December 10th, 2003 03:48 PM
What is the best firewall you people can suggest? Where can you download/buy it? How much? How long will it take (I run on dial-up so give me a crappy download time (lol))?
December 10th, 2003 03:51 PM
Before this degenerates into a flame war, please use the search function in the upper right corner and read all the threads on this site (there are a bunch).. If you get any responses other than "this one sucks', or "that one sucks" I would be pleasantly surprised.
EDIT:It's always nice to be surprised
December 10th, 2003 03:52 PM
This site has a list of different firewalls
December 10th, 2003 07:19 PM
phishphreek80 has a thread: HERE
that explains firewalls and gives a comparison of the different ones available. Check it out.
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
December 10th, 2003 08:33 PM
I use Sygate dont think it's mentioned in the Security Focus article.
Lots of freeware firewalls including Sygate.
Now that I can easily get to my tutorials Im gonna be a super helpful dude.
Not really a tutorial but some nice info.
Packet Filter Firewalls
Packet filters determine whether packets can enter or exit a network. The firewall examines the TCP/IP header and accepts or rejects it. Packet filters are based on a set of predefined rules.
-does not impede traffic (network performance does not suffer)
-simple to implement
-provide logging facilities
-transparent to end users
-cannot prevent ip spoofing
-are passable by crackers/hackers
-poor config/rules can allow access
application gateways are also known as a proxy. these proxies restrict network traffic to a specified application. ie http or ftp.
-data is transferred to specific applications
-provides no direct connection to the internet from within a network (ie business or school)
-a proxy must be built for each app
-can impose a small overhead on a network
-if the proxy fails then access is lost
Circuit Level Gateways
they use a proxy, but can only filter on the basis of header information in the IP packets. TCP connections are relayed to determine whether they are authorized. Packets are not filtered or processed.
Stateful Inspection Firewalls (Dynamic packet filters)
Packet filtering rules are used. All the data in the packets from the network layer up to the application layer is examined. These firewalls verify if the connection is legitimate. They also remember port numbers used by applications; once an application is closed the firewall closed the open port.
combination of Stateful Inspection and Application Gateway firewalls.
December 10th, 2003 08:48 PM
I use Kaspersky AntiHacker right now. I've got KAH, Outpost Pro, LooknStop, Sygate Pro, and ZoneAlarm Pro, and Kerio 4 .exe's saved in a file folder. When I get bored with one, I remove it and switch to one of the others. Some have more bells and whistles than the others, but they've all done the job. If I had to pick a favorite, I'd choose one from the list above. I like them all. Next week or next month, or tomorrow, I might remove Kaspersky and switch to one of the others for a while. Eventually, I go through them all and start over. I like messing with various firewalls.
December 10th, 2003 09:29 PM
The "best" firewalls are the ones you can't download
cisco, sonicwall, netscreen, etc.
December 11th, 2003 12:13 AM
I happen to like Sygate, but of course as SexyBadGirl said, Cisco makes a nice one if you can afford it. ZoneAlarm is fine as well, but I have heard it contains spyware or something.
Real security doesn't come with an installer.
December 11th, 2003 12:35 AM
Well for the home user, say just needs protection on a normal basis, Sygate would be my personal advice.
December 11th, 2003 01:05 AM
Linksys makes a very inexpensive personal firewall / router combo. 146.00 USD. Includes statefull packet filtering, content filters, NAT, DHCP, DDNS, and lots of other bells n whistles.