Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Firewall
#1
What is the best firewall out there for a home system?
Reply
#2
I use Norton Personal Firewall..and to me it works great, buts its also the only thing I've ever had...
Reply
#3
I've tried at least 3 different software firewall and each one has screwed up my system so bad that I couldn't send stuff out to people, couldn't play games, couldn't even talk to people on ICQ/msn/Trillian

They screwed up my system so bad that I had to reformat my system to get things working right again.
Reply
#4
I use a router over my cable box and at home use this and a firewall my son has set up but I'm not sure of his system, I do know that it overflows alot.
Reply
#5
I have always used FreeBSD or Linux based home firewall/routers. All you need is some shitbox
PC and 2 network cards and you're ready. HARDWARE firewalls are definately the way to go. Don't
go for this software based crap like Zone Alarm or the all controlling Norton Firewall. I use Mandrake Multi Network Firewall (MNF) which is based on Mandrake Linux. It runs on an IBM Pentium 3 box i have and the download is FREE from www.mandrake.org. You burn the ISO images to CD's and install. It takes me about 8 minutes to install the linux and about 30 to configure the RULE sets for the firewall. Once you install the Linux, you can connect to the inside network card via an inside PC and connect to https://192.168.1.1:8443. The firewall utilized ssl certs to connect to the configuration page. It lets you see real time intrusion graphs with in/out data and PRELUDE/SNORT intrusion detection systems.

If you are gonna protect your work network, use Cisco devices. But at home...try a linux based firewall. Hell...if I HAD too...id even go buy one of those LinkSys routers (which can be configured for filtering).
Reply
#6
I've used quite a few different firewalls, and whilst some people would say don't use software based ones... it's a bit inpractical for the average home user to setup and configure a linux-based firewall.

As far as a firewall screwing up your machine, I've only known one to do that... The rest just require a reasonable knowledge of configuration...

If you do go for a desktop firewall, make sure to get one that has Application-level security as well as rule-based. Thsi will enable specific applications to be allowed, along with anything that connects to say port 25 (SMtP).

Again, rules-based items are usually more advanced and would be something that a geek would tell you to insert somewhere.

I am actually using a mixture of Zone Alarm PRO and Kerio Personal Firewall. Zone Alarm, I use on the XP machine that's actually connect to the net, because I know the rules won't change that often. Kerio, I use on the laptop, because it's smaller, lighter, and easier to use with the rules changing so much.

At work, it's Firewall-1 on a Linux machine. Rarely has an issue, and has some pretty neat reporting that it can perform to check on things.
Reply
#7
Something like Zone Alarm can detect strange activity on the local system
(inbound or outbound) which is very useful. The disadvantage is that if
the machine is compromised (via a trojan or virus), the personal firewall
can easily be circumvented. A dedicated firewall requires a little
more effort to circumvented. They can also take the load off the PC in
the case of a DOS attack so the PC and LAN are still useable. Many
dedicated firewall appliances are designed with the assumption that the
local machines are trusted and the outside world is not. For most users
this kind of security is good enough.
Reply
#8
meh..Norton personal firewall hasn't failed me yet.
Reply
#9
I use a linksys router/gateway/switch, works wonders, up to five devices on the network too. Isn't that expensive, and the brand is well known for reliability.
Reply
#10
i use matches.
Reply
#11
All I can say is AMDs tend to overheat and wear out too fast and Pentium is the processor to get these days.....


:P
Reply
#12
they dont OVER heat, they just get hot.....take off your heat sync if you want to see overheat (and possibly fire).
Reply
#13
but amd's clock at 10 percent faster than the same pentium, have enough fans, no problem.
Reply
#14
Correction...you can get around 250 PC's connected to a LinkSys router using a switch with the available 5 ports built in to it.
Reply
#15
FreeFall,Aug 13 2003, 12:26 PM Wrote:meh..Norton personal firewall hasn't failed me yet.
Same here...
Reply
#16
Quote:
Quote:QUOTE (FreeFall @ Aug 13 2003, 12:26 PM)
meh..Norton personal firewall hasn't failed me yet.

Same here...

when has someone tried to hack your pc? how do u know if it's good enough if no one has tried to actually 'ice' it? and does this sort of thing happen a lot?...just curious.
Reply
#17
Here's my firewall logs for just today:

Wed Aug 13 09:21:11 2003 - Wed Aug 13 09:21:11 2003 ARP address mismatch 0:40:10:c:18:db N/A ff:ff:ff:ff:ff:ff N/A

Wed Aug 13 09:30:59 2003 - Wed Aug 13 09:30:59 2003 ARP address mismatch 0:40:10:c:18:db N/A ff:ff:ff:ff:ff:ff N/A

Wed Aug 13 09:34:28 2003 - Wed Aug 13 09:34:28 2003 ARP address mismatch 0:40:10:c:18:db N/A ff:ff:ff:ff:ff:ff N/A

Wed Aug 13 13:21:46 2003 truncated IP 216.37.68.121 N/A 225.1.2.3 N/A

Wed Aug 13 16:24:32 2003 truncated IP 216.37.68.121 N/A 224.0.0.10 N/A

Wed Aug 13 17:25:56 2003 Options not valid 216.37.77.172 N/A 239.255.111.109 N/A

This is just what is monitored with my Prelude Intrusion Detection System.
My SNORT logs are immense. I am just Joe Blow to the world so you can guess who is knocking on YOUR doors too. If you have your filtering rules set just right...no one should be able to 'ice' it and you DONT want to find out. Trust me .asm, someone is scanning your subnet right now examining all the addresses in your block. I get scans for open ftp, telnet and sql ports EVERYDAY.
Reply
#18
.asm,Aug 13 2003, 07:43 PM Wrote:
Quote:
Quote:QUOTE (FreeFall @ Aug 13 2003, 12:26 PM)
meh..Norton personal firewall hasn't failed me yet.

Same here...

when has someone tried to hack your pc? how do u know if it's good enough if no one has tried to actually 'ice' it? and does this sort of thing happen a lot?...just curious.
I get warnings all the time of people trying to break in with trojans etc. but they've always ended up being blocked. So I'm fairly confident with the firewall i use.
Reply
#19
PIX,Aug 14 2003, 03:01 AM Wrote:Here's my firewall logs for just today:

Wed Aug 13 09:21:11 2003 - Wed Aug 13 09:21:11 2003 ARP address mismatch 0:40:10:c:18:db N/A ff:ff:ff:ff:ff:ff N/A

Wed Aug 13 09:30:59 2003 - Wed Aug 13 09:30:59 2003 ARP address mismatch 0:40:10:c:18:db N/A ff:ff:ff:ff:ff:ff N/A

Wed Aug 13 09:34:28 2003 - Wed Aug 13 09:34:28 2003 ARP address mismatch 0:40:10:c:18:db N/A ff:ff:ff:ff:ff:ff N/A

Wed Aug 13 13:21:46 2003 truncated IP 216.37.68.121 N/A 225.1.2.3 N/A

Wed Aug 13 16:24:32 2003 truncated IP 216.37.68.121 N/A 224.0.0.10 N/A

Wed Aug 13 17:25:56 2003 Options not valid 216.37.77.172 N/A 239.255.111.109 N/A

This is just what is monitored with my Prelude Intrusion Detection System.
My SNORT logs are immense. I am just Joe Blow to the world so you can guess who is knocking on YOUR doors too. If you have your filtering rules set just right...no one should be able to 'ice' it and you DONT want to find out. Trust me .asm, someone is scanning your subnet right now examining all the addresses in your block. I get scans for open ftp, telnet and sql ports EVERYDAY.
Yeah, I got lots too, in fact I have actually decided to exclude them from the logs because it's so common... that and smtp to workstations rather than servers...
Reply
#20
FreeFall,Aug 14 2003, 01:00 PM Wrote:
.asm,Aug 13 2003, 07:43 PM Wrote:
Quote:
Quote:QUOTE (FreeFall @ Aug 13 2003, 12:26 PM)
meh..Norton personal firewall hasn't failed me yet.

Same here...

when has someone tried to hack your pc? how do u know if it's good enough if no one has tried to actually 'ice' it? and does this sort of thing happen a lot?...just curious.
I get warnings all the time of people trying to break in with trojans etc. but they've always ended up being blocked. So I'm fairly confident with the firewall i use.
Lol man I'm glad you feel like talkin ff..now all I have to do is same here :P
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)