Re: [Full-disclosure] PC Firewall Choices

Personally... I'd choose to use monowall... google it, fast, secure, easy as hell to use...

-Adriel

-----Original Message-----
From: Nick Hyatt <me@xxxxxxxx>
To: 'Nic Werner' <nicwerner@xxxxxxxxx>
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Sent: Tue, 17 Jan 2006 18:59:52 -0700
Subject: RE: [Full-disclosure] PC Firewall Choices

Given the choice between one of those selections and a standard Linksys
router / firewall combo, wouldn't it be safer to go with the hardware
firewall? I find the configuration options to be quite a bit more in-depth,
and the hardware firewall doesn't get itself as stuck in the system as say,
ZA does.

Nick Hyatt
me@xxxxxxxx


-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Nic Werner
Sent: Tuesday, January 17, 2006 4:05 PM
To: Steven
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] PC Firewall Choices

ZoneAlarm - gets in the way, and hard to diagnose problems. You end up
turning it off because it never remembers your settings and you can't trust
it.

Kerio - I liked the best, but the GUI would crash when trying to display all
your packets. This is a known bug. Allows you to create rules, and to see
how they are applied in comparison to the system-generated rules. Definitely
try.

8Signs - Said it had stateful packet inspection, but didn't. I gave up
trying to poke a hole for TFTP.

I haven't tried Tiny, its next on my list. The toughest part about these
firewalls (for me) is determining how/when a packet is filtered.
Does it hit the internal rules first or does it check against yours?
If one time you hit Permit on a pop-up window, can you go into the program
and find rule?


On 1/17/06, Steven <steven@xxxxxxxxxxx> wrote:
I am looking at supplementing the Windows XP (Pro) SP2 Firewall with
a
third party product on a bunch of Windows machines. I am trying to
determine what product to go with and wanted to solicit some opinions
from this mailing list. The four that I really come across and have
used in some cases are ZoneAlarm, Sygate, Norton, Kerio, and Tiny.
My
understanding is that Norton has actually acquired Sygate and that
the
Sygate Personal Firewall probably wouldn't be the best choice of
these
now. With that in mind I am looking for a product that easy to
setup, 
easy to use, works well, and does not take up too much in terms of
system resources or harddrive space ( I also don't want it to add 20
minutes to the boot process either).

I am not looking for e-mail protection, anitivrus, or any other
non-firewall type services to be included. I do however want it to
be 
able to manage applications and their internet usage.  (i.e. if they
install something new that tries to access the web (trojans included)
they will get a popup telling them something is doing this).

Any suggestions and opinions on the above products and any others
that 
I might not have mentioned are welcomed.

Also -- on top of this if someone knows of software/hardware that can
scan these machines and verify whether or not both the SP2 FW and/or
the 3rd part FW -- and perhaps prevent them network access if they
are 
not running -- please let me know. [I am not sure what security
products have these capabilities]

Thanks

Steven


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



--
- Nic
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] PC Firewall Choices
    ... Subject: [Full-disclosure] PC Firewall Choices ... My>understanding is that Norton has actually acquired Sygate and that the>Sygate Personal Firewall probably wouldn't be the best choice of these>now. ... >Charter: http://lists.grok.org.uk/full-disclosure-charter.html ...
    (Full-Disclosure)
  • RE: [Full-disclosure] Bypassing Personal Firewall, is it that* hard?
    ... knowing better than me in all aspect as far as AV / Firewall goes. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Zotob Worm Remover
    ... problem was most of the laptop users are normally behind a firewall ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] PC Firewall Choices
    ... I am not certain as to how viable of an option this "idea" would be, but what about a totally R/O firewall after configuration? ... Subject: [Full-disclosure] PC Firewall Choices ... a hardware firewall can't be compromised as ...
    (Full-Disclosure)
  • [Full-disclosure] OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference kernel pani
    ... At the following URL you will find a advisory related to OpenBSDs ... PF firewall in OpenBSD 4.3, 4.4, 4.5 and OpenBSD-current. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
Quantcast