| What firewall to use for my home computer? No, this is not a question, but and answer to the #2 most posted problem people are having.
First of all any firewall that you are comfortable using should work just fine. The most common firewall run here is Zone Alarm. It is very good for beginners that do not know how to make rules up for more advanced firewalls, but it is also a strong firewall and many security gurus run it as well. One of the cons with this firewall is it's GUI interface and on some machines it's stability. I never liked the GUI, and it always crashed. I quickly dumped that firewall. ZAP(Zone alarm pro) is almost the same firewall, but you need to buy it. If you have the money and do run ZA I'd recommend you buying it, because the programmers of ZA need to eat as well.
Black Ice Defender(BID) is a very powerful Packet inspector, but should not be used by itself because BID does not provide outbound protection. I have read through it's entire database of what it detects, and very little will be seen by the home user. It also has many false positives that will be seen by the home user and are very annoying. I do think it is good for people that run web, ftp, dns, smtp. or pop3 servers. In it's database it detects many vulnerabilities designed to exploit those services.
Norton Personal Firewall (NPF)/Norton Internet Security(NIS). They are almost the same program, with NIS providing you with web content filters. This is the firewall that I run. It is very strong and has never crashed on me. When a program trys to access the internet it provided the user with a lot of information, and allows you to make very complex rules. I would not though recommend this firewall to new people. In order for it to work you need to know how to create rules for programs. I saw a post once saying that they recieved a very low score on the DSLR security test, and that this firewall was a waste of 40 bucks. I replied saying that if they had spent the time creating rules that they would see that the firewall is one of the best and IMO better than the more commonly used ZA. It also has some features to block activeX controls and Java, as well as feature to protect you private information, and the info your browser reports to web sites. Simply put a very good firewall if you have the time to create rules and know how to use them.
@guard is no longer made, but some people do have it. I had a demo way back when and like NPF it is very strong. This is the core of older versions of NPF and is just as good as it. Has all the same features as the above firewall.
Sygate is a firewall I have not used, but I do know people that use it, and they say it is very nice. I'd recommend you trying it if you do not like any of the above firewalls.
IP chains, etc for linux. I do not have a linux box and have never used them, but they are very strong as most linux programs are. I'd suggest you taking a trip to the all things unix forum, or posting here to learn how to configure them.
NAT routers are very strong but are do not have as much out bound protection. You should still use a firewall even with a nat router. If you have a nat router make sure to use the IP filtering rules to block things such as netbois that should never be sent to the internet. You should also block most of the ICMP protocol, and if you want to, make your router unpingable.
Packet inspecting hardware firewalls are useless for the home user. They will block the same things that most software firewalls will block, but are very good for people who run servers. There was a long post about leaving the front door wide open and shielding the rest of the house, that I would not like to explain, but brings these types of firewalls down to a very basic level for people that are just getting into security.
On final note, I'm sure there are other firewalls out there, but these are the most popular. This is the poll for firewalls. I'm sure people will disagree with me, but hopefully not buy much.
--
My Web SiteJOIN TEAM ECOLOGY FUND |
|
 FatJackPremium
join:2001-06-26
Barnwell, SC | Well written Gameboyrom. It all depends on how you config any of them, I guess. I use ZA with a router. I set the rules in it to my needs.
--
When all else fails, read the directions |
|
 FiOS DanPremium
join:2001-07-06
Redondo Beach, CA | reply to gameboyrom
Way to Go Very helpful post gameboyrom--nice going.
As you correctly stated regarding NPF/NIS "Simply put a very good firewall if you have the time to create rules and know how to use them." May I offer a suggestion on this, courtesy of gt7697c?
If you are running either of these programs--go to this site, click on the >AtGuard & NIS folder, and read about and then download >Rules Viewer and >Log Analyzer>NIS Log viewer.
The combination of these two proggies makes creating and subsequently "tightening up" your rules and rule set a lot easier.
--
"Baby Sister, I was born game and I intend to go out that way." |
|
 jvmorrisI Am The Man Who Was Not There.Premium,MVM
join:2001-04-03
Reston, VA | reply to gameboyrom
Re: What firewall to use for my home computer? Gameboyrom,
(aaarrghh, would you guys stop this? It's driving me nuts!  )
At any rate, I've been waiting for an opportunity to quote the following, and this looks like an appropriate spot to append it. It applies to all of the alternatives you discuss and is equally applicable to the others yet to be brought up here:
"NOTICE: this product will provide an adequate level of protection for most home users when used with other security products, configured and maintained properly, and accompanied by an at least minimal understanding of general security concepts. User results will vary, depending upon user's naivete factor..." (Gwion wrote this; so I propose we call it the Gwion Notice.)
--
Regards,
Joseph V. Morris |
|
 DudeWhat Happens When I Do ThisPremium
join:2000-11-20
Chicago, IL | reply to gameboyrom
well written GBR |
|
 bigdogsleepsLets Play Catch.Premium
join:2000-09-24
Dumont, NJ | reply to gameboyrom
nice job answers alot of questions very well put. |
|
|
|
| reply to gameboyrom
»www.firewallguide.com/
Good Review, This guys has the web site.
I do have a few questions.
Which firewall do you use and why?
Do PC manufactures now sell aii thier machines with a software firewall included and if so which one is leading the pack ?
Thanks. |
|
 DanielPremium,MVM
join:2000-06-26
San Francisco, CA | reply to gameboyrom
Firewall evaluations... This was a very nice post. I especially thought that the piece on Norton's Firewall was good. I have always liked it very much and respected it, but never thought just how good it really was until he pointed it out. I would say it is second on my list.
Number one on my list for this kind of software solution is Tiny, which he somehow omitted. No fault in that really since the rest of the post was so good.
One other minor comment I have is his point about dedicated firewalls with stateful inspection being worthless for home users. One could argue that the very things that he likes about Norton are usually in higher level firewalls that are dedicated and use SPI. These types of devices may be overkill, but I wouldn't say they are useless.
Overall though, the comments were great.
--
"Opportunities multiply as they are seized." - Sun Tzu |
|
| reply to gameboyrom
Re: What firewall to use for my home computer? Run two FireWalls ZAP,Norton together! |
|
| reply to gameboyrom
What about Tiny ??
he didn't say anythin' about Tiny i think it's really great firewall after u stopped usin' Zonealarm PRO and u want smthn more, harder and advance go either to Norton's Firewall or Tiny. |
|
 LithpThay It...Thay It
join:2001-11-22
Beverly Hills, CA | reply to gameboyrom
Outpost. |
|
| reply to gameboyrom
I'm sorry about Tiny, I have never ran it and that's probably why I forgot it. |
|
| reply to gameboyrom
That's all right, anyway i liked your answer to that question, BUT u should give Tiny a try. |
|
| reply to gameboyrom
I've given all the others a try and I'm comfortable with Norton, I really don't want to get rid of it. |
|
Anon | reply to gameboyrom
I've run just about every popular and semi-popular firewall on the market. Hardware solutions excluded, I would recommend ZA for newer users and Tiny for more advanced users. ZAP has some additional features over ZA but still not as functional as tiny and still leaving a slightly larger footprint. |
|
 CapstoneKiss My Shiny, Metal AssPremium
join:2001-08-12
Springfield, OH | reply to gameboyrom
ZAP and D-Link router. Works for me. |
|
| Linksys Router with Tiny.  The why is: I need the router for a small home network, and Tiny gives me most of the control I need for my stations. I am planning to step up to WinRoute Pro shortly.
--
»www.theguardianangel.com .... to establish an atmosphere of safety online.... »www.Cyber-Hood-Watch.org .... to promote awareness |
|
DanielPremium,MVM
join:2000-06-26
San Francisco, CA | reply to gameboyrom
said by gameboyrom:
I've given all the others a try and I'm comfortable with Norton, I really don't want to get rid of it.
Norton is a great firewall and the rules are nearly as configurable as Tiny's, so you are in a good boat there I think.
Again, nice post. Very helpful to people.
--
"Opportunities multiply as they are seized." - Sun Tzu |
|
 AuthorityObama Biden '12
join:2000-03-29
Woodland Hills, CA | reply to gameboyrom
Remember that OUT bound protection is worthless - it only catches apps that don't mind being caught. Malicious apps can and do masquerade as authorized senders when sending out... and you'll never know it.
Brett |
|
 sigPremium
join:2001-05-05 | quote:
Remember that OUT bound protection is worthless - it only catches apps that don't mind being caught. Malicious apps can and do masquerade as authorized senders when sending out... and you'll never know it.
That's a rather BROAD statement. Worthless? Recently a fellow here discovered he had a Trojan that his AV missed due to ZA blocking it. Outbound blocking "worthless?"
Outside of test apps specifically set up to exploit browser and OS vulnerabilities (which didn't bypass all firewalls), do you have any examples of malicious apps posing as authorized apps and fooling firewalls with outbound blocking using a cryptographic signature for each authorized app? Nothing's perfect and no doubt even the best software firewalls can be improved. But outbound blocking worthless? Please support that all encompassing statement with actual examples. |
|
