RE: [Full-disclosure] PC Firewall Choices

From: "Nick Hyatt" <me@xxxxxxxx>
Date: Tue, 17 Jan 2006 18:59:52 -0700

Given the choice between one of those selections and a standard Linksys
router / firewall combo, wouldn't it be safer to go with the hardware
firewall? I find the configuration options to be quite a bit more in-depth,
and the hardware firewall doesn't get itself as stuck in the system as say,
ZA does.

Nick Hyatt
me@xxxxxxxx

-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Nic Werner
Sent: Tuesday, January 17, 2006 4:05 PM
To: Steven
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] PC Firewall Choices

ZoneAlarm - gets in the way, and hard to diagnose problems. You end up
turning it off because it never remembers your settings and you can't trust
it.

Kerio - I liked the best, but the GUI would crash when trying to display all
your packets. This is a known bug. Allows you to create rules, and to see
how they are applied in comparison to the system-generated rules. Definitely
try.

8Signs - Said it had stateful packet inspection, but didn't. I gave up
trying to poke a hole for TFTP.

I haven't tried Tiny, its next on my list. The toughest part about these
firewalls (for me) is determining how/when a packet is filtered.
Does it hit the internal rules first or does it check against yours?
If one time you hit Permit on a pop-up window, can you go into the program
and find rule?

On 1/17/06, Steven <steven@xxxxxxxxxxx> wrote:
> I am looking at supplementing the Windows XP (Pro) SP2 Firewall with a
> third party product on a bunch of Windows machines. I am trying to
> determine what product to go with and wanted to solicit some opinions
> from this mailing list. The four that I really come across and have
> used in some cases are ZoneAlarm, Sygate, Norton, Kerio, and Tiny. My
> understanding is that Norton has actually acquired Sygate and that the
> Sygate Personal Firewall probably wouldn't be the best choice of these
> now. With that in mind I am looking for a product that easy to setup,
> easy to use, works well, and does not take up too much in terms of
> system resources or harddrive space ( I also don't want it to add 20
minutes to the boot process either).
>
> I am not looking for e-mail protection, anitivrus, or any other
> non-firewall type services to be included. I do however want it to be
> able to manage applications and their internet usage. (i.e. if they
> install something new that tries to access the web (trojans included)
> they will get a popup telling them something is doing this).
>
> Any suggestions and opinions on the above products and any others that
> I might not have mentioned are welcomed.
>
> Also -- on top of this if someone knows of software/hardware that can
> scan these machines and verify whether or not both the SP2 FW and/or
> the 3rd part FW -- and perhaps prevent them network access if they are
> not running -- please let me know. [I am not sure what security
> products have these capabilities]
>
> Thanks
>
> Steven
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

--
- Nic
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] PC Firewall Choices
  - From: greybrimstone
- RE: [Full-disclosure] PC Firewall Choices
  - From: Very Unprivate
- Re: [Full-disclosure] PC Firewall Choices
  - From: Valdis . Kletnieks

References:
- Re: [Full-disclosure] PC Firewall Choices
  - From: Nic Werner

Prev by Date: Re: [Full-disclosure] Secure Delete for Windows
Next by Date: Re: [Full-disclosure] Secure Delete for Windows
Previous by thread: Re: [Full-disclosure] Re: PC Firewall Choices
Next by thread: Re: [Full-disclosure] PC Firewall Choices
Index(es):
- Date
- Thread

Relevant Pages

Re: CPU runing at 100%, help
... Could be hardware - but.. ... Clean up and find out.. ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
(microsoft.public.windowsxp.perform_maintain)
Re: WindowsXP slower after reinstall.
... > Did you get on the Internet unprotected by a firewall or antivirus? ... > Also - did you test your hardware before reinstalling - it could be a bad ... > will have to do whatever you did before to get them installed or download ... > You can see the critical patches released for a given ...
(microsoft.public.windowsxp.basics)
Re: WindowsXP slower after reinstall.
... > Did you get on the Internet unprotected by a firewall or antivirus? ... > Also - did you test your hardware before reinstalling - it could be a bad ... > will have to do whatever you did before to get them installed or download ... > You can see the critical patches released for a given ...
(microsoft.public.windowsxp.basics)
Re: No Sound!!!!
... > Creative Sound Blaster software & hardware? ... > Windows cannot load the device driver for this hardware. ... You should at least turn on the built in firewall. ...
(microsoft.public.windowsxp.perform_maintain)
Re: WindowsXP slower after reinstall.
... > this I can reinstall them from backup. ... Did you get on the Internet unprotected by a firewall or antivirus? ... Also - did you test your hardware before reinstalling - it could be a bad ... And no - if you did not download the installable files for the patches - you ...
(microsoft.public.windowsxp.basics)