set-and-leave firewall
Results 1 to 9 of 9

Thread: set-and-leave firewall

  1. #1

    Question set-and-leave firewall

    hi guys. i know this has been discussed before. but new softwares are coming and new threats are arising. what do you suggest for a good firewall? i will be installing it on a win2k box with iis server. it's a dedicated server on a webhost. i want a firewall which i can just install and then leave. something that wont bug me off with questions like "123.123.123.123 is trying to connect to port 80, do you want to accept?" and those obvious questions. can you tell me anything about zone alarm? the firewall would be installed on a remotely adminstered server so i wont have much control over it. so the best firewall would be a "set-and-leave" firewall.

    so what do you guys suggest?

    thanks in advance.
    When you have eliminated the impossible, whatever remains, however improbable, must be the truth. - Sherlock Holmes

    i am NOT a hacker :Ž

  2. #2
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    Well, my thought is the best is to have a firewall which is depending on your ability and knowledge. i, myself have Sygate and I took myself the time to set it up once and good.
    Well, since I didn't have a single remark, oh well, .. or I'm just not scanned lately...
    Zonealarm is in my opinion a good firewall, but not advanced enough, and the logfiles really suck.

    Or, else get yourself a hardwarefirewall, install it once and he'll do just fine.

    See the next thread for very good info on firewalls.

    http://www.antionline.com/showthread...light=Firewall

    Greetz,
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  3. #3
    thanks for the response. is sygate easy to configure? i mean, just configure once and then you can leave it without the need to answer questions from the program like "someone's trying to get in, should i let him?" .. those stuffs.
    When you have eliminated the impossible, whatever remains, however improbable, must be the truth. - Sherlock Holmes

    i am NOT a hacker :Ž

  4. #4
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    Jetherson,

    Sygate is very obvious (for me although), you can configure it easily but if you want to have it done your way, take some time to review your system and ip's , ports, progs, which to allow and which to block. It's always possible to have a new question from the firewall from time to time, but I believe this is good. Why don't you try it on your box and play with it.
    Playin' , tryin' and making your own conclusion is always the most effective way ... and you learn from it.

    Greetz,
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  5. #5
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Something concerns me about your statement:
    which i can just install and then leave
    That is something that is very very dangerous to do and is responsible for most of the breakins experienced around the net, and that is unmaintained equipment (be it routers, switches, firewalls, or even computers). It is absolutely essential that you keep your system up to date with the latest patches and revs of software, and failure to do so could lead to very serious complications. Even if you get a little hardware firewall like a Dlink or Linksys NAT'ing firewall/router/dhcp server, those manufacturers still periodically release flash updates to take care of security issues here and there (one serious one comes to mind for the Dlink that was pretty recent). I do not recommend running a software firewall (personal firewall) on a server, but rather recommend a dedicated firewall seperate from your server. In this way you could limit access to incoming HTTP only and limit it BEFORE it makes it to your server...And a NIDS box (for example a linux box running snort) would also be advised since you are running IIS...

    And please oh please keep that IIS server up to date...over a year later and I STILL see codered hitting our gateways...*sigh*

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  6. #6
    Senior Member problemchild's Avatar
    Join Date
    Jul 2002
    Posts
    551
    Yeah, I have to agree with Neb. In my book, it doesn't matter so much which product you choose as much as how much time you are willing to spend learning it, configuring it, and maintaining it. A diligent user can turn a decent firewall into a great firewall, and a negligent user can turn a great firewall into a sieve.

    The bottom line is if you want a secure network, you have to put some effort into it. No way around it.
    Do what you want with the girl, but leave me alone!

  7. #7
    Senior Member
    Join Date
    Feb 2003
    Posts
    211
    my server using win 2000 adv with service pack 3 and i install norton firewall in my server, at the first time i set all the security level ( u must set the arange of IP in your network if u r running in network ) and at the last i update the firewall.
    till now the firewall never asked me what should i do ... i just see the report in the morning.

    regard
    When I lay me down to sleep, Pray the LORD my soul to keep.
    If I die before i wake, Pray the LORD my soul to take.

    http://www.AntiOnline.com/sig.php?imageid=389

  8. #8
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I haven't seen it mentioned yet.. but Deerfield.com put out a new version of the Visnetic Firewall last month.. It actually takes a bit of time to set-up, and has a few issues with PPPoE (but they can be easily fixed), but it is great. When i bother running a firewall and setting it up, it used to be Signal9's Conseal PC Firewall, because i could set rules. Which is why I like Visnetic so much, you can specify everything and get extremely complex with it, and once you're done with your ruleset other than updating it for any changes, you never have to worry about it..

    http://www.deerfield.com
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    i think there's someone around this forum selling a pix-516 if im not mistaken
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •