What Firewall do you guys use?

Discussion in 'General Software Discussion' started by tek, Jan 15, 2005.

  1. Nuke209

    Nuke209 New Member

    Joined:
    Jul 1, 2002
    Messages:
    568
    Likes Received:
    0
    Trophy Points:
    0
    i dont use my routers firewall, ms firewall or any
     
  2. mkk

    mkk Well-Known Member

    Joined:
    Oct 9, 2003
    Messages:
    5,334
    Likes Received:
    152
    Trophy Points:
    73
    Not in every way though. Typical hardware firewalls can't do much about a piece of software that has already gotten onto your computer, whereas software firewalls can. I would definitely run a simple no-bull software firewall like Kerio 2.15 when being behind a hardware firewall. I'm about as interested in keeping the installed software in a leash as keeping inbound traffic filtered.
     
  3. dipstick

    dipstick New Member

    Joined:
    May 29, 2002
    Messages:
    3,609
    Likes Received:
    16
    Trophy Points:
    0
    True, by default software firewalls block all outbound traffic whereas the hardware firewalls don't. But you can set up rules fairly easy to block all outbound traffic just like the software does but with the added benefit of being able to do the same for the whole network or just specific rigs;) If you're really paranoid you can seal yourself up pretty good:)


    @Tek, my choice for BT is azureus with the safepeer plugin. Works good and you only have to open a single port to be connectable;)
     
  4. Red_Death

    Red_Death New Member

    Joined:
    Jan 9, 2005
    Messages:
    218
    Likes Received:
    0
    Trophy Points:
    0
    I use Zone Alarm pro, works great, no problems. Using it for a year and a half now. Tried Norton, didn't like it, I didn't use it for very long and had already been used to zone alarm, so don't know if it's good or bad, but i prefer zonealarm. Easy to use and works. Oh and Legally Free.
     
  5. HardwareHeaven

    HardwareHeaven Administrator Staff Member

    Joined:
    May 6, 2002
    Messages:
    32,274
    Likes Received:
    163
    Trophy Points:
    88
    yes but some hardware firewalls do, those are the ones worth getting. - especially those that log all traffic to a file so you have even further piece of mind.
     
  6. HardwareHeaven

    HardwareHeaven Administrator Staff Member

    Joined:
    May 6, 2002
    Messages:
    32,274
    Likes Received:
    163
    Trophy Points:
    88
    As I said in the post above for most cases you are right but the better routers or hardware firewalls do have outbound blocking/filtering and some can even log all the traffic to a file and allow specific applications/ports to outward transmit, what quite a few people dont know is that there are specific trojans which are built to totally circumvent specific software outbound filtering and dont even show up via that application. Nothing touches a good hardware firewall if its configured correctly. Of course the massive downside is the price.
     
  7. mkk

    mkk Well-Known Member

    Joined:
    Oct 9, 2003
    Messages:
    5,334
    Likes Received:
    152
    Trophy Points:
    73
    Just as a pointer to any reader, blocking specific ports in a hardware firewall isn't doing any good against menacing software's outbound traffic. This is because pretty much anything can be done through for instance port 80 wich every home user must keep open for web usage. While there are hardware firewalls that really does analyse the traffic in such an advanced manner that some real level of outbound safety is reached, for what I know the must still be so expensive that their existance is nigh on irrelevant in this context.

    Naturally any software solution can be circumvented by another piece of software. One should certainly keep an eye out for information regarding the program one uses to see if security threats have been found, as basic safety thinking dictates. And antivirus/antispyware software is a natural thing to have in either case. Ruling out user interference and specialised trojans for the sake of separating different arguments; I still haven't seen anything that breaks Kerio 2.15 even though it has not been updated for well over a year. That makes me feel like I can put at least as much trust in it as a home user firewall/router and get more control at the same time. I might pay for that on human error some day, but I'll take that with the benefits.

    Edit: Just short little hands-on experience. Tried the demo for TopSpin, a Microsoft released tennis game. Every time one starts up the demo it "phones home" to Microsoft, probably telling them that the demo was used. While not likely a security threat, that's a very typical kind of software behavior that most hardware firewalls/routers can't do anything about. I just prefer to say no to these things, and they are becoming all the more common.
     
    Last edited: Jan 27, 2005
  8. Logla

    Logla Well-Known Member

    Joined:
    May 10, 2003
    Messages:
    3,310
    Likes Received:
    2
    Trophy Points:
    48
    Hardware only for me. I got so sick of the various s/w apps that kept displaying popups (McAfee is very guilty of this) to tell me about various attempts to get into my system when they were just normal network traffic.

    I have my buffalo router but this sits behind my Cisco PIX 515E Firewall. The Cisco is rather large but slim (designed for 19" racks) and so lies down the side of my desk.
     
  9. mkk

    mkk Well-Known Member

    Joined:
    Oct 9, 2003
    Messages:
    5,334
    Likes Received:
    152
    Trophy Points:
    73
    Indeed. Some firewalls definitely try to make themselves sound more important than what they are, with BS wordings to their notices. That and the bloating of most suites are unfortunate developments.
     
  10. Vampyromaniac

    Vampyromaniac confutatis maledictis

    Joined:
    May 15, 2002
    Messages:
    5,974
    Likes Received:
    10
    Trophy Points:
    0
    I'm behind my ISP's NAT, that's all

    Actually, out-bound ports are not the same as the ports that servers use. You don't use port 80 to connect to a website's port 80. ;)
    (eg. I'm using 3985 right now... TCP digitalis:3985 driverheaven.net:http ESTABLISHED
     
  11. BiGBrOwNPimpsta

    BiGBrOwNPimpsta HH's #1 Hustla and Pimp

    Joined:
    Jan 3, 2003
    Messages:
    7,753
    Likes Received:
    62
    Trophy Points:
    58
    windows xp firewall

    good enough for me
     
  12. tek

    tek New Member

    Joined:
    May 3, 2003
    Messages:
    2,103
    Likes Received:
    0
    Trophy Points:
    0
    Of course it is... :D
     
  13. KOLE

    KOLE New Member

    Joined:
    Nov 13, 2004
    Messages:
    140
    Likes Received:
    0
    Trophy Points:
    0
    Agnitum Outpost Firewall Pro 2.5
     
  14. riles9262

    riles9262 Driverheaven brewmaster

    Joined:
    Oct 18, 2002
    Messages:
    4,809
    Likes Received:
    27
    Trophy Points:
    0
    yep yep, and that's why I've loved kerio 2.1.5 for so long...good logging, protection, minimal resources used, and it's not bothering you all the time creating rules.
     
  15. Red_Death

    Red_Death New Member

    Joined:
    Jan 9, 2005
    Messages:
    218
    Likes Received:
    0
    Trophy Points:
    0
    No matter what you do or what you have, someone will alwaysknowhowtoget around it. So the moral of the story is nothing is100%soUPDATEAND SCAN OFTEN.......and lay off the porn..... andyou'llbeingoodshapemost of the time. [​IMG]


    P.S. I've edited this 3 time, it won't keep my spaces. What's the deal with that?
     
  16. _ə_

    _ə_ New Member

    Joined:
    Dec 4, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    0
    any of you guys use your nForce firewall?
     
  17. tek

    tek New Member

    Joined:
    May 3, 2003
    Messages:
    2,103
    Likes Received:
    0
    Trophy Points:
    0
    There's an nForce firewall? Wtf... :wtf:
     
  18. Judas

    Judas Obvious Closet Brony Pony

    Joined:
    May 13, 2002
    Messages:
    39,665
    Likes Received:
    1,518
    Trophy Points:
    138
    I've been reading through my Xincom manual and although i have outbound Firewall enabled.. i haven't setup anything specific. And logs, logs are nice, they tell you want you need to know. I was serprised... i had downloaded something, and for the first time for myself, ended up with a weird virus. Although i was able to manually remove it, it attempted to send itself to the networked machines, my main server. The Router caught the transfer and stopped it.

    Pretty impressed so far.
     
  19. _ə_

    _ə_ New Member

    Joined:
    Dec 4, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    0
    yeah man the nForce3 250Gb has a hardware firewall built-in in to the chipset itself :)
     
  20. Red_Death

    Red_Death New Member

    Joined:
    Jan 9, 2005
    Messages:
    218
    Likes Received:
    0
    Trophy Points:
    0
    if you use firefox you probably won't have the popup issue anymore and I haven't had any problems since I started using it. There are alot of security features that keep the unwanted out. zonealarm (alarm to tell you what's happening when it's happening.) for traffic, and norton here and there.

    Note: the november update for norton antivirus (on the MAC), writes a line of code into all photoshop files and corrupts them. I found out the hard way and Adobe's tech support told me it was the November Norton Update. They said it would be fixed on later ones. But I uninstalled in at work seeing how in five years I've never gotten a virus on my overpriced, smokin fast MAC. My PC at home is a different story though.
     

Share This Page

visited