PDA

View Full Version : Firewalls



Poppa John
12-10-2009, 05:34 PM
Hi All,

Which would you say is the best, least obtrusive Freeware Firewall? Currently using Sygate which has been taken over by Symantec & apparently discontinued updating. Thanks. PJ

FoxyMX
12-10-2009, 06:02 PM
I switched from Sygate to Outpost's free firewall a few weeks ago and found it quite different to Sygate with regards to rule making. I like to block a number of Windows apps running off to the internet, eg Explorer, and accidentally locked the internet up whilst doing so. Had to use System Restore to get it back again. :blush: :p

If you are unlike me and disinclined to fiddle with the rules then it would probably be fine for you out of the box. Once you tell it you want to use its "Rules based" settings tou just have to tell it when it is OK to allow or block the apps other than the usual browser, email, etc.

Blam
12-10-2009, 08:08 PM
Personally I reckon Comodo's still best. Paired with Defense+, you almost don't need an AV!

Does annoy you quite a bit though.

Poppa John
12-10-2009, 08:10 PM
Personally I reckon Comodo's still best. Paired with Defense+, you almost don't need an AV!

Does annoy you quite a bit though.

Yes I have tried that one & it IS annoying. PJ

Blam
12-10-2009, 08:22 PM
Out of interest, why do you want a firewall?

bob_doe_nz
12-10-2009, 08:25 PM
If you're using Sygate on a Windows PC from XP or older then Sygate will still work fine on it.

Poppa John
12-10-2009, 08:26 PM
Out of interest, why do you want a firewall?


It seems thright thing to do. I have had Sygate for quite a while now & am wondering if I should get something better.

My Wife, Maryann, has no firewall & a baddie got thro, which was taken out by MSS. She has no firewall at all. I wasn't aware of that. PJ

Blam
12-10-2009, 08:33 PM
It seems thright thing to do. I have had Sygate for quite a while now & am wondering if I should get something better.

My Wife, Maryann, has no firewall & a baddie got thro, which was taken out by MSS. She has no firewall at all. I wasn't aware of that. PJ

That not what a firewall really does(doesn't *really* keep out malware) but TBH I reckon that the Windows firewall+the router firewall is good enough for the majority of *normal* users...

And your wife probably did have a firewall(the XP default), but its unlikely that because she didn't have a more powerful firewall, that a peice of malware got through...

convair
12-10-2009, 08:34 PM
Why not use the default windows firewall?

pctek
12-10-2009, 08:51 PM
I've tried:
Comodo
Outpost
Online Armor
Zone Alarm
Kerio

Not one of them is perfect.
I still like the way you control ZA - the pro version that is, forget free.
Its user friendly.

But like I said they all have problems.

One weird thing with Outpost - its rules thing. I have a very very old little desktop game, when it launches Outpost pops up and asks if I want to allow it to record my keystrokes.
What??? Runs just the same whether I say yes or no.
And no it doesn't connect to the net either.......

Terry Porritt
12-10-2009, 09:01 PM
In Windows 98SE, I went to Kerio 2.1.5 from ZA,as ZA was resource hungry, and Kerio had a very small footprint.
I have seen no need to change, still use it with XP. It is tiny and free, has no bells or whistles, and is easy to use. I did try Comodo once on another computer, but at that time was not impressed.

Chilling_Silence
12-10-2009, 09:20 PM
Im with Jimm, the standard Windows firewall generally suffices, as your router doing NAT blocks almost all the nasties from coming in.

Try the Win7 Firewall, it's pretty advanced when you get down to it :D

Poppa John
12-10-2009, 09:52 PM
How do I know if our D-Link DSL-504t Modem/router is a firewall version? PJ

Speedy Gonzales
12-10-2009, 09:58 PM
Log into it and look in its options

Blam
12-10-2009, 10:01 PM
How do I know if our D-Link DSL-504t Modem/router is a firewall version? PJ

Yep it does. Pretty much 99.99% of routers do.

Poppa John
12-10-2009, 10:03 PM
Log into it and look in its options

How do I do that? PJ

Blam
12-10-2009, 10:08 PM
How do I do that? PJ

Go to 192.168.1.1 in your browser by typing it in your addressbar and hitting enter

It'll prompt for a username+password, use admin for both(unless you've changed it)

FoxyMX
12-10-2009, 10:21 PM
Ascent's website says it is a "basic" firewall, not a "true" firewall which means it does not have NAT.

My understanding is that this means it is no better than the Windows firewall.

Metla
12-10-2009, 10:39 PM
Visit this site to see how your "firewall" performs

https://www.grc.com/x/ne.dll?bh0bkyd2

Just hit the (lower of the two) proceed button then one of the silver buttons to perform a scan.


Your system has achieved a perfect "TruStealth" rating. Not a single packet solicited or otherwise was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

Poppa John
12-10-2009, 11:02 PM
Visit this site to see how your "firewall" performs

https://www.grc.com/x/ne.dll?bh0bkyd2

Just hit the (lower of the two) proceed button then one of the silver buttons to perform a scan.

Sorry Mate my brain won't take this in.I don't understand it. PJ

zqwerty
12-10-2009, 11:08 PM
GRC Port Authority Report created on UTC: 2009-10-12 at 10:08:09

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

0 Ports Open
0 Ports Closed
26 Ports Stealth
---------------------
26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

Speedy Gonzales
12-10-2009, 11:15 PM
Sorry Mate my brain won't take this in.I don't understand it. PJ

Click on proceed, then click all service ports, wait for it to finish, If it says passed thats all good

Chilling_Silence
13-10-2009, 06:34 AM
Ascent's website says it is a "basic" firewall, not a "true" firewall which means it does not have NAT.

My understanding is that this means it is no better than the Windows firewall.

This might help:
http://en.wikipedia.org/wiki/Network_address_translation


As described, the method enables communication through the router only when the conversation originates in the masqueraded network, since this establishes the translation tables. For example, a web browser in the masqueraded network can browse a website outside, but a web browser outside could not browse a web site in the masqueraded network. However, most NAT devices today allow the network administrator to configure translation table entries for permanent use. This feature is often referred to as "static NAT" or port forwarding and allows traffic originating in the 'outside' network to reach designated hosts in the masqueraded network.

:)

gary67
13-10-2009, 06:44 AM
Thanks for that Link Metla it's useful to have, I'm in complete stealth mode according to that

Chilling_Silence
13-10-2009, 07:19 AM
For most home users, even "closed" is sufficient :)

Metla
13-10-2009, 08:50 AM
Just ran it again, This time from my media PC which has no software firewall installed or enabled.



All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.


I usually don't have any firewalls installed, Only recently installed Comodo on a couple of my systems to see what was trying to connect out.

Poppa John
13-10-2009, 09:57 AM
Hi All.

Managed to do Metla's test. Both comps Passed the tes. Even tho Maryann does not have an apparent firewall.

Gizmo has Zone Alarm Pro for FREE only today, should I put this on Maryann's computer? PJ

Speedy Gonzales
13-10-2009, 10:10 AM
Even if a PC doesnt have a firewall, if you've got a modem/router and its got a firewall, you should be OK. None of these have firewalls either (besides Windows), but the modem has one.

Poppa John
13-10-2009, 10:15 AM
Even if a PC doesnt have a firewall, if you've got a modem/router and its got a firewall, you should be OK. None of these have firewalls either (besides Windows), but the modem has one.


Apparently our ADSL router D-Link DSL- 504t doesn't have a firewall. PJ

Speedy Gonzales
13-10-2009, 10:33 AM
Well if you think you need one, you could try zonealarm. I used to use it, (on dialup), but it got too annoying

Poppa John
13-10-2009, 10:36 AM
Well if you think you need one, you could try zonealarm. I used to use it, (on dialup), but it got too annoying

ZA doesnt get a good word from PF1.

Have d/l Kerio onto her M/c, will see how she goes with it. PJ

Sweep
13-10-2009, 11:22 AM
Maryann runs Windows XP does she not?
In Windows Security Centre is the firewall turned on or not?

The main reason, in my view, to use a third party firewall is to report unusual internet activity which the Windows one does not do in any detail.

As both computers passed the test why install another layer of complexity?

My results:-

GRC Port Authority Report created on UTC: 2009-10-12 at 22:07:08

Results from scan of ports: 0-1055

0 Ports Open
1055 Ports Closed
1 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

The port found to be STEALTH was: 25

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

Some people have found that they can't access the internet or even their home network at times due to a firewall.

My advice is to leave things alone.

fred_fish
13-10-2009, 11:28 AM
I have an excellent client that like to be safe online, so installs various firewalls & security apps as he discovers them.
I make a reasonable living by turning them off for him :)

Speedy Gonzales
13-10-2009, 12:40 PM
Hopefully youre / theyre not installing more than 1 firewall. Otherwise they'll conflict. And you've got more chance of getting hit by something

Terry Porritt
13-10-2009, 12:57 PM
Apparently our ADSL router D-Link DSL- 504t doesn't have a firewall. PJ

Yes it does, that's why most likely your computer and Maryan's is passing the Shields Up test, and presumably it is enabled by default.

You should study the manual that comes with it, or download one, so you can at least get into the thing via your browser.
You must have got into it to have set your user name and password.

You only really need a software firewall if you are concerned about controlling what goes out of your computer, or if you like playing with such things :)

fred_fish
13-10-2009, 01:16 PM
@ Speedy

Despite my repeated advice to "leave it alone".

Last call i got "my internet doesn't work", had Kerio & ZoneAlarm installed, both with borked rulesets as well a 3 anti spywares all with real time scanning!

Have given up trying to educate, just fix it and take the money :)

Speedy Gonzales
13-10-2009, 01:56 PM
Oh well must have money to burn

FoxyMX
13-10-2009, 05:17 PM
Apparently our ADSL router D-Link DSL- 504t doesn't have a firewall. PJ

As I said before, according to Ascent it does, but it is a basic firewall. Like all router firewalls it will not monitor outgoing traffic but it is better than nothing.

You might need to go into its control panel and ensure that it is enabled, however. The instruction manual will tell you how to get in and where to look.