Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2006-11-22 10:57:54

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

firewalls

Can anyone recommend a good, free firewall? I once tried Zone Alarm but it’s too bloated and complicated. I used to use the free Kerio firewall, and actually still have an old version from a few years ago, but its now out of date and the current version shuts down some features after 30 days unless you cough up some $.

What firewalls do people use? I’ve been looking at this one which might be OK.

Offline

#2 2006-11-22 13:38:25

soulship
Member
From: Always Sunny Charleston
Registered: 2004-04-30
Posts: 669
Website

Re: firewalls

I think I have tried all the free ones and then ended up buying Outpost about a year ago and never looked back. It has the most granular control of any I have tried. I think the 29$ was pretty cheap for something that keeps my software under control and keeps the bad guys out.

Offline

#3 2006-11-22 14:15:33

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,726
Website

Re: firewalls

Similar story to soulship. I tried some free ones, then also went for outpost. It has got consistently better and simpler to use, but it’s not the simplest of programs. It also slows down my system startup quite a lot (though that might be mcafee virusscan doing that), thereafter it is okay. I should also add it costs $29/year if you want to continue having free updates. It continues working, though, if you don’t update.


TXP Builders – finely-crafted code, design and txp

Offline

#4 2006-11-22 14:35:13

jm
Plugin Author
From: Missoula, MT
Registered: 2005-11-27
Posts: 1,746
Website

Re: firewalls

Is there anything wrong with XP’s built in firewall? It is transparent, so I don’t even know if it really works, but I haven’t had any bad things—virus, trojans, hack-ins—happen in three years of XP usage.

Offline

#5 2006-11-22 14:43:33

Mary
Sock Enthusiast
Registered: 2004-06-27
Posts: 6,236

Re: firewalls

You can’t tell it to forbid outgoing connections (of any kind or specific), nor can you view exactly what’s coming and going from your computer. I’ve turned it off because I want exactly those two things. As far as I know, it doesn’t do any kind of logging either, or at least, if it does, it’s not obvious where that would be.

Last edited by Mary (2006-11-22 14:47:45)

Offline

#6 2006-11-22 15:04:32

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

Re: firewalls

So what ‘wall do you use Mary? – I discovered CrapCleaner from you a while ago, which I find a great little application proving the point that simple, free software is often just as good as commercial offerings.

Kerio used to be really good – I preferred it to Zone Alarm because the footprint and memory usage of the latter was way too big for me.

Anyone using the free, current version of Kerio? – I’m not too bothered about disabled features for cookies and pop ups, but apparently the free version also disables a sophisticated filtering tool (can’t remember what it’s called/don’t understand it).

Offline

#7 2006-11-22 17:03:52

Mary
Sock Enthusiast
Registered: 2004-06-27
Posts: 6,236

Re: firewalls

At present I’m settling for Kerio until I can find one I like enough to buy.

Offline

#8 2006-11-22 17:38:05

hcgtv
Plugin Author
From: Key Largo, Florida
Registered: 2005-11-29
Posts: 2,722
Website

Re: firewalls

Using a Linksys router for many years, I’ve not had the need for a firewall other than what Windows XP comes with. If I want to see network traffic, I can fire up Wireshark on my Debian box and watch packets all day.

Maybe I’ve been lucky or maybe it’s my choice of Firefox and Thunderbird as my browser and email client of choice but I’ve had no problems to report. Sometimes these firewalls cause more problems than they solve, Norton being the most troublesome of all.

Offline

#9 2006-11-22 22:42:16

hakjoon
Member
From: Arlington, VA
Registered: 2004-07-29
Posts: 1,634
Website

Re: firewalls

I have an old free version of Tiny Personal Firewall that I use and absolutely love. It was recommended by some security guys I knew. Tiny’s been gobbled up by CA and I haven’t really used the newer versions but the old version I have does everything and has a tiny memory footprint that caused no slowdows compared specially compared to Zone Alarm.

Unfortunately they don’t have a trial now. Although $29.99 for 3 PCs is not bad. CA Personal Firewall

Last edited by hakjoon (2006-11-22 22:42:30)


Shoving is the answer – pusher robot

Offline

#10 2006-11-23 11:58:32

Sencer
Archived Developer
From: cgn, de
Registered: 2004-03-23
Posts: 1,803
Website

Re: firewalls

I have an old free version of Tiny Personal Firewall that I use and absolutely love.

Hah, I used to use that as well, for years after it disappeared for download. The problem with outdated software is that securit issues that eventually always arise tend to go unfixed, esp. with closed source software. Therefore I wouldn’t recommend to keep on using it anymore (even though it hit a sweet spot between features and simplicity and was free and easy to use).

Personally I stopped using any kind of firewall on the desktop. The only kind of firewall that I find is more useful than it is hurtful, is dedicated firewalls, ie.e sitting on distinct machines. Several reasons for that:

  • there’s been several demonstrations and exploits where the firewall itself was what opened up the door for hackers to get access to the machine in question. The more complex a piece of software gets (i.e. the more features it acquires) the more likely it is to contain bugs. And most desktop firewalls clearly are trying to do too much.
  • On most desktop systems you do not need many applications that even listen for incoming network connections, as long as there are no services listening (i.e. no ports open), a firewall has zero benefit, and only worsens the net security (as you now have the firewall sitting there and listening and working with all incoming traffic)
  • You cannot prevent outgoing traffic. That’s simply a fact. Sure all firewall products allow you to make complicated rules for which programs and/or which ports can connect to the outside world, but that only stops very primitive attempts to communicate to the outside. It would only stop software that you trust to respect your wishes in the first place – and that kind of software is likely to let you allow to configure what it does anyway. Desktop-Firewalls can certainly not stop malicious software from communicating to the outside. The options to circumvent firewalls range from tunneling traffic through other applications/protocols, to simply adding malware to the trusted software list of the firewall or simply turning off the firewall (when malicious software acquires the necessary rights) etc. etc.
  • The expertise needed to properly configure a firewall, inherently requires you to have knowledge of what services/software are running on your system in the first place. But at that point you hardly have any benefit from it in the first place.
  • New/additional risks from using a firewall are [wrongly] inflated sense of security/invulnerability. Bugs/potential Exploits in the firewall itself as outlined above, and (often) the hassle of dealing with using and maintaining them.

Instead of using firewalls, my recommendation would be to always keep all software on the desktop up-to-date with all patches, at least all software which in some way accesses the network, or is reachable via the network, which is certainly the OS, browser/mail programs and potentially a couple of other programs. It’ also a good idea to read their respective manuals for how to configure them in a secure way. Never use outdated, unmaintained software with network-access.

Offline

#11 2006-11-23 12:29:44

net-carver
Archived Plugin Author
Registered: 2006-03-08
Posts: 1,648

Re: firewalls

James

If you are sitting behind a NAT router that will actually take care of incomming connections.

There’s a good security podcast done by a guy called Steve Gibson that talked about using NAT routers as firewalls way back in episode 3 (over a year ago now). Here are the NAT Router as firewall notes from the show too.


Steve

Offline

#12 2006-11-23 14:10:41

ruud
Developer Emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: firewalls

Would that be this Steve Gibson ;)

Offline

Board footer

Powered by FluxBB