Hi all,

This seems like good firewall solution for home users.

http://www.download.com/Agnitum-Outpost-Firewall-Pro/3000-10435_4-10380991.html?tag=stbc.gp

Anybody tried it yet?

Regards
A

Hmm, looks like it does pretty much the same as the free Zonealarm firewall.

I use Zonealarm and Smoothwall.

You really do need a hardware firewall in conjunction with a sofware one.
The software firewall is really just to stop programs "talking to home" so to speak.

If your on ADSL and have a router, then your sorted. I've got a router, but prefer the flexibility Smoothwall gives you, so I run the router in bridged mode.

You can setup a smoothwall on really old hardware - quite literally a PC that you couldn't sell for R100. 2 NIC's, a PII, 16meg of RAM, 1gig HD and your sorted. You only need a monitor and keyboard for the setup, after that, bung it in a corner and forget about it :D

Anything wrong with the Windows Firewall - or should I bother with something else?

Hi all,

This seems like good firewall solution for home users.

http://www.download.com/Agnitum-Outpost-Firewall-Pro/3000-10435_4-10380991.html?tag=stbc.gp

Anybody tried it yet?

Regards
A

I have the Pro one. It works very well, although when you allow a .exe application, it only allows 1 port to be opened automatically - that could post a problem if you need programs like Steam etc

And to add on to bb_matt's Smoothwall suggestion. There are several mods available, including one that our capped brethren would like - a bandwidth measurement mod that measures up and downloads etc. Smoothwall really is an excellent little product.

anyone here tried Smoothwall with MyWireless ?

Anything wrong with the Windows Firewall - or should I bother with something else?
Windows Firewall is only IPv4 traffic (AFAIK there was talk of a patch that gave IPv6 support) and only incoming. So software on your machine can still do what it wants online. Compared to ZA which protects everything (incoming and outgoing)

Can the Smoothwall operate with a remote admin program or does it use a web interface?

anyone here tried Smoothwall with MyWireless ?

Yep - used to run it with MyWireless, but you'll need an Ethernet cable, unless you can hack TheRodent's Linux kernel patch into the smoothwall kernel - most definately not easy unless your well clued up !

On the Ethernet cable, it runs as a PPPoE device.

Not possible since his driver requires Kernel 2.6

Windows Firewall is only IPv4 traffic (AFAIK there was talk of a patch that gave IPv6 support) and only incoming. So software on your machine can still do what it wants online. Compared to ZA which protects everything (incoming and outgoing)

You're assuming home users have both IPv6 enabled on their windows machine, as well as IPv6 peering.

I use Tiny Firewall 2005.

Not possible since his driver requires Kernel 2.6

Well, it would be possible, but you'd have to first hack the 2.6 kernel into Smoothwall :D

You're assuming home users have both IPv6 enabled on their windows machine, as well as IPv6 peering.
what? you mean people don't....come on kar I know you have it on your BSD box there and I have it, and we are normal right ;)

Anything wrong with the Windows Firewall - or should I bother with something else?

well its better than nothing. expect an update to it soon - the firewall that ships with windows 2003 server SP1 is MUCH MUCH MUCH better than the one with XP SP1.

However, i would say go with a hardware based firewall. much better. something like a pix or fw1 would do just fine...

...the one with XP SP1.
...Did you mean SP2?

aw ****. its been a long day. thanks for pointing that out IC... yes, i meant sp2.

I agree, I run 2003 on my home server and the firewall just works, you don't have to spend hours configuring rules.

LOL :D

One thing I'm curious about - firewall latency - if you've got VoIP traffic running through a h/w firewall and then a s/w firewall as well [and back again], it must add to latency - especially Windoze running a s/w firewall will no doubt add some latency due to timeslicing etc...?

correct, although its way too late to go into the detail :D good rule of thumb - use a DMZ for VoIP applications so that you are at least not double NATing...
Windows Firewall doesnt typically add much to latency, except if you are using IPSEC...

Ok, sounds like a good enough reason to stick an OrangeNIC in my SWE2 box, I don't have a Wireless AP router + h/w firewall [yet], just SWE2 and firewalls on Windoze...:D

Actually latency is negligible unless your CPU is running near 100% or managing a LOT of threads.

Actually latency is negligible unless your CPU is running near 100% or managing a LOT of threads.You know what they say about the latency straw that broke the VoIP's back...

Every little bit of latency along the way adds up, also when using Skype for example, it is not recommended to be running any other processor intensive processes...

You know what they say about the latency straw that broke the VoIP's back...

Every little bit of latency along the way adds up, also when using Skype for example, it is not recommended to be running any other processor intensive processes...

Well for me the firewall is running on a different machine so that isn't an issue ;) I've completely disabled the XP firewall on my machine. I've tested latency on the Win 2003 machine with the firewall both on and off and to be honest I've struggled to find a consistent difference. Skype works 100% unless there's a lot of other traffic so latency isn't a problem (I'm on ISDN). The machine itself doesn't really do anything most of the time other than firewall and NAT'ting so the processor has plenty of time to dedicate to it :)