[fw-wiz] Open Source Personal Firewall?

From: Breno Jacinto (breno_at_gamebox.net)
Date: 12/08/03

  • Next message: Ben Nagy: "RE: [fw-wiz] MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall"
    To: firewall-wizards@honor.icsalabs.com
    Date: Mon, 8 Dec 2003 00:29:57 -0300

    Hello fellows,

      I've been looking for an OSS Personal Firewall (PF) but googling for one
      had no results. Of course we have great options for real firewalls (pf
      is pretty decent), but I'm looking for a solution for the grandma-like user. Any take?

      What about the commercial ones, such as Zonealarm, BlackIce etc.. any
      good recommendations (as well as bad ones)?

      After reading the 'Personal Firewall FAQ' (www.fefe.de/pffaq), which
      is way radical; a quote:

      "You can't improve security of an untrusted system by installing another untrustworthy piece of software.
      You don't have the source code for the operating system or for the new piece of software, so it is impossible to
      verify that it does anything at all, let alone improve security. In the contrary, adding software increases the
      system's complexity, increasing the probabilty for undetected bugs and possible new security problems.

      A firewall is a computer security concept, not a piece of software. Vendors selling you a piece of software (or
      even a piece of hardware) under the label "firewall" are defrauding you."

      Is there any sense on the argument above? I mean, people barely use
      any security layer in their systems, I believe a PF would be better
      than nothing (well it could stop stupid things such as Blaster from

    // Breno Jacinto
    // breno@freeunix.com.br
    // Key fingerprint = A5C3 3B22 140D C973 6AC6 2D62 2318 B8FA 15F9 D3FC
    // Never be afraid to try something new. Remember, amateurs built the
    // ark; professionals built the Titanic. -- Anonymous

    firewall-wizards mailing list

  • Next message: Ben Nagy: "RE: [fw-wiz] MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall"

    Relevant Pages

    • [REVS] Bypassing Client Application Protection Techniques
      ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
    • Re: Recycler security issues on IIS server
      ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    • Re:RE : suggestions on a good firewall
      ... Subject: RE: suggestions on a good firewall ... CheckPoint does! ... with a url-filtering server. ... IT Technical Security Officer ...
    • Why hasnt Symantec addressed nastier Messenger spoofs
      ... Norton / Symantec has been silent on whether Norton Internet Security ... DSL firewall will stop these kinds of pop-ups. ... major ISPs and broadband systems. ...
    • Re: Service pack 2 (XP)
      ... I have a 'theory' that SP2 has a LOT to do with firewall and new browser ... besides those security features. ... The operative word is SPYWARE. ...