Best firewall

[mercurial]

I know you said not to mention ZoneAlarm, but ZoneAlarm is free and it's fantastic. Had it for more than one year and it has blocked many hacking attempts to my machine and it obviously also blocks unwanted outgoing connections, which you can either allow or deny, as it will present with a pop-up asking you what to do. Haven't had any problems with it and I would highly recommend it.
Check out this link which specialises in firewalls -> http://www.firewallguide.com/software.htm

 

[Asha'man X]

Sygate is a great system, but unfortunately it was killed off a few years ago when Symantec bought it. Pity really, as it was one of the best I've worked with.

Been using Comodo since earlier this year, and it's blocked hundreds of attempts to get it. Has also saved me from getting some malware thanks to Defence+

 

[Ryder_JHB]

www.pfsense.com would be my choice, but I KNOW Libs will disagree

 

[The_Unbeliever]

www.pfsense.com would be my choice, but I KNOW Libs will disagree

I don't disagree

At this stage I think you need to look at what is out there, and select the distribution you will be more familiar and comfortable with

Makes more sense that way...

I prefer Smoothwall because of the support forums (community.smoothwall.org/forum) which has got friendly people on who's willing to help you with your problems.

Regards

Libs

 

[Ryder_JHB]

Yup, hear ya! From a wug point of view, myself an pfsense have become good friends!

 

[The_Unbeliever]

Yup, hear ya! From a wug point of view, myself an pfsense have become good friends!

Also you will need to look at what you want to do, and what it is going to be used for, and select the distro that will suit your needs as closely as possible without a lot of modifications.

Reason : when you need to reinstall, it will be straightforward, and you won't waste time installing various mods and addons just to make it work. Keep in mind you tend to forget what you did to get something to work if you make extensive modifications - which means time wasted. (I'm at the stage where I want to waste as little time as possible on a reinstall).

 

[Turiko]

And, as a suggestion, what about hardware firewalls? Has anyone considered those?

 

[AirWolf]

And, as a suggestion, what about hardware firewalls? Has anyone considered those?

Such as Smoothwall and PFsense already mentioned above?

 

[SecretCode]

I think Turiko means prebuilt firewall appliances ... basically any gateway router with firewall capabilities: netgear, dlink, billion, etc. These boxes generally do the job but have less configurability and much less logging power than a smoothwall/ipcop/pfsense PC-based firewall.

otoh, Noah is really looking for a single PC firewall. And Comodo is the best. But he hates it. A bit stuck, therefore!

 

[Turiko]

I think Turiko means prebuilt firewall appliances ... basically any gateway router with firewall capabilities: netgear, dlink, billion, etc. These boxes generally do the job but have less configurability and much less logging power than a smoothwall/ipcop/pfsense PC-based firewall.

otoh, Noah is really looking for a single PC firewall. And Comodo is the best. But he hates it. A bit stuck, therefore!

yes I meant network hardware as in pre-built devices. In general terms they have much less logging but who looks at logs unless the attack is taking place.

I am just wary of software firewalls, as I have had cases where they've been easily bypassed by hackers.

 

[The_Unbeliever]

yes I meant network hardware as in pre-built devices. In general terms they have much less logging but who looks at logs unless the attack is taking place.

I am just wary of software firewalls, as I have had cases where they've been easily bypassed by hackers.

The Billion 7402X allows VLANs - maybe this will be of some assistance?

 

[SecretCode]

I am just wary of software firewalls, as I have had cases where they've been easily bypassed by hackers.

That would indeed be serious. Can you give me some examples of hackers bypassing a smoothwall, ipcop or other external software firewall?

 

[Turiko]

That would indeed be serious. Can you give me some examples of hackers bypassing a smoothwall, ipcop or other external software firewall?

It happened to me in 2005. I no longer have the machine or the firewall concerned so it would be difficult to provide any other details. Besides, in terms of hacking it is far more difficult to get through hardware than it is through software.

 

[SecretCode]

I'm still confused. But with respect I think you are more confused. Can you give me an example of a hardware firewall? One that does not have any software on it?

I think you may be differentiating firewall "appliances" with dedicated, purpose-written firewall software from general-purpose PC hardware ... with dedicated, purpose-written firewall software like Smoothwall, ipcop, pfsense, etc.

Anyway, please enlighten me, because in my ignorance it seems like this statement has no meaning:

in terms of hacking it is far more difficult to get through hardware than it is through software.

 

[Threepwood]

Comodo works great..if you disable the HIPS part of it (Defender+). If one doesn't disable it then using the PC feels like one continuous session of 20 Questions.

http://mybroadband.co.za/vb/showpost.php?p=2051987&postcount=11

 

[Threepwood]

I'm still confused. But with respect I think you are more confused. Can you give me an example of a hardware firewall? One that does not have any software on it?

H/W firewall means a Firewall that's built into a H/W device. Like a router with a built in firewall, AFAIK you can get a stand alone H/W firewall and hook that up to a router/switch/modem etc.

It does have s/w (firmware, s/w that's "built-in" to the device, and is updateable), but when one says a S/W firewall they mean an app on a PC like Comodo/Zonealarm/WinXP firewall etc.

 

[SecretCode]

Hi Threepwood. My q was really for Turiko. I agree with your definition - but how would you classify external firewalls like SmoothWall or IPCop? They're clearly not "built in" to a hardware device, but they don't have the weaknesses that in-PC firewall software can have.

 

[Threepwood]

Okay well, I didn't honestly think of stuff like Smoothwall and IPCop, I haven't used them yet.

Some experts will probably have to give you a definitive answer, but I'd say SmoothWall and IPCop would be software firewalls. They are software themselves, the box it is on is not a firewall until it has SW or IPCop.

As for the weaknesses that on PC firewalls have, I'm not really aware of any (but I'm not a security expert), other than, a lot of people would have perhaps an IPCop box/External H/W firewall as well as a software firewall on actual PCs.

More firewall action = better security, I don't see why not

 

[gpe]

Outpost Firewall , with the Blockpost Plugin. Disable all other plugins except "Attack Detection" and "Blockpost". Best bet for a software firewall imo.

 

[LazyLion]

windows firewall