Hello all.. I hope someone can help. The other day i read a post about a good firewall and now i cannot find the post or remember the name of the file I know it is not


Tiny Personal Firewall
Norton Personal Firewall
Zone Alarm
Black Ice


I think it may have started with an "S". It sucks I cant even remember what the post was about but the person who posted it speaked very highly of it so I wanna check it out because i dont like Norton Firewall and Zone Alarm keeps on causing page cannot be displayed.

Thanks to all that reply

Sygate Personal Firewall?
Download here (http://www.knowyournet.com/downloads/spf.exe)
Homepage here (http://www.sygate.com/)

Sygate causes a lot of problems, I've heard. I'll post back with another recommendation.

Hello Euclid
Hello all.. I hope someone can help. The other day i read a post about a good firewall and now i cannot find the post or remember the name of the file I know it is not


1. Sygate Personal Firewall
2.sonicWALL

yea that was it..Thanks..will still look for recomendation though

The most secure firewall is Atguard so if you are paranoic use them...

Windows environment only but I really like Outpost by Agnitum (http://www.agnitum.com/) , Russian company, they developed Jammer and Tauscan. Outpost is developed with open architecture and supports plug ins.

I've been playing with it and would be interested in hearing other opinions on it.

TC

Yup, atguard is good, although it's a little more complicated and prompts you a lot more, so if there are other people using the comp, it could be a problem.

how effective/ineffective is it to combine various fire walls ?
like using them simultanously ?

thanks for your answers

Valentino

The more firewalls the better Valentino

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=218568#post459055) by I am a cracker
The more firewalls the better Valentino

Wrong again. *buzzer sound*

If you want protection the last thing you do is two rubbers. It's not buying you anything but instability.

Wrong again. *buzzer sound*


KorpDeath there are several kinds of hardware-based firewalls. When the information packets arrive at your network, most networks receive them using a packet filtering router(or screening router) This is one kind of firewall.

You can setup a software only firewall too. It needs not be machinery!

Another type of hardware firewall is a proxy server which can check the contents of each data packet as it arrives. How ever it slows up the system. Though when used as a cache a proxy server can improve speed of Internet access.


I use "multi firewalls"! Ever heard of "the more the merrier"

"So the people turned to their god and asked -oh lord, will you take away pain and misery? And he replied No, but I'll give you prozac I am a Cracker

Hardware and software solutions are indeed better but I believe we were speaking on multiple software firewalls. Hence my opposition.

Again it would behoove you to be more specific.

Cracker...you are just plain DUMB...

Say for example you have a web server. So you allow port 80 for http access through your internet firewall, well...now you must also allow port 80 through any other firewall you have in front of or on that firewall. The bottom line is that port 80 would still remain open. So what in this scenario would an extra firewall do for you.

Lets take the reverse scenario. Lets say you wanted to block ftp to that web server. You configure your Internet FW to block ftp traffic. Now do you really need another firewall to block traffic that is never going to get to it in the first place...Don't think so. Not to mention you are going to consume resources by using multiple firewalls.

The best solution would be to use some type of IDS. You might also be able to use a reverse proxy. And no...it does not have to be the hardware kind. Proxy software will run on just about any type of server.

KorpDeath is 100% correct in saying that multiple firewalls buys you nothing except an administrative nightmare and instability.

And for all those who actually know something might argue that there is a use for multiple firewalls. And yes you are correct if you want to separate functionality into layers (Web servers separate from application servers separate from DB servers) using a DMZ. But I am sure Cracker has no idea what that even means, so we don't have to worry.

KorpDeath and iNViCTuS - well put.

I add that unless you know why you would use multiple depth firewalls, don't.

Also - not necessarily do you need to pass p80 traffic through both firewalls. You could put in middleware and port shift traffic but this requires advanced skills. (We use it-it's good, though a bastard to configure.)

I don't get me started on multiple dmzs either, though it remains another alternative.


:D

You are right you can do port forwarding with a box between 2 firewalls.

What I was actually trying to say though (I know it was a bit unclear) is that no matter how many firewalls you have, the HTTP traffic still needs to get to your web server, therefore your risk is mainly on the integrity of your web server (IIS, Apache, etc.), Much like the unicode vulnerability. There was not much a firewall could do to protect from unicode because it was all done over the HTTP port (usually 80). Instead....it relied on a vendor patch. So as you could see, in this scenario, it really did not matter how many firewall you have. 1 or 100 would have had the same result.

Well said.

What this boils down to is no matter how many "doors" (fwalls) if you must allow something through them (eb http traffic) the "door" is open.

Therefore it does not make one more secure to add more doors. (helps with job security though :D )

I've tried all firewall mentioned here but i'm missing winroute pro... I think this is the best (software) firewall
It's got it all,. pcketfilter, portmaper, (advanced) nat ...
very secure and runs perfectly on my internet proxy machine ..