tommyk Posted June 24, 2005 Share Posted June 24, 2005 OK . . . since my system is finally up and running OK . . . I need a free firewall. I've read many posts here with a wide variety of what's the best. What do YOU use and why? Kerio? Sygate? Outpost Free? Zone Alarm? Any others that are up there in rankings? Thanks Link to comment Share on other sites More sharing options...
Moderators TwistedMetal Posted June 24, 2005 Moderators Share Posted June 24, 2005 Kerio? <-- Never used it. Sygate? <-- Never use it. Outpost Free? <-- Never used it. Zone Alarm? <-- Been using it for years. Hope that kind of helps. Your Friendly Neighborhood Piriform Forum Moderator Quick Links: CCleaner Products | CCleaner Documentation | Knowledge Center | Downloads | Lost License Key Link to comment Share on other sites More sharing options...
Capman Posted June 24, 2005 Share Posted June 24, 2005 Ditto, I am exactly the same as TwistedMetal. Link to comment Share on other sites More sharing options...
n8chavez Posted June 24, 2005 Share Posted June 24, 2005 If you are adimate about staying with a freeware software firewall, my vote would go towards kerio (KPF 2.15). Find it here: http://www.kerio.com/dwn/kpf2-en-win.exe That is hands down the best freeware rule-based firewall there is. If you chose that one be sure and get help with your rule-set (PM me if you need help) If you feel like spending a little cash and purchase a shareware firewall, I would strongly consider Agnitum Outpost Pro (www.agnitum.com). There is another option, which I personally use. Research LooknStop a.k.a. LnS (www.looknstop.com) It is the best firewall I have ever seen. It is rule based (as better firewalls are) and haave an extremely small footprint (uses little system resources). PM more is you want further details. Link to comment Share on other sites More sharing options...
DjLizard Posted June 24, 2005 Share Posted June 24, 2005 If you're going to *buy* a firewall, buy a firewall -- a Stateful Packet Inspection (SPI) firewall [this is a piece of hardware]. Why waste money on software to bog your system down? Get a *real* firewall. I knew back in the day when software firewalls were coming out that there'd be this kind of trouble... man I hate software firewalls I use peerguardian.. that's my only firewall. Click here if CCleaner Issues are re-appearing DjLizard.net DjLizard.net wiki Dial-a-fix Dial-a-fix tips DjLizard.net software support forum Do you live in Bradenton, Sarasota, Tampa, or St. Petersburg, Florida? Visit Digital Doctors where I work Link to comment Share on other sites More sharing options...
n8chavez Posted June 24, 2005 Share Posted June 24, 2005 Hardware firewalls are nice but can not take the place of software firewalls. You cannot have application filtering with them. Also, you cannot have some of the feartures of Outpost (ad blocking, reffer blocking, cookie blocking, etc) Also hardware firewalls, for whatever reason, always respong to ICMP echo pings, so you would not be COMPLETELY stealth. FYI, PeerGuardian is not a firewall it is an IP address blocker, and a damn good one at that (v2) Link to comment Share on other sites More sharing options...
DjLizard Posted June 25, 2005 Share Posted June 25, 2005 Yeah I know that it's not a "firewall". It's a kernel level blackhole filter. But effectively, it's a firewall. What else could "IP blocker" possibly mean? I put in an IP address, I get no IP packets from that address any longer. Yes, it's not stateful, and is fully manual. Oh well. It's all I use. I don't use a hardware nor software firewall. Application filtering is probably nice for people who don't know anything about what their software is doing, but there's another edge to the sword. The application firewall is going to ask a lot of questions about what the user wants the application to be able to do, and invariably, the user is going to have to *guess*, because they don't understand firewalling, application behavior in general, or the application is named badly and is confusing, etc. I don't know how many customers I've had where they actually blocked Internet Explorer itself, as well as svchost/generic host process et al... Several times, a customer has had two or three antivirus/firewall combinations running at the same time, and they would constantly ask if the other one could do something. Norton Internet Security has a funny habit sometimes of asking if Norton Internet Security can access the internet. Any hardware firewall that responds to ICMP when you tell it not to is not the firewall you'd want. Sounds like a piece of crap to me. You made it seem like ALL firewalls do this, when that is not the case. Click here if CCleaner Issues are re-appearing DjLizard.net DjLizard.net wiki Dial-a-fix Dial-a-fix tips DjLizard.net software support forum Do you live in Bradenton, Sarasota, Tampa, or St. Petersburg, Florida? Visit Digital Doctors where I work Link to comment Share on other sites More sharing options...
Eldmannen Posted June 25, 2005 Share Posted June 25, 2005 All Windows firewalls sucks, they're basically toys, often as trivial as having a ON and OFF button. Often combined with a fancy IDS that tend to get people paranoid. Best I've come across is iptables/netfilter on Linux, it's sweet. Because you can configure alot of aspects of it, reject/drop packets, define ICMP type to filter, SYN packet, ip/port/protocol, etc. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted June 25, 2005 Moderators Share Posted June 25, 2005 None Link to comment Share on other sites More sharing options...
agumon Posted June 25, 2005 Share Posted June 25, 2005 yup... none.. --==aGumon==-- Link to comment Share on other sites More sharing options...
d2e Posted June 28, 2005 Share Posted June 28, 2005 got all but not using any coz i trust my isp virtual firewall Link to comment Share on other sites More sharing options...
Moderators Andavari Posted June 28, 2005 Moderators Share Posted June 28, 2005 got all but not using any coz i trust my isp virtual firewall <{POST_SNAPBACK}> What if your ISP gets hacked, or infected? I'd be using something if I was you. Link to comment Share on other sites More sharing options...
d2e Posted June 28, 2005 Share Posted June 28, 2005 check this article http://news.bbc.co.uk/2/hi/uk_news/4071708.stm and than tell me wat u think of firewall Link to comment Share on other sites More sharing options...
d2e Posted June 28, 2005 Share Posted June 28, 2005 if some 1 can hack Nasa, the US Army, US Navy, Department of Defence and the US Air Force. computer than i don't think any fire wall can help me to protect my computer Link to comment Share on other sites More sharing options...
d2e Posted June 28, 2005 Share Posted June 28, 2005 AND BEST OF ALL I'M USING PROXY IP Link to comment Share on other sites More sharing options...
Moderators Andavari Posted June 29, 2005 Moderators Share Posted June 29, 2005 check this article http://news.bbc.co.uk/2/hi/uk_news/4071708.stm <{POST_SNAPBACK}> The U.S. gov should hire him to help defend the systems! Link to comment Share on other sites More sharing options...
Newhotness Posted June 29, 2005 Share Posted June 29, 2005 DJ, i checked out PeerGuardian, what do you mean by ... Yes, it's not stateful, and is fully manual. Oh well. <{POST_SNAPBACK}> are you saying its too advanced for your tipical user to understand, or that theres too many things to manually set up? would you recomend it to anyone or just certain types of people? thankx Link to comment Share on other sites More sharing options...
DjLizard Posted June 29, 2005 Share Posted June 29, 2005 About manual: It's not a firewall, so blacholing an IP involves manually adding the IP to the database. (The program is designed to block 300+ million IP addresses that belong to spammers, P2P robots, US-government watchdogs, spyware sites, rogue advertisement sites, and more) About stateful: It's not a firewall, so it doesn't deal with packets on an 'if-then-else' basis. It discards either all, or none, of the packets from a given IP address. It's not really that advanced for a user. A user can turn it on and forget about it, really. Until they have a problem connecting to a certain IP... then they have to turn off PG to see if PG is blocking it. PS: If you use PG, you have to unblock my website. DjLizard.net's IP belongs to a range that used to belong to scammers/spammers/spyware peddlers, but since those kinds of people are fly-by-night, as soon as they got IP banned in the major lists, they left. Then comes some unfortunately soul (me) who has to deal with the fact that I'm on a banned IP range, all because of someone who was using the IP only for a few moments. IP blocks get bought and sold all the time, and blocklists really wreak havoc on those transactions. :/ Click here if CCleaner Issues are re-appearing DjLizard.net DjLizard.net wiki Dial-a-fix Dial-a-fix tips DjLizard.net software support forum Do you live in Bradenton, Sarasota, Tampa, or St. Petersburg, Florida? Visit Digital Doctors where I work Link to comment Share on other sites More sharing options...
d2e Posted June 29, 2005 Share Posted June 29, 2005 keep track of external connection netstat in command menu netstat -N to check connection with port deatail (active port detail) Link to comment Share on other sites More sharing options...
bpm3k Posted June 29, 2005 Share Posted June 29, 2005 I like zone alarm. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now