Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
firewalls
Can anyone recommend a good, free firewall? I once tried Zone Alarm but it’s too bloated and complicated. I used to use the free Kerio firewall, and actually still have an old version from a few years ago, but its now out of date and the current version shuts down some features after 30 days unless you cough up some $.
What firewalls do people use? I’ve been looking at this one which might be OK.
Offline
Re: firewalls
I think I have tried all the free ones and then ended up buying Outpost about a year ago and never looked back. It has the most granular control of any I have tried. I think the 29$ was pretty cheap for something that keeps my software under control and keeps the bad guys out.
Offline
Re: firewalls
Similar story to soulship. I tried some free ones, then also went for outpost. It has got consistently better and simpler to use, but it’s not the simplest of programs. It also slows down my system startup quite a lot (though that might be mcafee virusscan doing that), thereafter it is okay. I should also add it costs $29/year if you want to continue having free updates. It continues working, though, if you don’t update.
TXP Builders – finely-crafted code, design and txp
Offline
Re: firewalls
Is there anything wrong with XP’s built in firewall? It is transparent, so I don’t even know if it really works, but I haven’t had any bad things—virus, trojans, hack-ins—happen in three years of XP usage.
Offline
#5 2006-11-22 14:43:33
- Mary
- Sock Enthusiast
- Registered: 2004-06-27
- Posts: 6,236
Re: firewalls
You can’t tell it to forbid outgoing connections (of any kind or specific), nor can you view exactly what’s coming and going from your computer. I’ve turned it off because I want exactly those two things. As far as I know, it doesn’t do any kind of logging either, or at least, if it does, it’s not obvious where that would be.
Last edited by Mary (2006-11-22 14:47:45)
Offline
Re: firewalls
So what ‘wall do you use Mary? – I discovered CrapCleaner from you a while ago, which I find a great little application proving the point that simple, free software is often just as good as commercial offerings.
Kerio used to be really good – I preferred it to Zone Alarm because the footprint and memory usage of the latter was way too big for me.
Anyone using the free, current version of Kerio? – I’m not too bothered about disabled features for cookies and pop ups, but apparently the free version also disables a sophisticated filtering tool (can’t remember what it’s called/don’t understand it).
Offline
#7 2006-11-22 17:03:52
- Mary
- Sock Enthusiast
- Registered: 2004-06-27
- Posts: 6,236
Re: firewalls
At present I’m settling for Kerio until I can find one I like enough to buy.
Offline
Re: firewalls
Using a Linksys router for many years, I’ve not had the need for a firewall other than what Windows XP comes with. If I want to see network traffic, I can fire up Wireshark on my Debian box and watch packets all day.
Maybe I’ve been lucky or maybe it’s my choice of Firefox and Thunderbird as my browser and email client of choice but I’ve had no problems to report. Sometimes these firewalls cause more problems than they solve, Norton being the most troublesome of all.
We Love TXP . TXP Themes . TXP Tags . TXP Planet . TXP Make
Offline
Re: firewalls
I have an old free version of Tiny Personal Firewall that I use and absolutely love. It was recommended by some security guys I knew. Tiny’s been gobbled up by CA and I haven’t really used the newer versions but the old version I have does everything and has a tiny memory footprint that caused no slowdows compared specially compared to Zone Alarm.
Unfortunately they don’t have a trial now. Although $29.99 for 3 PCs is not bad. CA Personal Firewall
Last edited by hakjoon (2006-11-22 22:42:30)
Shoving is the answer – pusher robot
Offline
Re: firewalls
I have an old free version of Tiny Personal Firewall that I use and absolutely love.
Hah, I used to use that as well, for years after it disappeared for download. The problem with outdated software is that securit issues that eventually always arise tend to go unfixed, esp. with closed source software. Therefore I wouldn’t recommend to keep on using it anymore (even though it hit a sweet spot between features and simplicity and was free and easy to use).
Personally I stopped using any kind of firewall on the desktop. The only kind of firewall that I find is more useful than it is hurtful, is dedicated firewalls, ie.e sitting on distinct machines. Several reasons for that:
- there’s been several demonstrations and exploits where the firewall itself was what opened up the door for hackers to get access to the machine in question. The more complex a piece of software gets (i.e. the more features it acquires) the more likely it is to contain bugs. And most desktop firewalls clearly are trying to do too much.
- On most desktop systems you do not need many applications that even listen for incoming network connections, as long as there are no services listening (i.e. no ports open), a firewall has zero benefit, and only worsens the net security (as you now have the firewall sitting there and listening and working with all incoming traffic)
- You cannot prevent outgoing traffic. That’s simply a fact. Sure all firewall products allow you to make complicated rules for which programs and/or which ports can connect to the outside world, but that only stops very primitive attempts to communicate to the outside. It would only stop software that you trust to respect your wishes in the first place – and that kind of software is likely to let you allow to configure what it does anyway. Desktop-Firewalls can certainly not stop malicious software from communicating to the outside. The options to circumvent firewalls range from tunneling traffic through other applications/protocols, to simply adding malware to the trusted software list of the firewall or simply turning off the firewall (when malicious software acquires the necessary rights) etc. etc.
- The expertise needed to properly configure a firewall, inherently requires you to have knowledge of what services/software are running on your system in the first place. But at that point you hardly have any benefit from it in the first place.
- New/additional risks from using a firewall are [wrongly] inflated sense of security/invulnerability. Bugs/potential Exploits in the firewall itself as outlined above, and (often) the hassle of dealing with using and maintaining them.
Instead of using firewalls, my recommendation would be to always keep all software on the desktop up-to-date with all patches, at least all software which in some way accesses the network, or is reachable via the network, which is certainly the OS, browser/mail programs and potentially a couple of other programs. It’ also a good idea to read their respective manuals for how to configure them in a secure way. Never use outdated, unmaintained software with network-access.
Offline
#11 2006-11-23 12:29:44
- net-carver
- Archived Plugin Author
- Registered: 2006-03-08
- Posts: 1,648
Re: firewalls
James
If you are sitting behind a NAT router that will actually take care of incomming connections.
There’s a good security podcast done by a guy called Steve Gibson that talked about using NAT routers as firewalls way back in episode 3 (over a year ago now). Here are the NAT Router as firewall notes from the show too.
— Steve
Offline
Re: firewalls
Would that be this Steve Gibson ;)
Offline