Stop Microsoft
All Things Microsoft => Microsoft Software => Topic started by: lazygamer on 18 April 2003, 01:20
-
What is the best(or one of the best) freeware(or free to non-corporate customers, depending on license agreement) Wind0ze firewall?
Now I'm not seriously counting on me being quite safe with Windows and a firewall, but it's a good place to learn how to use one I suppose.
If I want true security(but this is less about security and more about learning) I'll turn to Linux, I know the drill. But we'll talk about Linux firewalls when I get an external DSL modem or Linux suddenly starts supporting internal DSLs. (http://smile.gif)
I know this is sort of Windows BBS material, but it actually skirts the rules for the MES windows forum because I'm not asking for help with X Windows problem, nor am I asking for pirated software. (http://smile.gif)
Besides, WinBBS is full of losers, I respect the intelligence of those here...
-
I believe that one of the best firewalls for windows is ZoneAlarm. I haven't used windows for quite a while though, since I mostly use OS X and Linux. Perhaps, others can help more. (http://smile.gif)
-
Tiny Personal Firewall is good too. Not as many features but it allows you better control (IMHO) over rule specification, making it a little more like linux firewalls.
The old version is free for non-commercial use and is what I use.
-
Kerio personal firewall is good and free (note lowercase free)
Norton personal firewall performs far far better at blocking portscans (tested with www.grc.com, (http://www.grc.com,) www.pcflank.com (http://www.pcflank.com) and some scanners I downloaded) than zone alarm does. I know scanning isnt the only thing it should be good at (eg should also stop plain wrong packets) but i cant be bothered testing for other stuff (and i wouldnt know what i was doing) and if your on a dsl modem your probably mainly worried about kiddies with scanners anyway. That said the "logging" feature in norton is annoying and it is expensive. I still believe for client end windows comps its good though.
However! Obviously its a win program and nothing could really secure a dam with taht many holes... wouldnt it be nice if there was some way to put a dedicated firewall on a cool OS "in between" your computer and your isp? wouldnt it be even better if the cost of the old comp for that dedicated hardware firewall was cheaper than most win firewall apps? heres the ultimate solution! (http://www.smoothwall.org) smoothwall!
this puppy comes with a pretty full on firewall, AND it masquerades your computers behind it AND its been hardened up for security AND you dont need to waste your desktops CPU cycles on a firewall ap AND the cost of the (not necessarily fast) computer to run it on would be no more than $50 AUS ($25 US) AND theres no need to waste desktop box hdd space or RAM on a firewall app AND with a hub you can have one firewall managing multiple comps so you dont need to mantain seperate firewalls on multiple comps at once! AND if your "interested in learning" like you said then seeing the output of iptables -L will help a lot as will reading an iptables script
BUT WAIT! THERES MORE!
AND its Free Software!!! (in BOTH terms!)
:D :D :D :D :D
Ah CRAP! Ignore alll the above just noticed that theyre still working on DHCP... :rolleyes: :rolleyes: :rolleyes:
sorry - AND you can wait till they add dhcp support!
edit : ha ha ha! I was wrong! Smoothwall still "0WnZ j00 4r$3" 8-)
[ April 18, 2003: Message edited by: Faust ]
-
quote:
Ah CRAP! Ignore alll the above just noticed that theyre still working on DHCP... :rolleyes: :rolleyes: :rolleyes:
sorry - AND you can wait till they add dhcp support!
[ April 18, 2003: Message edited by: Faust ][/QB]
I dunno about that, DHCP works on my smoothwall. Maybe you're talking about beta?
-
Hmmm... actually re reading the page they may have been talking about having a computer in the DMZ giving a dynamic IP to a computer in the green zone... which is not a problem to us really as a desktop computer behind smoothwall really only needs to be static, smoothwall is the only one that needs the dynamic IP which is probably fine. So smoothwall is go! Provided I can somehow get a cd-rom drive into my freebie P66... which will require me getting into the BIOS... which will require me knowing the BIOS password. :rolleyes: Honestly if you giving away a good computer why the hell wouldnt you just write the BIOS password on the case???
and i've tried taking out the BIOS battery... didn't work which was *weird*
-
Install it over a network connection from another machine.
-
quote:
Faust: which will require me getting into the BIOS... which will require me knowing the BIOS password. :rolleyes: Honestly if you giving away a good computer why the hell wouldnt you just write the BIOS password on the case???
and i've tried taking out the BIOS battery... didn't work which was *weird*
You have to move a jumper to reset the BIOS. I don't which one it was, but if I see it, I will post it here...
-
Cool ta. ;) I'll have a look at the pheonix bios web page too, they may have given them all a global password.
-
quote:
Originally posted by Faust:
and i've tried taking out the BIOS battery... didn't work which was *weird*
For how long?
-
quote:
Originally posted by Faust:
and i've tried taking out the BIOS battery... didn't work which was *weird*
Remove the battery for like 15 seconds, power on the system(with no battery), power down the system at the BIOS post screen, re-insert the battery then power on the system again. Now there should be no password(please note you will need to re-configure the BIOS to get the best performance out of the machine).
You can achieve the same results if you set the CMOS jumper to clear CMOS, power on the system, power down the system, place the jumper back into the normal operation position, yada, yada.
[ April 19, 2003: Message edited by: Zombie9920 ]
-
quote:
However! Obviously its a win program and nothing could really secure a dam with taht many holes... wouldnt it be nice if there was some way to put a dedicated firewall on a cool OS "in between" your computer and your isp? wouldnt it be even better if the cost of the old comp for that dedicated hardware firewall was cheaper than most win firewall apps? heres the ultimate solution! smoothwall!
this puppy comes with a pretty full on firewall, AND it masquerades your computers behind it AND its been hardened up for security AND you dont need to waste your desktops CPU cycles on a firewall ap AND the cost of the (not necessarily fast) computer to run it on would be no more than $50 AUS ($25 US) AND theres no need to waste desktop box hdd space or RAM on a firewall app AND with a hub you can have one firewall managing multiple comps so you dont need to mantain seperate firewalls on multiple comps at once! AND if your "interested in learning" like you said then seeing the output of iptables -L will help a lot as will reading an iptables script
Wow, sounds good! I'll get something like that when I'm living on my own. (http://smile.gif)
How does that work anyways? Does it work better than a regular firewall because the whole OS can be devoted soley to firewall duties? I'd assume that a firewall must cut down on how often it can scan stuff or it would slow the shit out of a system.
I am on DSL, so kiddies are my biggest concern.
-
www.sygate.com (http://www.sygate.com)
free for non corporate customers
great if u ask me. it detected and stopped a D0s attack from fucking up my cpu.
-
quote:
Originally posted by Panos:
I believe that one of the best firewalls for windows is ZoneAlarm. I haven't used windows for quite a while though, since I mostly use OS X and Linux. Perhaps, others can help more. (http://smile.gif)
ZA is not a good firewall to use at all.
[ April 19, 2003: Message edited by: raptor ]
[ April 19, 2003: Message edited by: raptor ]
-
And.... are you going to give a reason why it's not a good firewall, or just make accusations?
-
I'd feel a lot safer with windows if I used an external firewall. Such as a router, or a gateway. I'd set up another linux computer and allow it to be a gateway. And use ipchains or iptables on the linux machine.
as for the bios thing, i found a good way of clearing it is to run your feet on the ground a bunch and touch the motherboard. repeat several times. Your computer will probably never turn on again, but the password will be gone (http://smile.gif)
- dont do that
-
my linksys router didnt stop the Dos attack on me sygate did :D
-
Zone alarm is a good firewall. Download the trial of the pro version and get a registration code off kazaa-lite or off a warez site.
-
Smoothwall and IPCop both irritated me. I couldn't get either of them to work. I would just use RH but my old box has onboard video and it isn't supported and I need a way (graphic) to be able to edit rules and set port forwarding and block my roomies when they don't pay me for bills etc :D
Dj
[ April 23, 2003: Message edited by: Engineer ]
-
i use zonealarm and kerio as a matter of course on the rare occasions i have to use windows. i have no idea how secure they are though. each one catches access attempts that the other totally misses, so how much stuff gets past both of them i wonder?
also, both are totally cost free for personal use.
-
Actually, I've noticed that ZoneAlarm decreases my bandwidth by around HALF and chews through 40% of CPU when connected.
And, if only that BIOS was an Award. You know that pretty much any Award BIOS accepts, get this, "award_sw" as a password?