Fire Wall

Discussion in 'Computer Support' started by Fergal, Jun 27, 2009.

  1. Fergal

    Fergal Guest

    Could anybody recommend a good, preferably free, fire wall, other than Zone
    Alarm please?
    Many Thanks for any replies.
     
    Fergal, Jun 27, 2009
    #1
    1. Advertisements

  2. Fergal

    Evan Platt Guest

    Kerio Personal Firewall
    http://www.sunbeltsoftware.com
     
    Evan Platt, Jun 27, 2009
    #2
    1. Advertisements

  3. Fergal

    zvnteq7 Guest

    get a router
     
    zvnteq7, Jun 27, 2009
    #3
  4. Fergal

    Fergal Guest

    I have a router, does that make a difference?
     
    Fergal, Jun 27, 2009
    #4
  5. Fergal

    Aardvark Guest

    Sygate Personal Firewall
     
    Aardvark, Jun 27, 2009
    #5
  6. Fergal

    zvn[]teq[7] Guest

    That's a hardware firewall basically. that + the XP Sp2 firewall should
    be enough, unless you are a crazy websurfer that goes to lost of porn
    sites, then you should get a software FW like Kerio or ZA, etc.... with
    outbound protection
     
    zvn[]teq[7], Jun 28, 2009
    #6
  7. Fergal

    VanguardLH Guest

    Fergal wrote:
    Depends on the router. However, like the Windows Firewall, the
    router's firewall only handles unsolicited inbound connect attempts.
    What features are available depend on the router brand and model. If
    you don't have the manual for your router, go get a copy from the
    vendor's web site. Then start reading.
     
    VanguardLH, Jun 28, 2009
    #7
  8. Singapore Computer Service, Jun 28, 2009
    #8

  9. isn't the main issue that we should tell all who venture here to keep
    their windows machines fully patched and give up Internet Explorer and
    Outlook express and use well developed open source products instead?
     
    Caulfield Man, Jun 28, 2009
    #9
  10. Depends. Most routers do NAT (network address translation) from the
    routeable public IP addresses to private internal ranges. Which means, PCs
    and other devices will not be visible or reachable from the outside - which
    only sees the router.
    However, there are backdoors like UPnP (universal plug&pray) and routers
    listening to that may open ports for forwarding directly to a host inside.
    That can be useful for accessing webservers inside, or sharing (p2p), but it
    may open security holes as well - some malicious software/script received by
    email or even web access, may exploit that. General recommendation is to
    make sure your router has
    - a strong password, do not leave the default
    - remote maintainence access restriced to the internal LAN, never from
    wireless or wan side
    - applied the most recent stable firmware update if applicable
    - UPnP set to off
    - "stateful packet filtering" or similar settings left to "enabled"
    - forwarded only vital service ports, to well secured pc's or devices inside

    A "personal firewall" on a PC is compareable to a little nice-looking brick
    wall built on a wooden desktop: basically useless.
    Reason is, it brings no additional protection against incoming threats, just
    notifies the user on outgoing requests of "unknown" programs and maybe
    portscans.
    Portscans are sometimes interesting to know of, but they do not introduce
    danger by themselves.
    Outgoing requests ... well, if a malicious program does that, it already has
    installed and your system is already compromised. You are one (too many)
    step(s) behind then.
    What you really should do is tighten your settings:
    do not run daily tasks, in particular surfing and mailing - internet access
    - as a user of the administrators group. Create a "restricted" account for
    daily work/surfing, and use "run as" or the admin account only for installs
    and updates, connecting only to trusted sites, never open email attachments
    as admin.
    One of the most serious impeachments against Microsoft is, they still make
    regular users members of the administrators group by default, even on the
    latest windows versions. UAC is only a lame crutch to control the aftermath
    of that big failure. They should have done like unix, from the beginning.

    The built-in and hopefully activated windows firewall will suffice - or a
    router.
     
    wisdomkiller & pain, Jun 28, 2009
    #10
  11. Fergal

    chuckcar Guest

    Outpost firewall. Blocks applications use of the net, IP addresses,
    specifies which sites can use scripts. On and on. Further to this
    a router is neither a replacement for or any kind of parallel to
    a software firewall.
     
    chuckcar, Jun 28, 2009
    #11
  12. Fergal

    M.L. Guest

    Strongly disagree.
    A good software firewall can block specified inbound and outbound
    requests.
    Many non-malicious programs make outgoing requests that are unneeded
    or undesirable for the user.
    Vista does that natively.
    Not true with Vista.
    Using both would be better.
     
    M.L., Jun 28, 2009
    #12
  13. Fergal

    joevan Guest

    Someone else here suggested Comodo firewall. I set it up on my laptop
    with vista and it seems to be working just fine. I have bitdefender
    av so I just use the firewall part of the downloaded file of 74 meg.
     
    joevan, Jun 28, 2009
    #13
  14. Fergal

    squirltop Guest

    I've used outpost free http://free.agnitum.com/ for years, because it
    is simple. It doesn't make everything sound like
    your computer is under attack.

    They came out with the 2009 free version and that is by far the
    quietest least resource using firewall I've used
     
    squirltop, Jun 29, 2009
    #14
  15. M. L. wrote:

    :)
    Well, yes. But you can block incoming unsolicited requests with the NAT
    router or standard windows firewall as well.
    For outbound requests ... well, don't let them happen in the first place :)
    You can configure flash or wmp, or set up a proxy unbeknownst to such
    programs. And use wireshark to verify, if you are really paranoid.
    A personal firewall will only catch parts of these outgoing requests -
    mostly from "legitimate" programs. While malware tries to hide using IE
    hooks or other means, or find ways to bypass the "firewall" completely.
    Therefore, a personal firewall only makes you think you are safe, by
    occasional warnings about usually harmless events. You tend to think "if the
    firewall caught even that, it surely will find keyloggers and trojans, and I
    can safely surf to any site on the web".
    A bad mistake.
    If I have to setup a windows box, I use a registry monitor such as s&d
    teatimer, which does warn as well, but a bit earlierr - at the time the
    malware tries to setup itself in the registry or autostart.
    Ok, it UAC's them. Surely, better than nothing. But heard about the script
    to trick out Windows7 UAC?
    Well, at least in this case it doesn't harm.
     
    wisdomkiller & pain, Jun 29, 2009
    #15
  16. Online Armor by tallemu.com . The standard free version works just as
    fine. Things I like about it:

    1. lighter than ZA.
    2. ability to run apps trying to access the net in safe mode. denying
    them access to system critical resources.
    3. Its got both Program Guard as well as Firewall, so it prompts you for
    new/unknown programs that either tries to get on the net or try to set
    themselves to autostart with windows.
    4. If you've used ZA and are familiar with usual firewall prompts you
    should be upto speed with OA.

    Diabolic Preacher
    As Is
    http://abusiveviews.wordpress.com
     
    Diabolic Preacher, Jul 1, 2009
    #16
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.