jsimmons3
join:2006-04-17
San Antonio, TX
| reply to wiener_bur
Re: Just dunno what firewall to use...Which one you use?
Get a Zywall 2+, and abandon software firewalls forever.
It's the best firewall for the money, and you don't have to worry about clogging up your system(s) with software firewalls. It supports SUA for single ISP-assigned IP's (most people) Multi-NAT for those of us with a block of static IPs. The 2+ allows for (I think) five VPN tunnels, if you need that kind of thing.
If you want to save some money, you can find a used Zywall 2 for as little as $40 (the Zywall 2+ is the updated model, but the Z2 is still a decent solution for those on a more strict budget - I got one on eBay for $60).
Mine has been running for a week with five machines behind it, including a web/email/ftp server, a game server, and three workstations and *nothing* has gotten through. For most home users, it's default firewall settings lock your network down so the only thing you have to configure is your connection to the internet and whether or not you want it to be a DHCP server (and your router's password, of course).
I simply cannot recommend a Zywall product highly enough. It's a better choice than the Linksys/Netgear/D-Link consumer-grade products, and the 2+ is reasonably inexepensive (as low as $150). |
|
stonecolddsl
Linux Junkie
join:2004-01-07
Sarasota, FL
 ·Rapid Systems, Inc.
 ·Sprint Mobile Broa..
·Verizon Online DSL
| While the Zywall 2+ is a great product, if you have a old computer sitting in the closet that has at least 64 megs of ram. I would like to suggest pfsense.com
Amazing firewall with all the bell and whistles of higher end cisco firewalls and routers. Great user support in the form of there forums and there irc chat channel #pfsense at irc.freenode.net
Forget a software firewall and use pfsense box. |
|
JAXx
aka Stephen
Premium
join:2000-03-31
New York, NY | reply to jsimmons3
Jsimmons3 are you saying the Zywall 2+ replaces a bi-directional firewall? |
|
jsimmons3
join:2006-04-17
San Antonio, TX
| It *is* a bi-directional firewall. You can setup NT rules for WAN-toLAN, LAN-to_WAN, and LAN-to_LAN.
What I was saying was that the X2/2+ is (IMHO) a better choice for a firewall because a) you don't need to install any software on your machine, b) it's locked down by default, and c) it costs less to run 24/7 than a full-blown PC running [insert your favorite os/software firewall here].
I think everyone connected to the internet should buy a decent hardware router. |
|
jsimmons3
join:2006-04-17
San Antonio, TX | reply to JAXx
Typo: "NT" = "NAT" |
|
daveinpoway
Premium
join:2006-07-03
Poway, CA | reply to jsimmons3
Are you saying that the Zwall 2+ can be configured so as to block certain programs on your PC from talking to the "mother ship"? Blocking such communications is a strong reason for having a software firewall on your PC. |
|
jsimmons3
join:2006-04-17
San Antonio, TX | You can block outbound traffic(by default, all outbound traffic is allowed), so if you know the port numbers, the answer is yes. |
|
markopoleo
join:2003-04-02
Bonne Terre, MO | Hardware router/switch only I recommend. The next piece of security is the hardest to get, reason and common sense when using the internet. That fails lots of people for some reason. |
|
