing programs, many of which are freeware. He seems to be the man regarding internet security

You can download a copy of one of his programs called leaktest, which tests outbound protection of your firewall

rgeards

Kieran

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×