so what firewalls do we all use?
i was going to make a poll but i don't know/couldn't list all of them

i use > norton internet security AND zonalarm pro
but not xp's one :skull:

i reckon maybe after a couple of weeks and a few posted links we could do a poll of sorts ...

kerio personal firewall, does all i need it too, if anyone really wants in to my computer, let em go right ahead. nothing top secret or private here.

XP's one does me fine.

If anyone's got any *technical* knowledge about why it's any less useful than other *software* firewalls then I'd love to hear it =)

XP's one works fine with ICS, steath's everthing (which isn't even that great a thing anyway), and the new version includes outbound filtering for those who want it.

For those of you who just say no because it's MS, take a long hard look at the name written on your copy of XP, and then go play with Linux. On the M25. ;)

I think exactly like Sheepeh. :evolved:

CL

Zone Alarm Pro and a Linksys firewall router. Excessive perhaps but the router was on sale.

None

I am behind an http proxy and the router has a build in firewall

For those of you who just say no because it's MS, take a long hard look at the name written on your copy of XP, and then go play with Linux. On the M25. ;)I can now honestly say that since there is now Linux support for my sound card (M-Audio Revolution 7.1), that will indeed be a viable option for me if MS' DRM attempts become too hard to stomach. :)

Oh, and I use a hardware firewall.

Kerio Personal Firewall is also what I would consider a worthwhile option.

I don't know that much about firewall's but I thought The XP one only scanned incoming, not outgoing. When it comes to security I don't think you can be too careful. I use a Sygate firewall, E-trust AV (thanks Toe), Spywareguard, Spywareblaster, Ad-aware 6.0 & Spybot S&D (the new beta version-excellent).
My AV updates at least daily, same with ad-aware. I decide what cookies get in my system.

On a similar note, that Sasser worm brought down evey computer in the Scottish Coastguard two days ago. Is that incompetence or what? I had that security patch downloaded last Friday. Why could a large organisation like this not do the same. Luckily nobody did, but someone could have died. This "news" only merited a light-hearted remark on the National news.

Anyway, arm yourselves to the teeth. It'll get worse before it gets better. :grimreape

Yeah, I tried explaining to my parents just how lax companies are about this kind of thing sometimes, and she just didn't get it. Today, my sister got sent home from school as she was meant to be in an IT class, but the computers were out of action due to a virus.

Considering I had applied for the tech job at the same school a few months before, I was not impressed.

By the way, the "new version" I was referring to is the version in XP's Service Pack 2, which is a beta at the moment. Works for me, your mileage may vary - but it does have an uninstaller if you're interested in trying it out...it's on Microsoft's beta testing page.

shareaza vs. zonalarm

i think these guys are arguing over something not sure what though
not the first time there has been battles because of port ha ha ha ha
:cross-eye

The built-in XP firewall (not SP2). For about 2.5 years now, no problems. And yes I get laughed at - people assume that with cable and MS firewall my PC will go down in 24 hours ....
That said, as of the start of the month I'm on a hardware firewall thanks to a Billion modem/router.
I also run ad-aware.
I tried a beta of kerio PF, and it spewed forth so many fatal errors even before I had logged on that it wasn't funny. Note - it classified the errors as fatal, but a) it kept running b) my PC kept running. Somewhat alarmist, perhaps.

I tried a beta of kerio PF, and it spewed forth so many fatal errors even before I had logged on that it wasn't funny. Note - it classified the errors as fatal, but a) it kept running b) my PC kept running. Somewhat alarmist, perhaps.

Hmmm odd, i've never had a problem with kerio pf, and i've been running it for about a year now.

ok i now run

zonealarm pro - firewall
avg pro - antivirus

adaware,noadware,spywareblaster,spybot & spysweeper - spykillers

crapcleaner & jv16 - registry cleaners

and i KNOW this is over the top :skull:

Zonealarm pro for me ,but would rather use a hardware firewall.

sygate firewall do a good job for me

sygate firewall do a good job for me Same here. Moved from ZoneAlarm.

Just started trying the new ZoneAlarm with Antivirus and I'm quite impressed.

I've used other 'Security Suites' before and this seems to be the lightest resource wise. It uses VET Antivirus which from what I read is a good solid program.

Same here. Moved from ZoneAlarm.


Sygate is fine for single user computers, and has some really cool features, interface wise. However, it's useless IMHO for multiple users unless you force logoff so that only one user is logged in at a time. Otherwise, the second user has no interface at all! Zonealarm (free version) has never let me down. Just my opinion

Same here. Moved from ZoneAlarm.
I've seen ZoneAlarm crap trash too many machines. Kerio personal firewall - light, efficient, free and you won't be sorry.

I've seen ZoneAlarm crap trash too many machines. Kerio personal firewall - light, efficient, free and you won't be sorry.
I give my voice for Kerio too. Has some really handy features.

I've seen ZoneAlarm crap trash too many machines. Kerio personal firewall - light, efficient, free and you won't be sorry.


I've used Zonealarm (free) for over 5 years without a single issue. Kerio is good, no doubt, but has exactly the same multiple user issues as Sygate. I'll stick with ZA till the multi-user stuff is fixed.

I've used Zonealarm (free) for over 5 years without a single issue. Kerio is good, no doubt, but has exactly the same multiple user issues as Sygate. I'll stick with ZA till the multi-user stuff is fixed.
I recommend and use kerio pf, good options, and never crashed on me. Of course i don't run multiple users... But i can't say that the multiple users thing is great anyway. Give me a good log off anyday.

Sygate for me too. Good mix of interface simplicity and advanced options. My only gripe is that it's not the lightest on CPU usage. Not terrible, but could be better.

Otherwise, either Kerio (preferably the older 2.1.5 version) or Outpost.

E-trust AV (thanks Toe)
You're welcome! :)

I use ZoneAlarm Pro and am very happy with it (single PC user). It runs smoothly and all my first 1,056 ports are stealthed, according to Steve Gibson's port probe test.

I use ZoneAlarm Pro and am very happy with it (single PC user). It runs smoothly and all my first 1,056 ports are stealthed, according to Steve Gibson's port probe test.

Regarding Gibson's port probe test, same results here with the free version of ZA.

D-Link DI-604 router with built-in firewall.

None of that software crap, only causes problems.

D-Link DI-604 router with built-in firewall.

None of that software crap, only causes problems.
There is nothing wrong with a router with a firewall, but I've never had a problem or issue with ZoneAlarm (free version).

D-Link DI-604 router with built-in firewall.

None of that software crap, only causes problems.

The exact same router I got two weeks ago!
One day later I uninstalled my software firewall.

On my laptop I use AVG Antivirus and ZoneAlarm, both paid versions and they work wonderfully.

I've used Norton, Mcafee, Panda, PC-cillin and I have found problems with all of them. I'll stick with AVG until I find something better. As for firewalls, give me a hardware firewall anytime, but I don't have the money to afford one right now so I'll keep ZoneAlarm around for a while.

Also I use SpyBot that keeps spyware crap off my system, I've tried AdAware as well but I prefer SpyBot.

I just thrashed ZoneAlarm. I was thinking that my computer was behaving strange lately. Now i found out why. There is this process from ZoneAlarm called 'vsmon' and if you leave you computer on for quite a bit, even 2 days, this process eats all your RAM and made my computer very slow until i rebooted. This is unacceptable, so i got rid of ZoneAlarm. I think I'll stick with windows firewall for a while now until i realise it's crap too. :grimreape (I have a hardware firewall / http proxy server too btw so a software firewall isnt really necesary anyway).

'vsmon'
it's using 27,445 :carrot: here, that does seem like quite a lot.
a software firewall isnt really necesary anywayyou're just paranoid man do you keep a handgun in a shoebox under your bed too ha ha ha ha :cheeky:

I just thrashed ZoneAlarm. I was thinking that my computer was behaving strange lately. Now i found out why. There is this process from ZoneAlarm called 'vsmon' and if you leave you computer on for quite a bit, even 2 days, this process eats all your RAM and made my computer very slow until i rebooted. This is unacceptable, so i got rid of ZoneAlarm. I think I'll stick with windows firewall for a while now until i realise it's crap too. :grimreape (I have a hardware firewall / http proxy server too btw so a software firewall isnt really necesary anyway).As I said, I'm not fond of ZA because it's one of the buggiest pieces of crap out there. I've seen it mess up too many boxes to give it any credence.

No firewall - my router handles that.

you're just paranoid man do you keep a handgun in a shoebox under your bed too ha ha ha ha :cheeky:

Not a gun, a geological hammer, and trust me those things are dangerous! :grimreape ;)

Not a gun, a geological hammer, and trust me those things are dangerous! :grimreape ;)
why not an icepick ;)

I'm quite happy with my Outpost firewall :)
I have used ZA before, but that didn't do it for me.
Also Kerio has been on my machine, and although it is a good firewall, it also wasn't for me :)

Sygate Pro here. I love the fact it asks for permission when a program like Internet Explorer is launched by a program. Additional security for a well documented backdoor. I shoved Kerio on a neighbours PC and rapidly got pissed off with it's asking for permission everytime I did anything on the PC.

My anti virus is NOD 32. One of the better ones out there.

I'm a Kerio user myself, but I also recommend Tiny PF, Outpost or Sygate.

I do not recommend Zone Alarm or SP2's firewall as they are vulnerable themselves to being duped, which ain't that useful. You can test out if your firewall is prone to one popular vulnerability via the following link:
http://tooleaky.zensoft.com/tooleaky.exe

...And a router's firewall does nothing against incoming attacks, nor does it inform you or prevent malware from accessing the net. Therefore, it isn't really all that useful in the most popular context, and any such system is quite vulnerable.

Sygate Pro here. I love the fact it asks for permission when a program like Internet Explorer is launched by a program.
I shoved Kerio on a neighbours PC and rapidly got pissed off with it's asking for permission everytime I did anything on the PC.
HUH?


As far as Kerio asking permission, that is an easily configurable feature which can be turned on or off.

As for me, I've used Zonealarm for years, and with the exception of a couple buggy updates a year or so back, it's been great.

D-Link DI-604 router with built-in firewall.

None of that software crap, only causes problems.
How did you decide on that particular product, please? And how easy was it to set it up? Many thanks.

How did you decide on that particular product, please? And how easy was it to set it up? Many thanks.
Until he answers, I can hypothesize: it's Dlink's flagship ethernet-based router. It's also dirt cheap. Firewall wise, its the exact same as a Netgear or a Linksys or SMC or any other router-based "firewall" out there. It basically prevents you from being a server. Nothing more, nothing less, and as such completely useless IMHO. It does not stop malware from accessing the net and uploading all your personal information. It does not stop portscanning or viruses from exploiting your system remotely.

That said its a good little router (though a beeetch to do even the simplest of port forwarding with... luckily they have decent support forums). Just don't expect the fact that it says it has a "firewall" on the box lead you into a false sense of security.

Thanks. Yes, I noticed that hardware firewalls only protect you in one direction. That seems like a pretty big minus to me. ZoneAlarm notifies you at once if any .exe file on your system tries to establish an outbound connection. I also use VirusScan, TrojanHunter and and Ad-Aware Plus, all of which have frequent definition file updates, and have managed to escape both incursions and excursions so far.

do u think i would need more than the firewall built into my linxsys 802.11b router?

do u think i would need more than the firewall built into my linxsys 802.11b router?

Depends. If you want to be protected: yes. A frequently updated software firewall will give you protections against all common vulnerabilities of Windows before they are ever (if ever) patched by Microsoft. Things like being able to reboot your computer remotely. It also gives you exact control on what goes out or in, something which your linksys router does not exactly do.

If you don't really care about internet protection, then it doesn't really matter.

PS. If you're using the wireless component of that router, I highly recommend that you make use of the MAC address filtering provided, in addition to the WEP encryption.

It basically prevents you from being a server.
Only if you don't know what you're doing...

Depends. If you want to be protected: yes. A frequently updated software firewall will give you protections against all common vulnerabilities of Windows before they are ever (if ever) patched by Microsoft. Things like being able to reboot your computer remotely. It also gives you exact control on what goes out or in, something which your linksys router does not exactly do.

If you don't really care about internet protection, then it doesn't really matter.

PS. If you're using the wireless component of that router, I highly recommend that you make use of the MAC address filtering provided, in addition to the WEP encryption.
yes i am getting my internet access over wireless, what is this MAC adress filtering?

yes i am getting my internet access over wireless, what is this MAC adress filtering?

Each network card that exists has an address unique only to it. It's called the MAC address. Go to Run, Type CMD, at the new window write in IPCONFIG /all, and press the enter key to see what yours is. Windows calls it a "Physical Address". So theoretically, by using the MAC address filter, you only allow the people with the addresses you sanction to access your wide area network.

That said, MAC addresses can be identified and spoofed rather easily, but it adds one extra layer of protection nonetheless.

To change your mac address, access your router, go into "advanced", then "wireless" and then in "Wireless Network Access" choose "Restrict Access" and click the "Edit Access List" button to allow your MAC address(es) through and block all others.

While I'm at it, make sure to change your router's password to something other than the default one. So if you logged in to your router @ 192.168.1.1 by leaving your username blank and writing "admin" as your password, then that's a bad sign.

I use Sygate Firewall and am considering upgrading to the paid version...just as soon as I can establish what else it is that I am going to be receiving for my money over what this already excellent program offers me now. (I think this is an example of what is known in English as an 'awkward sentence')

Only feature I can say for sure that you get in the Pro version is IP blocking. Basically if something trips the firewall the IP is blocked for a specified amount of time.

Only feature I can say for sure that you get in the Pro version is IP blocking. Basically if something trips the firewall the IP is blocked for a specified amount of time.

I would infer from your response (thanks) that you think this would be a good feature because...?

I just thrashed ZoneAlarm. I was thinking that my computer was behaving strange lately. Now i found out why. There is this process from ZoneAlarm called 'vsmon' and if you leave you computer on for quite a bit, even 2 days, this process eats all your RAM and made my computer very slow until i rebooted. This is unacceptable, so i got rid of ZoneAlarm. I think I'll stick with windows firewall for a while now until i realise it's crap too. :grimreape (I have a hardware firewall / http proxy server too btw so a software firewall isnt really necesary anyway).

Sticking with the Windows Firewall is not a very good idea. For one thing it only monitors what's coming in...not what's going out. (Or is it the other way around?) I think really this firewall is offered as a stop-gap measure until you install a decent firewall. Personally I prefer SYGATE (free) but judging from what has been offered in this thread there would appear to be any number of good products to choose from.

I would infer from your response (thanks) that you think this would be a good feature because...?
Because if you are being port scanned you don't get the icon turning red every 5 seconds. I'm sure there is more to the pro version. Does the free version pop up a request everytime a new program tries to open a page in Internet Explorer?

I uninstalled kerio and installed zonealarm again...
There were times that that I couldn't receive data from the internet... Might be kerio fault... Not sure though... If problem persists then the problem is somewhere else..
I was also annoyed with all those warnings.. And I was in doubt of its abilities... Avast! blocked HTTP viruses before kerio...

More likely you had told Kerio to allow Avast to connect to the net and Avast monitored certain ports such as 135 looking for worm attacks.

Because if you are being port scanned you don't get the icon turning red every 5 seconds. I'm sure there is more to the pro version. Does the free version pop up a request everytime a new program tries to open a page in Internet Explorer?

I suppose I have disabled the icon turning red feature as I have never seen it. I did go to www.grc.com/ to have my computer tested for a number of security concerns, including open ports. Everything was in stealth mode. Symantec offers this same service on it's web site...as well as a 'deep scan' of your computer for viruses. The free version does in fact ask you if you want a new program to open a page in Internet Explorer. There is also a detailed log of every activity relating to the firewall...including what it has blocked.

When it detects an attack or something it feels it needs to inform you about Sygate pops up a window (which you can disable) and the systray icon flashes red until you click on it.

Lavasoft (http://www.lavasoftusa.com/) has a firewall.

Does any of you use Sunbelt Kerio personal firewall? Everytime i want to open up the monitor/configuration window, it freezes up completely. It's just a useless piece of junk. Problem is, every firewall i've used is a useless piece of junk (windows firewall, zonealarm, sygate, outpost). Help! :cry:

EDIT: Check here (https://www.grc.com/x/ne.dll?bh0bkyd2)your firewall. With Kerio my machine is completely stealthy. At least it works okay in the background...

Could try Comodo. But to be honest I never had any problems with Sygate until recently when I tried it again and it didn't like uTorrent. Possibly the problem lies with your machine?

Could try Comodo. But to be honest I never had any problems with Sygate until recently when I tried it again and it didn't like uTorrent. Possibly the problem lies with your machine?

Ok i found out why Kerio is freezing up. It's because of eMule. Dang! I sent a bugreport to Sunbelt inc.

Ah in that case have a look at this from the uTorrent FAQ - http://www.utorrent.com/faq.php#Kerio_Sunbelt_uses_100_CPU_when_running_.C 2.B5Torrent

Ah in that case have a look at this from the uTorrent FAQ - http://www.utorrent.com/faq.php#Kerio_Sunbelt_uses_100_CPU_when_running_.C 2.B5Torrent

Awesome! It works much better now. No freeze at least, still slow but no freeze.

i'm still using a hardware firewall only, how about you guys?

I just use the Windows firewall and the SPI firewall in my router (Linksys WRT54g-TM running DD-WRT).

router and windows here

Router firewall if one is available, Windows firewall if not.

I have been using Online Armor for about 2 weeks. The Developer seems accessible. I like it.

http://www.tallemu.com/free-firewall-protection-software.html

Developer accessibility. I remember when we had that around here... :ponder:

iptables and the rather limited linksys hardware firewall is on... god knows what it actually does, gotta love a gui which gives you an 'enable spi firewall' option and that's it >_>

Roughly the same as what all Stateful Packet Inspection (http://en.wikipedia.org/wiki/Stateful_packet_inspection) firewalls do...

Roughly the same as what all Stateful Packet Inspection (http://en.wikipedia.org/wiki/Stateful_packet_inspection) firewalls do...

"Only packets matching a known connection state will be allowed by the firewall; others will be rejected"

Exactly. How about letting me define if its allowing related established or new etc... Billions are just 10 times better then Linksys, hell in general.

So stop using the Linksys firmware and give DD-WRT (http://dd-wrt.com) a try. Linksys made their firmware opensource years ago and DD-WRT is a seriously powerful piece of firmware.

"Only packets matching a known connection state will be allowed by the firewall; others will be rejected"

Exactly. How about letting me define if its allowing related established or new etc... Billions are just 10 times better then Linksys, hell in general.
What, you mean like opening a port?

I disabled the SPI firewall because i thought it was causing connection problems. I think its only purpose is to stop DoS attacks but maybe im wrong.

Yes you are. :)

Then i should double check. The description on the routers page was rather vague.

What, you mean like opening a port?

Yeah I can only assume its working, and not silently failing. Only options available are to port forward, which I assume (at least I'm hoping so) automagically opens the port as well, and doesn't simply silently disable it. Over simplifying a gui is never a good thing. I would try ddwrt or openwrt but one requires more time put into it then i'm willing to give, and the other doesn't seem to support my linksys, least it didn't last time I checked, due to lack of ram.
Ah well, switched over to my cisco 857w after finally getting it all up and running properly. Was an entertaining time finding out that CCNA info regarding ACL's and established states was rather useless when it came to soho Cisco devices :P ip inspect is a rather nice solution however, so I ain't complaining.