| Archive for Downsizer For an ethical approach to consumption |
| toggle |
need a firewallZone alarm have finally shot themselves in the arse with their new trick.They completely block irc access unless you use their premium version, 8 months ago, i was able to sign up for the free trial, set it to allow irc, then reinstall zone alarm and keep settings. Now they don't do a free trial anymore, you can get a period of free premium through signing up to some 'offers' and handing over credit card details to a e-commerce site. I think not. So, please recommend me a firewall that I can control and don't have to sign up to crap to get. |
||||
| tahir |
I use XP's built in one at home, we have a physical firewall at work, so no idea. Anyone else? | ||||
| Barefoot Andrew |
Physical firewall here - complete ADSL modem/firewall/router "solution" in one box...
A. |
||||
| dougal |
That and OS X's firewall - which is ipfw (from BSD Unix). |
||||
| orangepippin |
Built-in plus on the PC plus MS ISA firewall on the network plus hardware firewall. Probably too many. | ||||
| jema |
I figure that as long as you have a router you are ok. | ||||
| Barefoot Andrew |
...provided it doesn't route unsolicited inbound traffic...
A. |
||||
| toggle |
also, dosen't block malicious outbound traffic. | ||||
| Barefoot Andrew |
You shouldn't have any malicious outbound traffic... unless your machine has caught a cold. A. |
||||
| toggle |
my firewall has caught stuff on a few occasions. I was then able to identify and eliminate the problem. |
||||
| Maxwell Smart |
Same plus dynamic nat. |
||||
| Barefoot Andrew |
You presumably had a virus? A. |
||||
| toggle |
it wasn't anything that my antivirus was stopping. | ||||
| Barefoot Andrew |
Something must amiss. One doesn't have "malicious" outbound internet traffic for nothing!
A. |
||||
| orangepippin |
I think Realplayer and Skype generate a lot of outbound traffic, and you do wonder (particularly with Realplayer) how much of it is related to the function of the program and how much is something else. | ||||
| Barefoot Andrew |
Skype of course generates outbound traffic as part of its firewall traversal techniques - as do other messaging systems... but the benefits outweigh the concerns I think.
A. |
||||
| orangepippin |
I realise that, but on the odd occasion when I have nothing better to do than watch my realtime firewall logs, it is amazing what is going on and it surely can't all be legitimate! | ||||
| MarkS |
depends,
skype (proprietary bug ridden thing that it is) also uses your machine as a local peer point doesnt it? on a windows machine I run the sunbelt software firewall. you can run it in an advanced mode that lets you see what and where trafic is goin. and theres a free version. |
||||
| toggle |
I'm aware of that, hence my statement that I identified and eliminated the problem. However, without requiring programs to ask before permitting them access through the firewall, I would not have known there was a problem. Therefore I am looking for a firewall program I can run on my computer, that dosen't block IRC completely like zone alarm now does. Are you able to assist with that or do you want to make more irrelevant comments? And realplayer is a known problem, i've seen the program identified as spyware before, for their habit of sending out information about what you're doing with the program. i won't use that. Real alternative seems to do the job nicely. |
||||
| orangepippin |
Famous last words but the Windows firewall (XP SP2 or Vista) along with the firewall on your ADSL router should be good enough. That seems to be the most popular combination that I've come across. If you have a spare PC then installing a dedicated Linux firewall / proxy server might be worth a try - it may not be a pleasant experience though. | ||||
| toggle |
If i felt windows firewall did the job, I wouldn't be asking for something else now, would I.... | ||||
| MarkS |
*cough*
http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/Download/ previously known as kerio in which guise it won numerous awards |
||||
| toggle |
is it free? | ||||
| orangepippin |
The point I was making is that no firewall on a bare Windows PC is sufficient. I'm suggesting you replace your Zonealarm with the Windows XP firewall, and then use one of the numerous ADSL router/firewalls along with it. That would be a pretty good combination. |
||||
| MarkS |
windows firewall is pants. A 'hardware' firewall is a good thing and I always recommend them, but they should be used in conjunction with a decent application firewall on the PC because a separate device is not going to be able to detect issues on the PC from eg trojans. it can only operate on the basis of ip addresses and tcp/udp ports and packet inspection (not very likely on consumer devices).
A decent software firewall on the pc will monitor which applications get access to the network device and what they can do with it. yes there is a free (beer) version with some restricted functionality. but if you cant be bothered to click on the link and read the specs then please disregard my suggestion. |
||||
| orangepippin |
You clearly know more than I do but I think dedicated software firewalls these days (i.e. running on perimeter network firewall appliances) have a lot more capability to deal with application traffic than simply examining ports. A firewall on the PC is useful for outbound security though. | ||||
| MarkS |
we are talking about personal use are we not?
application devices are great - if they are set up correctly and monitored by someone who understands what they are looking at. that doesnt happen in consumer environments. Face it, it often doesnt happen in business. alas my days as a checkpoint reseller are in the past. |
||||
| toggle |
if i used anything other than windows firewall, then yes, it would work well, and will be the set-up I intend to run. As Mark has said, a good software firewall will control what programs can and cannot access the internet. This is the functionality I am looking for because that is the functionality that has allowed me to catch malicious traffic from programs that my anti-virus software wasn't catching. Zone alarm gave me that and iv'e been running it on various incarnations of my computers since I first got net access. However, what it is also now doing is not allowing any IRC traffic unless you run the full (paid for) version. Since I use IRC, i need to now find another firewall that replaces the functionality of zone alarm without deciding I cannot be trusted to decide if i should be able to access IRC without paying. |
||||
| toggle |
now i need to find where i left the damn usb key with my router passwords on, so i can start downloading stuff on my 'new' machine | ||||
| 2steps |
I have a firewall as part of the router and use sygate's software one. Was recommended to me years ago and we haven't had any problems. I found it easy to use as well. | ||||
| Barefoot Andrew |
You don't deserve to be assisted with anything if you take that tone. I was mere pointing out to you that something might be amiss. Hardly irrelevant. A. |
||||
| toggle |
I would hardly call your comments assistance. Patronising crap is closer to the mark. Your 'assistance' and your own 'tone' are something I can happily live without. |
||||
| toggle |
And thankyou mark, I've installed your recommendation on my old machine for a few days to see if I can work with the program. so far, it's looking good. | ||||
| Northern_Lad |
OY! Stop it you two.
Toggle; BA was trying to help; if he pointed out something you already knew, then all you needed to do was say "thank you, but I already knew that". BA; let's leave it there, please. |
||||
| tahir |
Well said NL. | ||||
| toggle |
as I've said, if he calls that help, I'll live without it. I call it the usual reaction a woman gets when she asks techie advice. Despite the fact this forum claimed, loudly, it was non sexist last time I complained. I was going to move on and ask if anyone had expreince running a set up like smoothwall, i think I might try doing that in a place where no one knows I knit. |
||||
| orangepippin |
I would be interested to hear how you get on with Smoothwall. I'm looking to replace a dedicated MS ISA firewall with something, perhaps a Linux based equivalent. I've been told IPcop is worth looking at. I think this sort of thing - if properly setup (easier said than done) - is more secure than running personal firewall software on individual workstations. | ||||
| Northern_Lad |
What? I've read through the entire thread again and I can't spot anything that has been posted which has any form of gender bias/stereotyping. BA was responding to the posts made with genuine questions/statements. If you thought that that was wandering away from the intention of the thread then that's fine, but the tone of your posting was highly confrontational.
As we've said many a time before, to many a person, it is the intention of this forum not to have any kind of 'ist' behaviour. Sometimes we slip; sometimes things are mis-read; sometimes we take the preverbal out of people we know very well. If you, or anyone else, has any issues with anything then please raise it with the mod team (we've a roughtly equal balance of gender in the team so you take your pick) and we will deal with it and get back to you. Now, back to firewalls...(my experience of Zone Alarm is that it stops you doing anything you want to all the time) |
||||
| MarkS |
If you are fairly techy then say so in your question - otherwise people assume that its the usual 'i am not a pc person and I dont know what a firewall is but I know I need one' type of question.
that has nothing to do with gender. At the risk of stirring  ) my usual response to being accused of being sexist (I'm not btw) is to play up to it and ask if the questioner is suffering from pmt and offer chocolate. usually gets something thrown at me.
|