Good firewall prog?

Please let me know about a good firewall program: one that is not big, does not eat resources, and one that can be configured to eXplicitly block anything incoming on specified ports.

Reply to
Robert Baer
Loading thread data ...

I have the 8-port SMC(*) Barricade Router. Passes all the

formatting link
tests just fine.

(*) I've had mine for a number of years, I believe some other company has acquired SMC.

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
 Click to see the full signature
Reply to
Jim Thompson

Shame on you! Addressing a "point and click" addict to a CLI solution.

Have fun

Stanislaw Slack user from Ulladulla.

Reply to
Stanislaw Flatto

I use Kerio Personal Firewall

formatting link
which works well. It's shareware. After almost a month, you get some pop-ups asking for money. Ignore those and it reverts to the free version, which does everything you really need it to.

It normally blocks by application name, but you can set rules for specific ports. It uses the terms "advanced rule" and "packet filter" for that. There's also a feature that alerts you when installed programs are altered.

Note that you need a good software firewall (definitely NOT the one that comes with XP) when using ANY internet connection (even if all you have is 1200bps dialup). A hardware router does a very good job of blocking incoming connections (be sure to disable uPnP) but does little or nothing to stop outgoing connections (spyware, etc...). you need the software for that.

BTW, it's seldom "one or the other". Both is best.

--
108 days until the winter solstice celebration

"Today, the theory of evolution is an accepted fact
 Click to see the full signature
Reply to
Gary H

While that is a good idea, it doesn't keep you from needing a software firewall also.

--
108 days until the winter solstice celebration

"Today, the theory of evolution is an accepted fact
 Click to see the full signature
Reply to
Gary H

I allow no open ports on the Barricade.

Besides NAV, I run, at least weekly, ScanSpyware, SpyBot S&D and AD-Aware.

Plus I've killed all machine scripting capability and I use Firefox with NoScript v1.1.1

The only damage I seem to get is self-inflicted... screwed up Registry, etc :-(

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
 Click to see the full signature
Reply to
Jim Thompson

Go to Staples/Office Depot/... and buy a Linksys BEFSR41 Router. It has a built in hardware firewall as well as being 4 chanel router.

Ted

Reply to
Ted Edwards

Something to bear in mind. Kerio is discontinuing a couple of their fw products:

formatting link

And also, Sygate (which I like) has been purchased by Symantec, so probably their personal firewalls will go the way of the dodo bird.

Art

formatting link

Reply to
Art

Nope, but I'm the expert! To really screw things up takes some Thompson "tweaking without thinking".

Some further testing with GRC tools shows that, if I acquired certain baddies, they could indeed make an outbound connection :-(

Looks like I need to do some looking into ZoneAlarm.

...Jim Thompson

--
|  James E.Thompson, P.E.                           |    mens     |
|  Analog Innovations, Inc.                         |     et      |
 Click to see the full signature
Reply to
Jim Thompson

There's no such beast that runs on the computer you're trying to protect. But if you have a lax definition of "good", there are several offenders, including ZoneAlarm, Windows Firewall, etc.

But you're better off doing what I did: Get an old computer (I use a Pentium 90 - remember those?), put two network cards in it and maybe even a disk, and run one of the standalone Linux or *BSD firewall packages. In my case, I have a 400Mb disk (remember those?) and 16MB of RAM (remember when RAM came in MB?), and I'm running:

  • ssh
  • dhcpd
  • squid
  • ipf
  • tinydns
  • dnscache
  • ntpd
  • OpenBSD
  • two 10 MBit network cards (remember those?)
  • various other services you don't need to know about.

I've had flawless performance on cable for four years at up to 600KB/sec, serving my home network of 7-ish computers. I think I've rebooted it three times, other than during the occasional configuration change.

Oh, and I still insist on ZA, anti-spyware, and virus scanners on the computers behind it.

BTW, what's this got to do with S.E.D?

Clifford Heath.

Reply to
Clifford Heath

Hell, I remember 256 bit *1101 memory chips.

I use a Linksys BFR41 hardware firewall/router followed by a four port hub for the three computers on my computer desk. I am going to add a 16 port switch in the house to put ports around the different desks and workbenches so I don't have to look for a free port all the time.

Zone Alarm AdAware AVG

Keeping your computer working so you can access the newsgroup would be a good reason, wouldn't it?

--
?

Michael A. Terrell
 Click to see the full signature
Reply to
Michael A. Terrell

Some people don't consider what XP provides to be a firewall at all.

Some people got '486 systems instead because they'd heard about the Pentium bug.

I have a 420MB disk.

My first hard disk held 30MB, and was not compatible with "virtual 86 mode", so would not work with Windows in "386 enhanced mode".

DOS 1.0 was written to run with 16KB RAM.

[snip]
--
108 days until the winter solstice celebration

"Today, the theory of evolution is an accepted fact
 Click to see the full signature
Reply to
Gary H

I read in sci.electronics.design that Michael A. Terrell wrote (in ) about 'Good firewall prog?', on Sat,

10 Sep 2005:

Oh, do you need a computer?

--
Regards, John Woodgate, OOO - Own Opinions Only.
If everything has been designed, a god designed evolution by natural selection.
 Click to see the full signature
Reply to
John Woodgate

I knew a neighbor who had one of those. There was a RAM expansion cartridge, which was too easily knocked loose. This would lead to damage to the (then) expensive chips, or at least you'd have to restart the computer.

--
108 days until the winter solstice celebration

"Today, the theory of evolution is an accepted fact
 Click to see the full signature
Reply to
Gary H

You probably should have a Software Firewall on your computer as well. A lot (most?) of the Hardware Firewall don't stop something trying to "call home" from your infected computer.

Zone Alarm has a free version of their Software Firewall that will allow only the Programs that you designate access to the Internet. If you get infected you'll see the first attempt to access the Internet, which you then deny.

formatting link

Robert

Reply to
Robert

So I'm not alone, then.

:)

Art

formatting link

Reply to
Art

On the eighth day, God created duct tape. On ninth, he created ERUNT.

:)

Art

formatting link

Reply to
Art

You haven't lived until you've written a decent game of checkers in raw machine code that fits in the 1K RAM available on the Sinclair computer :)

Actually, we in the U.S. were spoiled rotten since we got 2K in the Timex Sinclair product.

Art

formatting link

Reply to
Art

Well, it DOES save some time decoding the data. ;-)

--
?

Michael A. Terrell
 Click to see the full signature
Reply to
Michael A. Terrell

Your Mr. Watson and Gallup appear to have vastly differnt defenitions of "minority".

Reply to
Richard Crowley

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.