firewalls

[s0nIc]

Hmm.. I use ZAP (Zone Alarm Pro) mainly. Tho if ur a linux user, your BEST chance of having a decent and good firewall that you would know inside out, is by learning how to set ur IP Tables and Routing Tables. which are basic functions of a *nix machine. Win2K and am not really sure but i think NT has the routing tables function too. Im not sure about XP either. anyway, its not the firewall that makes your box secure, it is how the owner takes care of it. In my current job, i have seen many systems plagued with viruses and trojans. but guess what? the systems were armed with a minimum of 2 Anti-Viruses and 2 firewalls. But it was plagued by viruses and trojans and dialers. Just another proof that the security is not always based on what you use, it is based on how you use it.

mainly, try to avoid using default values. coz most vulnerabilities are found from default settings. I have used Kerio and it is good. I tried black ice, never liked it. Sygate pissed me off so bad coz it edited my MBR for some odd reason and my system wont load windows. i had to use a boot disk and uninstall the bastard. so now im using ZAP.

i have my system secured tight enough that u cant even ping me, but loose enough that we can even play P2P games hehehe..

and oh, if any of you wonder if ZAP has IDS, the answer is YES. download VisualZone, its ZoneAlarm's IDS Add-On. which i really dont think you NEED if ur a ZAP user. but for ZA user, yeah it would be handy. because you can back trace the attack and get MORE details about the attack which basic ZA cant offer but ZAP can.

[Jabberwocky]

i've used ipfw in the past and would use it again in the future. its kind of a pain to learn but its simple and pretty intutitive once you get the hang of it.

i'd also recommend portsentry in addition to a firewall....portsentry can be made to use a retaliation script, although i would NOT recommend using anything like that.

[dragonwhip]

For starters, Black Ice is garbage! I use Zone Alarm Pro and Tiny Personal Firewall in tandem, and they are a very good start. Also, go to Steve Gibson Research and get their FREE programs to help close off sections of your computer that firewalls tend not to address. One more thing, for anti virus, stay away from Kaspersky Labs. Their programs will probably lock up your computer, and they never even give you a chance to see if they are any good. This really is stuff that is bad news!

[Magic-Guy]

nice one wacky_sung , thanks

[Sonics42ny]

Hacking back will just cause trouble....and someone who posted earlier nailed it: the machine hitting you is "most" likely not the actual source of the attack.

Just keep your systems tight... and then you can sleep at night. There are so many viruses propagating on the net, and so many easy to use network scanners on the net to download, it's just a fact of life that your perimeters are going to get probed. Instead of getting back at them (which is a crime), focus your efforts on tightening your security. Or just drink lots of beer and forget about it all.....