I tried a lot of diferent firewalls.
I am asking for your's opinion which firewall is good and which is bad for win2k?

regards
Nebivedu

I perfer the NeoWatch software Firewall. There are no vulns. for it that I know of. when you find a good firewall, go here (http://scan.sygatetech.com)

hands down...TINY PERSONAL FIREWALL for software anyways.
the rules management is the closest you will come to a HW firewall.

a software-on-box firewall is no god.

Go to the local dump and find you´re self a 386´er or something like that. Go out and by two netcard adapters, and kick a linux dist into it, read the IPCHAINS-Howto and then you are rolling the dance floor with a firewall that rocks.

I know somebody belives that hardware firewalls are much more secure, and there is different views of that, however my view of the case is that a "real" box has much more processor power and can do much more in less time, but enough of that. This is´nt supposed to start a flamewar about hardware vs. software firewalls!

a linux box is considered a hardware firewall, and odds are, even after reading the howto, it won't be easy to configure it properly.

I do think that it is a great idea though.

If you are going to learn to configure a firewall with linux, you'd be better using iptables rather than ipchains.

I guess that depends a bit.... But ZoneAlarm or TPF is great! And free! :p

Originally posted by petemcevoy
If you are going to learn to configure a firewall with linux, you'd be better using iptables rather than ipchains.

Thats for sure, but i just dont know if there exists a uptables-howto.

I haven´t got a internet connection at home so i only have the howtos that goes along with slack 8.0

If you want a really robust firewall, with a really neat IP Filtering system, why not have a try at openBSD ? That's what I used at home, and ... well, it fits the need I have.

Jean-Francois.

I am realy sorry. I didn't told you that i need a good firewall for M$ win2k, because i work with autocad and autocad do not work under linux.

Nebivedu

Originally posted by nebivedu
I am realy sorry. I didn't told you that i need a good firewall for M$ win2k, because i work with autocad and autocad do not work under linux.

Nebivedu

What I mean is that it should be safer to have one computer for firewalling and another one with your apps ...

Jean-Francois

nebivedu: You havent been listening have you?

[i]Go to the local dump and find you´re self a 386´er or something like that. Go out and by two netcard adapters, and kick a linux dist into it, read the IPCHAINS-Howto and then you are rolling the dance floor with a firewall that rocks.
[/B]

I've heard that the TPF is good. The one I use is ZoneAlarm. I have it operating systems ranging from win 95 all the way up to Win2k Prof. It has worked really good so far.

How would you set up a linux firewall?

cybermike_dk,

There are actually several howtos for iptables.
do a search in google for:
advanced routing howto
iptables howto
packet filtering howto

of course this requires a net connection, so you may be SOL on that, since you stated you have none.

However if you have iptables on your machine, then you should have the man page for it too.
That will show you the command options and arguments. However it is fairly limited on explaining the concepts behind the options, so you learn the syntax from the man pages, but possibly not the concept, or practical application if it.

of course that is dependant on how good you are at trial and error, and improvising. :]

netbivedu,

The only firewalls I have ever seen in use in win systems are Zone alarm and black ice, as far as I can tell they work pretty good.

but the others are right. Having a separate firewall box is generally better than simple software firewalls.

i´ll look into it.

The reason why i picked ipchains is that when i installed my slack on the firewall box, i could choce between iptabels and ipchains,(which ofcourse was different kernels i installed) but i picked ipchains bicause i knew how to configure it :) lasy as i am :D

You should have chosen iptables, you can still use your ipchains script with iptables using loadable compatability modules