Which Firewall And Why !!! - Page 2

View Poll Results: Would you ever onsider using a product like this?

Voters
3. You may not vote on this poll
  • Hell yeah

    3 100.00%
  • Not sure

    0 0%
  • Naaaaah, its stupid

    0 0%
Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 38

Thread: Which Firewall And Why !!!

  1. #11
    Junior Member
    Join Date
    Sep 2005
    Posts
    17
    Do you know what you are using?
    whats that supposed to mean?

  2. #12
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    I use @#$&^ Firewall it's a gud 'n and it ain't ever let me down.

    Anyway...I'm of the mindset that names do not equate to shinola anymore, type selection should be based on particular need(s). Define your needs and what services you are willing to put on the line, support with layered defense, etc., etc. (Already tutorials on that....)

    cheers
    Connection refused, try again later.

  3. #13
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Obviously being subtle isn't working here.
    From one of the links I provided:

    iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset.
    Did you rewrite Netfilter and iptables for use on BSD? Iptables is for Linux, ipfw ( IPFIREWALL ) is one of the available firewalls on FreeBSD.

    ------------------------

    I am more in keeping with Relyt's comments in my actual practice.

    I use firewalls on all my machines, ( including LAN ) even though I try to lock them down. My feeling is that if something does get onto one of them the firewalls may help prevent the spreading to others.

    I use Netfilter ( iptables ) on all the linux machines. The perimeter firewall is a stripped down, locked down linux box. I configure them directly, writing rules by hand and don't use GUIs or helpers to configure them. ( why, because I understand it, can configure and customize it to exactly my needs, and it does what I want. )

    I use PF on my BSD boxes.

    The only one of the choices listed in the poll above which I use is Zone Alarm ( free version mostly ) on some windows machines. Why? Because it is easy for those that use those computers to understand it and use it properly.
    I had problems with ZA years ago when XP first came out, switched to Tiny, then found "leakage" which I was uncomfortable with. Although I did notify the maintainers, by this time ZA was working well with XP so I switched back. Haven't tried Tiny since.

    I also use the firewall that comes with PC-cillin Internet Security on a few windows boxes, but it is harder to use and set up so I have to watch who will be using the computers. ( If they don't understand it there is a good chance they will either misconfigure it, allow something through they did not intend to, or just get frustrated and shut it off. )
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  4. #14
    Junior Member
    Join Date
    Aug 2006
    Posts
    16
    I agree with others in the thread on creating your own in *BSD or Linux (IPTables or PF).

    It has allowed me to learn a great deal about how a firewall operates, how *BSD and Linux operate, and it was just interesting all around.

    Hope that helped

    toxic.influx
    QFT!!

    22 49 6e 73 61 6e 69 74 79 20 69 73 20 6f 66 74 65 6e 20 74 68 65 20 6c 6f 67 69 63 20 6f 66 20 61 6e 20 61 63 63 75 72 61 74 65 20 6d 69 6e 64 20 6f 76 65 72 2d 74 61 78 65 64 2e 22 20 20 2d 2d 4f 6c 69 76 65 72 20 57 65 6e 64 65 6c 6c 20 48 6f 6c 6d 65 73 0d 0a 0d 0a

  5. #15
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    Cisco PIX

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  6. #16
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    At work we use watchguard x700's as gateways and blink from eEye for desktops.

    http://www.watchguard.com/products/core.asp
    http://www.eeye.com/html/products/blink/index.html

    The X700's are basically customized linux boxes, are extensible easily maintainable and offer several flavours of VPN...we use both branch office and Mobile user

    blink provides desktops with application and system level softFireWalls as well as antispyware, antiphishing and "Protocol based intrusion prevention" which basically offers zero day protection

    At home, a watchguard SOHO and an f-secure suite from my cable provider
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  7. #17
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    btw..i thought it was interesting that all (i think) of the firewalls listed in the poll were software based...

    personally(and professionally actually) I'd never rely on a single point of defence...multiple layers is what keeps the bad guys at bay (mostly)
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  8. #18
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    I use a layered approach.........an external device and a piece of software on the machine.

    Depends on the environment

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  9. #19
    Junior Member
    Join Date
    Sep 2005
    Posts
    4
    Originally posted here by morganlefay
    I use a layered approach.........an external device and a piece of software on the machine.

    Depends on the environment

    MLF
    Ditto. I use both hardware and software firewalls in layers. The software firewall I use the most is Ghostwall; simple and very effective.

    Good topic, though. Some firewalls I never heard of popping up here.

    Joe

  10. #20
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    Both at home and work I used ipfw for a while, but now use a linux firewall with iptables, Iproute2 QoS and L7 filtering..

    The Layer7 filtering combined with QoS and iptables allows for traffic shaping and filtering on protocol and much more (regex)..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides