Anyone know of some good firewalls or give me some feedback if they have used BLACKICE server!! Im running 2000 Pro should i use something esle?
Printable View
Anyone know of some good firewalls or give me some feedback if they have used BLACKICE server!! Im running 2000 Pro should i use something esle?
Aparrently blackice doesn't alert you to attacks that eminate from the inside, so, say you get infected with a trojan in the form of an innocent looking email attachment, somebody could connect to your pc and blackice wouldn't let you know about it - although this is just what i've heard, i've never used it so i don't know. On my little network i've just got an old 166 running a minimal linux distribution and an ipchains script i rolled myself, but this isn't to everyones taste so you may want to try tiny personal firewall which i've heard quite a few people talk highly of.
Pete
Tiny Personal Firewall for windows www.tinysoftware.com . Unless you want the challenge and excitement of building your own linux firewall .:D
I just got a copy of LINUX 7.1 and just found out that you can DUAL boot it with windows i think i might give it a try. But i have no experience with LINUX, hahaha what do you think my chances are of making that firewall now???:rolleyes:
I use Blackice at home and at work. I am behind a Pix firewall at work but certain ports are open to my computer so I can access it from home. Blackice has caught quite a few things coming this way internal and external.
I would recommend Blackice for a cheap secure personal firewall.
You can DUAL boot between linux and windows, Read up on LILO
In fact, im a dual booter...
but there's some things about it that suck ass...
for example, you either have to re-partition your drive, hence losing the data on any partition that you change, or your gonna have to give linux it's own drive, and windows it's own drive.
I highly recommend the second option, because it allows you to move the linux part of the box without moving the windows side, or vice versa... Or if you want a new drive for your windows drive, you dont have to use both.
-8trak
I started out using BlackIce defender, switched to Zone-Alarm, and finally to Tiny. I found that BlackIce was not enough protection so I made the switch to Zone-alarm, which I was always very please with right up to the end.
I only made the switch to Tiny when I was certain that I knew enough to configure it. IMO Tiny is richer in control than either of the other two here, only you need to know a thing or two to set it up. The below link is a comparison that is on the GRC website of a number of firewalls and how they fared on the Leak Test.
GRC.com Leak Test
I too am a dual booter using Lilo boot manager and running both Windows and Red Hat 7.0. You'll be surprised how easy it actually is to partition your hard drive and install another operating system.
As far as firewalls are concerned you cant go past Tiny in my opinion. Unlike Giovanni, Tiny does "win hans down":airoff:
Zone Alarm is tough to beat. www.zonelabs.com
The free version of Tiny Personal Firewall beats the free version of Zone Alarm hands down, in my opinion. It's only downside is a few small interface-bugs, and being unable to use seperate rules for different adapters, but otherwise I think it really does well against ZA, because it lets you use IP/Port based rules, as well as application-based.
anything free sides za and tiny?
za has a lil glitch and tiny is just annoying when ur typeing so i was wondering is there any other free firewalls worth trying?
:confused:
I recently reformatted and thought i would try a different firewall. I previously used BlackIce but found out about several vulnerabilities it was subject to. I used ZoneAlarm for a while, but found it a little too restricting.
I am currently using NeoWatch and i must say that it is the best i have found so far. You can set up ranges of ports that it accepts(for programs like icq), and accept or ban certain ip's. It also has a very useful trace feature which you can use to find out both the route to the perpetraitor as well as details about them. Give it a go NeoWorx.com. You can also obtain the full version http://sling.to/fosi/
BlackIce is a good all around firewall, but you'll have to use it along with a trojan detection prog (e.g. the cleaner) or use some other means of denying access to specific ports (1243, 27374, etc...) commonly used by trojans. I have personally seen that familiar blue eye in the systray of systems I've used sub7 against (I know, I'm just a script kiddie :D ).
who isn't
how many ppl haven't used sub 7 i mean at least playing
u have to learn some how plus it's the quick way of removing the server from ur machine :D
....well now that you mention it....
In an effort to stay on topic, i might as well mention that personal firewalls like blackice and zonealarm are stateless,packet filtering firewalls, in that they can accept or deny a packet based on a set of rules such as port number or ip address, but they don't know if a packet is the result of an authentic request from the client machine or part of an attack. Whereas stateful firewalls like the netfilter part of the 2.4 linux kernel (of which iptables is a part) have a memory and can tell if a packet is the result of a legitimate request.
As a rider to this i might also add that stateful packet filtering/mangling is not the panacea of network security either, as there is already a well known flaw in the ftp PORT command allowing an attacker to connect to any port if he has already comprimised (by some other means) the host behind the firewall.
There's no such thing as 100% security when connected to a network.
well for the past few months i have been useing zonealarm i started out with the free version and liked it so i went a bought the full version and i must say it blows blackice out of the water
i have never tried tiny and most likely will not, zonealarm has a easy and user friendly interface
if u talk to some people they will tell u firewalls are crap and not to use them but if your like me and don't know all the cool stuff that most people on this site do your better off getting a firewall which ever it may be and if u are not currently using
a firewall this site is what made me take a second look at why i needed one go to grc.com thy have some pc tests that might chang your mind well i hope this will help someone take care !:p
NO doubt Zone alarm is one of the best firewalls , but be sure to download its new version cause in it s old version one can easily break into the firewall . This whole was spoted by few hackers and i have tested it and found right .
The ZoneAlarm Version 2.1.10 to 2.0.26 allow the hackers to scan if one use a specific port.
Be careful using Sub7 cause , ppl have created a new kind of defence whenever u scan ports for sub7 the system whom ur scanning if it contain that guard will reply u with alive ack, and u will immeditely try to get connected. As soon as you click connect button of ur cliecnt u will get connected and after 2-4 sec. u will get d/c and in the mean time from the other party (server side) a virus will be launched via that port u r connected and ur whole system will be crushed.
:(
for the paranoids, what about Blackice AND Zonealarm ?
Or Netbus....a classic old school program that everyone cuts their teeth on! I think it's STILL one of the best port scanners around. Purely for educational purposes though.....:D
Hey ,
If you were to use linux , you could setup IPChains or IPTables
i have yet to see a product that can beat that..
anyways
anarki
I use Zonealarm Pro, and wouldn't trade it for anything. You can get the free version of zonealarm at zonelabs.com. The only big difference between Zonealarm and Zonealarm Pro, is that Pro is more customizible, but the free version will do everything you need it to.
zone alarm is a good choice has't failed me yet (crossing fingers)
BlackIce in my opinion is the winner, although ZoneAlarm is pretty damn good.
well i dont know about all these other firewalls but the only one i have used is Zone Alarm and it is great :)
Ennis, as Petemcevoy already stated, BlackIce does NOT block unknown programs...
You can check this at GRC . And yes, I know about GRCsucks.com, but the link has a letter from Network Ice staff on it... You might want to check it out... ;)
In my humble opinion I would not run a software firewall on the PC you are connected to the internet. I would run some form of NAT and firewall combo on your network. Personally I have a Netopia R910 router that does it for me. Though for the basic network novice, this is not an easy solution nor is it "cheap". Though with security you get what you pay for.
Or if you want a real firewall Cisco just released the PIX 501 small office firewall it runs about $600 but its a lot better than any firewall software.
http://www.firewallguide.com/
I found this site. Seems to carry a lot of information on different firewalls. Should provide enough basic information to spark some type of interest.
I have limited experience with the Watchguard SOHO, but at $449 it is a lot lower cost the a PIX and it has a 4-port hub built in.
ZoneAlarm is a stealth firewall.. that must be taken into consideration. A firewall that closes ports is still vulnerable to allow your computer to be crashed. Stealth tells the scanner that your comp doesn't exist. I have used all 3 firewalls at different times and here are my ratings, in order.
#1 - ZoneAlarm
Reason: It puts all ports not being used into stealth mode, is free, and is easy-to-use.
#2 - Tiny Personal Firewall
Reason: Is a good firewall overall, but does not hide all unused ports in stealth mode. (Only important ones like NetBios and a few others.)
#3 - Black Ice Defender
Reason: The firewall Stealths only the NetBios port (may have changed if an upgrade has been released). It is not free, which is another bad thing about it.
Bottom Line - Any of these firewalls will close ports and give you better protection than none, but for the best protection available, ZoneAlarm wins... :)
I used to run ConsealPC Firewall (from signal 9 which has since been bought by McAfee) in combination with blackice. The thing was that I was running a LAN with a wingate for proxy. I liked to being able to edit my own rulset with conseal (pretty much like ipchains/iptables or ipfilter) but used blackice (firewall part disabled) for its IDS capabilities... I briefly looked at zonealarm, but I found it lacked flexibility for protecting a whole LAN... Between, I don't worry that much about "leakage" as my "users" are intelligent enough not to run unknown programms/attachments...
Anyways, now I'm running OpenBSD with ipfilter for my firewall box... (and when I'll get a bit free time will add snort...)
Ammo
I use Tiny Personal Firewall and had no idea just how popular it was or that so many people would suggest it.
SUBSEVEN I love when people prob my system looking for sub seven come on please that kiddy stuff has got to go.
9 times out of 10 the people looking for sub seven on your system has axidently giving themselves the server side of the virus and now but probing your system they have given you there ip and wow whats that by by access to your system.
True it is fun to play with when my x wife is ever online LOL she is so pissed that her system acting so weard when she is online. where the mouse goooooo woops
I have just finished wrestling with the MagisterB worm (I won eventually) one of the things it does is deactivate Zone Alarm fire walls. The defs for it were published in September it was found in the wild in August.
Hey all,
Thought I'd throw in my two cents worth. There is one more free firewall product that I've been experimenting with and like: http://www.agnitum.com/products/outpost/ . I like that I can configure it how I need to. They do a nice comparison of their product against many of the products mentioned here: http://www.agnitum.com/products/outpost/compare.phtml
On another note, I recently purchased a NetGear RP114 Router. What I found interesting, after I had one of my students scan, is its effectiveness at hiding everything behind it. I was impressed. Although I doubt this is the be-all-end-all kind of router and still run my Outpost Firewall even with the router, I was still pleased at it's effectiveness at hiding whatever didn't need to be seen. =)
I tested my copy of Tiny Personal Firewall with grc.com and its "Shields Up" test. I posted a flawless score and my system and its ports are totally stealth. Next I downloaded their "Leaktest" product and found that my firewall indicated when it tried to connect, and gave me the option to deny or approve it. If this isn't enough proof, I don't know what is. Ive heard that the expensive BlackIce Defender couldn't even pass the Leaktest.
This isn't true as seen by my testing.Quote:
#2 - Tiny Personal Firewall
Reason: Is a good firewall overall, but does not hide all unused ports in stealth mode. (Only important ones like NetBios and a few others.)
I've been using Outpost too ...the only thing I didn't like prior to today was the "????" that showed up in the active connection list.
If you're seeing that, theres a new build that'll get rid of it.
Theres a good Trojan detector at
http://tds.diamondcs.com.au/
Its not freeware but you can use it for 30 days.
I still firmly endorse Tiny if it works for you (I'm running a NAT/proxy program that it doesn't work well with, I figure it's a unique case).
Anyway, Tiny for advanced users. For people who want to get into the guts of their ruleset.
Sygate Personal Firewall for people who can't get Tiny to work, but want control.
ZoneAlarm for people with no interest in any sort of firewall management.
BlackIce for people who have money and want a help support line. :D
I have an old version of Conseal I used to use still here... I guess it just fell into disuse at one point. Hm. I didn't like it that much at the time, and I'm not about to mess with it now that everything is running again :)