General Q's, mostly fire walls....
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: General Q's, mostly fire walls....

  1. #1
    Junior Member
    Join Date
    Oct 2001
    Posts
    9

    General Q's, mostly fire walls....

    Was wondering about zone and tiny. How safe are you with them. I figure they keep things as far as trojans from getting out, also the script kiddies from getting in. As far as actual good hackers though. How safe am I? Are they super easy to bypass for basically anyone that knows what he/she is doing.

    Also, are there ways to hide connections from netstat in dos. Basically, if I think someone is in my system, but has bypassed zone alarm. When I do a netstat, will that show that they are connected, or can they hide that as well??

    Thanks in advance.
    LuRk?!?!
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    800
    I have had great luk with Zonealarm. Have had one breach. Blocks anything that goes to or comes from your computer unless you give it permission. Haven't had a chance to try TPF yet but I have heard that it is good.
    ZA makes your computer ports invisible so it will be almost impossible to find any access points.
    if you want to test out the firewall you choose go to
    HackerWhacker,
    GRC and try there firewall tests.
    Hope thats hat you were looking for.
    [gloworange]\"A hacker is someone who has a passion for technology, someone who is possessed by a desire to figure out how things work.\" [/gloworange]
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    193
    I feel as though Zone is a pretty good firewall, if its a question of integrity. I often try to advise people to roll their own level of security though. I know there are a few sites out there that will test your over-all protection level like this site www.grc.com. As for good hackers..in all honesty it comes down to the simple "if there is a will, there is a way" idea. Peace.
    [shadow]Prepare ship for ludicrous speed![/shadow]
    Share on Google+

  4. #4
    Junior Member
    Join Date
    Oct 2001
    Posts
    9
    Thanks for the info, I was aware of the testing sites, and currently use zone alarm. I have tried Tiny but didnt really care for it. I was mostly wondering about how easy they are to bypass, I have seen multiple references on these boards about how they will not protect you if a real hacker wants in. Thats what I was wondering is if I should worrie and its super easy to bypass. Not too worried, I try not to piss too many people off online hehe. Also was wondering about the dos netstat command and if you could hide from it.

    Again, thanks for the info
    LuRk?!?!
    Share on Google+

  5. #5
    Junior Member
    Join Date
    Oct 2001
    Posts
    27

    netstat

    If they replace your version of netstat with their own modified version they can keep you from seeing any connections that they don't want you to see.

    try running a "netstat -an" , that'll list all protocols along with the ports they're listening on.

    l8r,
    Pr3shuR
    ----------
    always
    Share on Google+

  6. #6
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Cool

    I use tiny, and as with zone alarm, nothing goes in or out without your permission. It did well at hackerwhacker but I want to test it against the trojan they have at grc.com.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19
    Share on Google+

  7. #7
    Banned
    Join Date
    Jul 2001
    Posts
    264
    If you are an old-timer I am sure you well know my opinion on software firewalls and IDS.

    Basically....They are worthless, nothing more than a false sense of security.

    A firewall to be truly effective needs to be a seperate entity. no exceptions. Similar to a moat around a castle. A firewall is meant to allow ONLY the good traffic to pass to the server.

    If you are using a software firewall then the attacks/attackers are already at the door. Not to mention the fact that the IDS/firewall could be used to punish the machine it was meant to protect. If you do not have the resources to buy a good hardware firewall appliance, then look in the paper, and find someone selling any older PC for around $75-100. Add another NIC to it and install BSD or Linux. Each distro has the ability to be *just* a firewall. At install time it is one of the options.

    -Q
    Share on Google+

  8. #8

    Post

    Originally posted by NoNeckJoe
    If you are an old-timer I am sure you well know my opinion on software firewalls and IDS.

    Basically....They are worthless, nothing more than a false sense of security.

    If you are using a software firewall then the attacks/attackers are already at the door.

    -Q

    Better to just keep them at the front door rather than let 'em in!
    Not everyone can afford to buy a new box just to run as a firewall, especially when the majority of software firewalls are free!


    I think that if you've configured your firewall correctly (and lets face it....it's not very difficult) then you're a hell of a lot safer than a box without a firewall.


    As for prefrences I think Tinys' Firewall is the best currently available, just my opinion.
    Share on Google+

  9. #9
    Junior Member
    Join Date
    Oct 2001
    Posts
    9
    whoooo, good info, thanks! Ok, more Q's....


    Pr3shuR: Thanks will give that a shot


    ThePreacher: The trojan thing was weak, all it is, is a program that trys to contact grc. Its meant to be simple though. If your firewall doesnt catch that though, then u got probs hehe. It does its job though. Just dont expect alot of bells and whistle's.

    NoNeckJoe: Hrm, yeah would be nice, but gotta get the funds for that. Was wondering, I have a 10/100 3com hub. Do you know of anyway that I can set that up to have the cable modem plugged into the hub, and have 2 computers also plugged into hub and able to access the internet. I do not have a router or anything, so its pretty much hub only. On firewalls and such right now making sure im patched up and running ZA is about all I can do.

    Also what do you think about the routers they have out now, like linksys that come with DHCP nat and firewalls? Gud/suck/noway?


    Conf1rm3d_K1ll: Troo, better have something then nothing. I used tiny for a bit, but its too quiet, zone warns me whenever something trys to get to the net, also gives me hit counts and such. Who is trying to get in where. Again, I used tiny for a bit, but do not know it that well. I also like zones options of letting stuff access the net only when I want it too. Say like winamp, it allways ask to get to the net, if im running shoutcast then I allow it, if not then I dont allow it. With tiny it seems like I couldnt just click allow for this time. I had to click allow like 5 times, and then again some later. Or if I set to allow then it would allways allow it. Call me fickle hehe.

    Thanks again for the info guys
    LuRk?!?!
    Share on Google+

  10. #10
    Originally posted by S1lv3r
    whoooo, good info, thanks! Ok, more Q's....



    Conf1rm3d_K1ll: Troo, better have something then nothing. I used tiny for a bit, but its too quiet, zone warns me whenever something trys to get to the net, also gives me hit counts and such. Who is trying to get in where. then I dont allow it. With tiny it seems like I couldnt just click allow for this time. I had to click allow like 5 times, and then again some later. Or if I set to allow then it would allways allow it. Call me fickle hehe.

    Thanks again for the info guys


    LOL...Of course you had to click around 5 times! You should have checked the little box that says "Create appropriate filter rule?"
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides