ScoobyNet.com - Subaru Enthusiast Forum - Firewalls

ScoobyNet.com - Subaru Enthusiast Forum (https://www.scoobynet.com/)

- Computer & Technology Related (https://www.scoobynet.com/computer-and-technology-related-34/)

- - Firewalls - more trouble than good ? (https://www.scoobynet.com/computer-and-technology-related-34/165005-firewalls-more-trouble-than-good.html)

Zonealarm is what you want :)

zone alarm has been proven as spyware and calls home to mama. go for agnitum outpost firewall best of the lot IMO.

cheers

big sinky

Nope .. firewalls are your friend.

SOFTWARE firewalls are a pain in the ar$e though.

get a smoothwall or a router that does runs a firewall away from your desktop.

Steve

gastro, get yourself a router for your adsl. try out zonealarm. IMHO much better than norton.

At this particular moment, I have a small but vitriolic hatred of ISA :angry:

bigsinky

What's your proof that Zonealarm contains spyware? Adware does'nt pick up any, neither does my secondary firewall show any attempts by ZA to 'call home to momma' ?

i think if zonealarm got spyware, i am sure computer journals will pick it up and publish it. dont think zonealarm wanna dig their own grave!

Doesn't ZA check for updates? So it would have to call home for that surely?

I'm not saying it doesn't (I don't run it anymore - proper hardware firewall appliance for me) BTW, but more info would be interesting.

Personally, wouldn't touch Norton with somebody else's barge pole...

I've never got on with personal s/w firewalls. I have a cisco router/firewall. I certainly wouldnt connect to the I/net without something though !

Deano

Gastro,

go into the NFP setup (possibly Advanced Options under the Web tab, depending on the version you are using). Select the web address for the Turbosport site (which provides ScoobyNet pictures) and ensure that you allow the Referrer ID (possibly under Browser Privacy).

When you move from one web-site to another, your brower automatically tells the new site where you came from. Thus, say, ScoobyNet can know that you were just on DebbieDoesDallas.com or whatever. Usually this is blocked by NPF, so that you can maintain at least some privacy, but Turbosport checks that the referrer is actually ScoobyNet so that it's bandwidth can't be misused by other sites.

I hope that makes sense, and that your NPF does it's job properly (i.e. how you want it to work!).

mb

All software firewalls are insecure. They are a comprimise. A sortware program running on the machine it is meant to be protecting is never gonna provide good protection. If I had to use a windows machine, and had to run a firewall on the same machine, I would probably opt for blackice, outpost or NIS. NIS is pretty good but do NOT trust the automatic rule creation. At the end of the day they are better than nothing and will keep your average windows script kiddie out if correctly configured.

If you have the money, and time, set up a *nix box running strict IP tables and snort on the perimiter into some kind of security router (NetGear does a good one for about 150 quid) preferably with NAT (although its a pain in the arse)Packet inspection with strict rules is the only way to protect against a good attacker.

You can also set up extra rules in your OS. If your running windows, you can shut off unwanted services in Start > settings > network connections. Right click on your network connector and select properties. Select TCP/IP and go to properties. Click the advanced tab, then go to the options tab, select TCP/IP filtering and then properties. You can configure to only allow port access you require.

If your running *nix, you don't need any help : p

if you want a free one, get Sygate. Has a great traffic log and you can see what exactly is going on....

Another vote for Sygate - very good software based firewall.

I would agree with Gedi that they are a compromise, but their major function is to protect the average home user from the more common forms of attacks found on the Internet. I've always compared them to house alarms / car alarms. If by their presence, it means that your next door neighbours house is broken into or their car nicked, then your alarm has done it's job. Harsh, but true.

In the same way that most of the stuff you see on the Internet is readily available. What you can't gauge is the technical competance on the person using the software / launching the attack against you. Most of the time, if these people encounter a firewall or (more likely if you have it setup correctly), they don't see any response from your PC / IP address, they will go somewhere else. There are plenty of people who are still ignorant of the risks and make much easier targets. Do nothing will make you a target. By at least having a decent software based firewall and some good anti-virus software you are taking reasonable steps to protect yourself.

From a company point of view I would want something a lot bigger and better! We've got more than 800 customer firewalls under management and it's a serious committment in terms of resources to actively manage these correctly.

Intrusion detection also is becoming more important. But that's another story :)

Chris

Just wondering ? - I know the obvious Pro's but IMHO having Norton firewall has been nothing other than a pain in the @rse ! Half the time I disable it to see piccies from the BBS etc.. and I'm sure it was the culprit for me not being able to get ADSL working again ?

Anyone else had problems ?

Cheers,

Gastro (without anything with Norton installed on it !)

[Edited by Gastro - 1/7/2003 7:41:39 PM]