set-and-leave firewall

Printable View

February 11th, 2003, 07:09 PM
jetherson

set-and-leave firewall

hi guys. i know this has been discussed before. but new softwares are coming and new threats are arising. what do you suggest for a good firewall? i will be installing it on a win2k box with iis server. it's a dedicated server on a webhost. i want a firewall which i can just install and then leave. something that wont bug me off with questions like "123.123.123.123 is trying to connect to port 80, do you want to accept?" and those obvious questions. can you tell me anything about zone alarm? the firewall would be installed on a remotely adminstered server so i wont have much control over it. so the best firewall would be a "set-and-leave" firewall.

so what do you guys suggest?

thanks in advance.
February 11th, 2003, 09:14 PM
Shrekkie

Well, my thought is the best is to have a firewall which is depending on your ability and knowledge. i, myself have Sygate and I took myself the time to set it up once and good.
Well, since I didn't have a single remark, oh well, .. or I'm just not scanned lately...
Zonealarm is in my opinion a good firewall, but not advanced enough, and the logfiles really suck.

Or, else get yourself a hardwarefirewall, install it once and he'll do just fine.

See the next thread for very good info on firewalls.

http://www.antionline.com/showthread...light=Firewall

Greetz,
February 11th, 2003, 09:29 PM
jetherson

thanks for the response. is sygate easy to configure? i mean, just configure once and then you can leave it without the need to answer questions from the program like "someone's trying to get in, should i let him?" .. those stuffs.
February 11th, 2003, 09:37 PM
Shrekkie

Jetherson,

Sygate is very obvious (for me although), you can configure it easily but if you want to have it done your way, take some time to review your system and ip's , ports, progs, which to allow and which to block. It's always possible to have a new question from the firewall from time to time, but I believe this is good. Why don't you try it on your box and play with it.
Playin' , tryin' and making your own conclusion is always the most effective way ... and you learn from it.

Greetz,
February 11th, 2003, 09:39 PM
nebulus200

Something concerns me about your statement:

Quote:

which i can just install and then leave

That is something that is very very dangerous to do and is responsible for most of the breakins experienced around the net, and that is unmaintained equipment (be it routers, switches, firewalls, or even computers). It is absolutely essential that you keep your system up to date with the latest patches and revs of software, and failure to do so could lead to very serious complications. Even if you get a little hardware firewall like a Dlink or Linksys NAT'ing firewall/router/dhcp server, those manufacturers still periodically release flash updates to take care of security issues here and there (one serious one comes to mind for the Dlink that was pretty recent). I do not recommend running a software firewall (personal firewall) on a server, but rather recommend a dedicated firewall seperate from your server. In this way you could limit access to incoming HTTP only and limit it BEFORE it makes it to your server...And a NIDS box (for example a linux box running snort) would also be advised since you are running IIS...

And please oh please keep that IIS server up to date...over a year later and I STILL see codered hitting our gateways...*sigh*

/nebulus
February 12th, 2003, 02:08 AM
problemchild

Yeah, I have to agree with Neb. In my book, it doesn't matter so much which product you choose as much as how much time you are willing to spend learning it, configuring it, and maintaining it. A diligent user can turn a decent firewall into a great firewall, and a negligent user can turn a great firewall into a sieve.

The bottom line is if you want a secure network, you have to put some effort into it. No way around it.
February 14th, 2003, 09:01 PM
shadow_dancer

my server using win 2000 adv with service pack 3 and i install norton firewall in my server, at the first time i set all the security level ( u must set the arange of IP in your network if u r running in network ) and at the last i update the firewall.
till now the firewall never asked me what should i do ... i just see the report in the morning.

regard
February 14th, 2003, 09:13 PM
HTRegz

Hey Hey,

I haven't seen it mentioned yet.. but Deerfield.com put out a new version of the Visnetic Firewall last month.. It actually takes a bit of time to set-up, and has a few issues with PPPoE (but they can be easily fixed), but it is great. When i bother running a firewall and setting it up, it used to be Signal9's Conseal PC Firewall, because i could set rules. Which is why I like Visnetic so much, you can specify everything and get extremely complex with it, and once you're done with your ruleset other than updating it for any changes, you never have to worry about it..

http://www.deerfield.com
February 14th, 2003, 09:18 PM
Tedob1

i think there's someone around this forum selling a pix-516 if im not mistaken