RE: [Full-disclosure] PC Firewall Choices

> -----Original Message-----
> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf
> Of Nic Werner
> Sent: Wednesday, 18 January 2006 10:05 AM
> To: Steven
> Cc: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: Re: [Full-disclosure] PC Firewall Choices
> Importance: High
> ZoneAlarm - gets in the way, and hard to diagnose problems.
> You end up turning it off because it never remembers your
> settings and you can't trust it.

Rubbish. Sure it gets in the way. It is MEANT to get in the way. If you
close it down, it is likely because you don't know how to drive it. The prog
CAN be a little hard to newbies to understand if you want to go internet
banking etc but people on this list ought to know how to handle it.

As to trust, you have to be joking if you trust any firewall, software or
hardware, to keep you safe. About the only way to keep your computer out of
the reach of someone with the knowledge, initiative and will is to pull the
power plug out of the wall BEFORE they get to it. For every "I know what I
am doing" security professional, there is someone without credentials who
doesn't mind that professional thinking that at ALL.

> Kerio - I liked the best, but the GUI would crash when trying

Keep track of what is going on with it. Personally I prefer vintage cheese
to Swiss Cheese.

> to display all your packets. This is a known bug. Allows you
> to create rules, and to see how they are applied in
> comparison to the system-generated rules. Definitely try.
> 8Signs - Said it had stateful packet inspection, but didn't.
> I gave up trying to poke a hole for TFTP.

Haven't tried that one.

> I haven't tried Tiny, its next on my list. The toughest part

Not worth even downloading. I did download it and I regret that.

If someone wants to supplement Windows XP firewall and doesn't really know
what they are doing, I always say to get the free ZA to start with and learn
from there THEN decide what they want to do. One thing that ZA does very
well is log things you want logged. I love that bit on it at least. I use it
to test hardware firewalls and installations in other ways behind routers.
You'd be amused at how many hardware/router "I'm SAFE" types go bug eyed
when I show them a simple log from ZA of innocuous and not-so-innocuous
things that have come right by their router/hardware firewall without
touching the sides and bounced off ZA.

Note - I am not spruiking FOR Zonelabs. I just like the logs bit and also
like to tell newbies to start there and build up their knowledge.

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Relevant Pages