Discussion in 'OT Technology' started by quickone, Mar 7, 2005.
Whats better? And what is one of the most protective, secure software firewalls out there today?
I heart Sygate.
neither are really safe. the packet has already reached your computer. i suggest to acctually purchase a hardware firewall. they are price nice and cheaply
That's true, but since he did specify a software firewall, I have used both ZoneAlarm and Sygate. I prefer the network monitoring in Sygate, but have no problem with either one. I do, however use ZoneAlarm on three machines, and Sygate on one.
iptable for Linux
ipfilter for BSD
edit: or rather pf for OpenBSD...
Can't go wrong with either of these, especially if you've got some spare parts and time laying around.
well, both suck, but sygate sucks less because zonealarm sucks most...
i've used both but never tried the hardware option, maybe i'll try something in upcoming weeks
True. Or if you have an older computer lying around you can make one for free. You can get the software at www.smoothwall.org or there are other options too such as IPcop, etc.
ok if both these free firewalls suck. which one do I use?
Sygate uses fewer resources and doesn't have the super huge / super gay gui that zone alarm has. Gotta go with it.
Do you have Windows XP? The SP2 one really isn't that bad. I've been using it since I installed SP2 and have no complaints... Pair that with a router, and you're good to go.
I prefer IPCop http://ipcop.org/ over smoothwall. At least your not downloading an 'express' version thats trying to get you to purchase the commercial version.
MS's firewall will do just as good as these, and its also free.
both of those are peices of shit. Norton firewall sucks too.
Your best bet is stick with the MS firewall, or get yourself a DSL/Cable router.
Zone Alarm and Norton is fucking annoying as hell when you have that damn block / unblock popup EVERYTIME you connect to something. Its completely retarded. The MS firewall (SP2) is pretty non intrusive, which is nice. The DSL/Cable router will never give you popups, which is WAY better.
That's true that it asks you if you want it to connect or not. However, you can always select the checkbox, 'Always allow this program access'... and it won't ask you again (for that program). This gives more control of what is going out or not. Like, when you run a program, some users don't know that it is automatically connecting to the manufacturer's website to get an update. The firewall pops up and now you know that the program is trying to connect somewhere. Or maybe somebody downloaded a trojan virus that logs their keys typed (keylogger) which may include your usernames and passwords, and it is trying to send that information to a server. If you don't trust that program, you simply deny access to sending that information. So you just prevented it from sending information, and you also know which program (trojan) you have.
That's exactly what I thought and did... But... it seems that they had some bugs in ipcop 1.4.0 back then. I had problem using scp with it or for some weird reason even if I use the ssh + tar trick to send files won't work. The connection would somehow stall.
I actually have a fairly complicated netowrk setup, I got a bunch of computers running Linux and BSDs. I had isolated the problem to the ipcop box, so I switched back to Smoothwall.
I am not sure if the problem is fixed or not... Ipcop should in theory have a few advantages over smoothwall. Leave aside free or not free, commercial or not commercial, evil or not evil, at least ipcop now provides support for SCSI drives.
Smoothwall imho got a prettier looking interface, I really can't comment and I don't know which one is more secure.
As far as hardware firewall goes. I think a Linksys will do just fine, unless you have special needs such as wanting to run Proxy, IDS, or dedicated NIC for your DMZ.
Speaking of which I actually use my Smoothwall box to do folding, too. Might as well if you gonna keep the machine running.