nikeherc
join:2004-09-30
Tucson, AZ
| Best firewall for dialup on older computers
What's the best low overhead firewall to use for old computers using dial connections? I have an old friend using one of my very old cast off boxes with NetZero, that is infested with usual assortment of crap. It is a K6-2 400 system so there is not a whole lot of resources to spare. Any recommendations will be appreciated. It is amazing how long a well built home brew system will last! |
|
richter35
Premium
join:2004-01-03
Croatia
| Kero 2.x - link for download look in Kerio - Tiny forum.
Look'n'Stop - »www.looknstop.com
Support and updates for LnS can be found at Wilders - »www.wilderssecurity.com
Outpost is also light - »www.agnitum.com
Kerio is free (version 2), others are not, but are well worth the money. They provide trial versions which you can test to see if it plays well with your system and if it meets your needs. |
|
Dr Tweak
join:2004-09-23
Chesapeake, VA
| said by richter35  :Kero 2.x - link for download look in Kerio - Tiny forum. Hands down Kerio 2.1.5
 |
|
redwolfe_98
join:2001-06-11
 ·RoadRunner Cable
| reply to nikeherc
it is a matter of personal preference.. i use the kerio 2.15.. many people like "zone alarm".. some people like "sygate", and some people like agnitum's "outpost".. another option is to use win xp's firewall, if you are running win xp.. "tiny" is another option..
imo, lock-n-stop is very difficult to use.. |
|
Trooper
Premium
join:2005-05-18
USA | reply to nikeherc
Another vote here for Kerio 2.1.5 |
|
Wildcatboy
Premium,Mod
join:2000-10-30
Toronto, ON
Host:
Security Product V..
Security
| reply to nikeherc
How computer literate is your friend? He/she seems to be a novice otherwise he/she wouldn't get infected like that and if that's the case you might as well forget Kerio or LnS. He's going to stare at it forever not knowing what to do or how to configure it.
A router is out of the question too since he's using dialup. If you can run XP on that machine, the XP's built in firewall may be your best option. Otherwise you may want to look for something like an old version of Zone Alarm. Version 2.6.362 is my suggestion as it has no vulnerabilities worth mentioning and does the job perfectly. Anything after that became bloated with stuff that have nothing to do with a firewall's job and created newer vulnerabilities that they've had to keep patching to this day.
--
You can catch the Devil, but you can't hold him long. |
|
HA Nut
Premium
join:2004-05-13
USA
| reply to nikeherc
I agree with Wildcatboy. Unless this person understands ports and IP protocol, anything beyond ZoneAlarm (or maybe Sygate) is going to be like a foreign language.
I am running free ZoneAlarm 4.5 (still available at Zone Labs) on my 98SE with the latest version of EZ Antivirus and it runs very smooth. No hesitations or lockups of any kind. There are still a couple of things I use that PC for that the XP doesn't have on it. I plan to keep and use it as long as it will hang in there... |
|
Skipdawg
The Original
Premium,ExMod 2001-03
join:2001-04-19
The Void
 ·surpasshosting
| reply to nikeherc
My dad uses PeoplePC dialup and I set him up with Zone Alarm free and he does not have any problems nor does he have to mess with anything. When there is a update I just let him know and he does that. All has been good.
--
Canis timidus vehementius latrat quam mordet |
|
jvmorris
I Am The Man Who Was Not There.
Premium,MVM
join:2001-04-03
Reston, VA
| reply to Wildcatboy
said by Wildcatboy :. . . . A router is out of the question too since he's using dialup. . . . Well, there's at least the SMC Barricade 7004 ABR and the 7008 ABR (and I think there are a coupla others that can be used with dial-up). I used the 7004 ABR for my last year on dial-up (and all of our software firewalls became vewy, vewy quiet. )
--
Regards, Joseph V. Morris |
|
pvale
Lurk, Lurk, Lurk,They Call Me The Lurker
join:2000-03-29
Washington, MO
clubs:
·Charter Pipeline
| reply to nikeherc
If you can find another old box, say Pentium/equivalent or newer, set him up a Freesco dialup router. I used one for a couple of years. You will need a full hardware modem, but it worked great.
--
Using ET photons (Solar Power) to search for ET. |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England | reply to nikeherc
AtGuard. |
|
MillieSecond6
join:2005-04-25
| reply to Wildcatboy
said by Wildcatboy :Otherwise you may want to look for something like an old version of Zone Alarm. Version 2.6.362 is my suggestion as it has no vulnerabilities worth mentioning and does the job perfectly. Older version can be found here:
»www.oldversion.com/program.php?n=zalarm
I did not feel like looking for this older version at Zone Labs. |
|
Greg_Z
Premium
join:2001-08-08
Springfield, IL | reply to nikeherc
Sygate 5.6. |
|
Wildcatboy
Premium,Mod
join:2000-10-30
Toronto, ON
Host:
Security Product V..
Security
2 edits | reply to nikeherc
Thanks JV. I wasn't aware those two routers could do it. Are they still being sold and are they cheap?
By the way the link MillieSecond6 provided, takes you to a bunch of old versions, not all of them are free of vulnerabilities. The one they mention as being version 2.6 lacks the rest of the extension so you can't tell which 2.6 it is. But I can. :)
I believe there were 4 different variations of version 2.6 and the hash for the one on that web site matches 2.6.88. Based on the file hash I can tell you it's authentic and is not modified and it has no vulnerabilities worth mentioning.
[Edit]
The hashes for the genuine 2.6.88 should read:
MD5 B5B985F92F007E3322BD55826A86B6F5
SH1 BDA519D265BEAA43069B843D19D2FDC04B8F95DA
CRC-32 D4B5F1A9
[/Edit]
By the way for those who think newer is better, 2.688 is one version after 2.6.32 which I suggested and the reason I suggested the older one is that I can vaguely remember this version fixed absolutely no vulnerabilities but Zone Labs was kind enough to reduce the Mailsafe feature from quarantining a few dozen extensions to just one (or none or may be a few, I can't recall) and they said "Oh, this feature was there by mistake and we never intended it for the free version. If you like that feature buy the Pro."
I may be wrong about the exact version they did this to people though but I believe that is the one.
--
You can catch the Devil, but you can't hold him long. |
|
jvmorris
I Am The Man Who Was Not There.
Premium,MVM
join:2001-04-03
Reston, VA
| said by Wildcatboy :Thanks JV. I wasn't aware those two routers could do it. Are they still being sold and are they cheap?. . . Don't know, presently. I bought mine about two years ago, for about $70, I think. It's got an RJ-45 WAN connection (for DSL or cable), an RS-232 connection for an external analog or ISDN modem (can be configured for either primary connection or backup in the event of broadband connection failure), a parallel print server port, and the standard 4/8 LAN ports.
Incorporates a rudimentary hardware firewall with some simple IDS capability. (Indeed, this was how I found that I was being inundated with what looked like IP spoofing probes, but were really a hare-brained attempt by my ISP to block something -- Sasser? None of the software firewalls previously in use here (same ISP) were alerting on this traffic as being spoofed IP traffic.)
Documentation sucks. Logging was sort of close to abysmal, but it worked reliably the entire time I was using it. Had three/four PCs behind it running 24/7 throughout a one-year period. (Still can't believe my TELCO never squawked.) More detailed information (and support) should be available on the SMC Forum here at BBR/DSLR still.
--
Regards, Joseph V. Morris |
|
jvmorris
I Am The Man Who Was Not There.
Premium,MVM
join:2001-04-03
Reston, VA
| reply to John2g
said by John2g :AtGuard. I was tempted to recommend that myself, John. But WildCatBoy has a point -- would the customer know how to configure it?
One of the early versions of NIS/NPF (up through NIS/NPF 2002 (version 4.0.x) is another possibility) because all of them can automatically customize the internet access allowed for an application if the user selects that option. BlitzenZeus is probably gonna scream at me  , but they're a bit more user-friendly than AtGuard and perfectly compatible with the what we know of the hardware involved. And, of course, there are well-known third-party diagnostic and documentation utilities available for everything from the last versions of AtGuard up through NIS/NPF 4.0.x.
Only problem would be finding one of these alternatives at the moment.
--
Regards, Joseph V. Morris |
|
BIGMIKE
Premium
join:2002-06-07
Westminster, CA
| reply to nikeherc
Its not necessary to use Firewall with your dialup connection. But its good if you use Firewall. Because it help you to increase your speed. You can manage interent use.
Users with dial-up connections get a different IP address every time they log on.
What hackers are looking for is an unchanging IP address that they tap into and use for their destructive purposes. This makes broadband the perfect target — and dial-ups impractical. While you can never say never, hackers virtually never bother with dial-up connections. The only real danger for dial-ups is from computer viruses |
|
ghost16825
Use security metrics
Premium
join:2003-08-26
| said by BIGMIKE : Its not necessary to use Firewall with your dialup connection. But its good if you use Firewall. Because it help you to increase your speed. You can manage interent use. Users with dial-up connections get a different IP address every time they log on. What hackers are looking for is an unchanging IP address that they tap into and use for their destructive purposes. This makes broadband the perfect target — and dial-ups impractical. While you can never say never, hackers virtually never bother with dial-up connections. The only real danger for dial-ups is from computer viruses Misleading bordering on wrong information. Bots and worms don't know and don't care what kind of connection you have.
--
Admin of the Kerio 2x-like open source project:
http://sourceforge.net/projects/kerio/
http://kerio.sourceforge.net/
|
|
haha15
join:2005-07-04 | reply to Greg_Z
Is Sygate 5.6 released? |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to nikeherc
I agree with WCB that ZA would be best and he has the right version too. I began using ZA many years ago on my then dialup connection when ZA was still in beta and long before I found this site. 2.6.32 was the best of the older ZA versions. As I read this thread that was what popped in my mind and I was going to post about it and then I got to WCB's post.
ZA is easy to use, especially those earlier versions. I was inexperienced with computers when I first got ZA but it was not hard to understand how to set it up. Some of the others mentioned in this thread like Kerio are difficult for the average user ...difficult even for me.
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus |
|
