What's a Good Firewall?

Status
Not open for further replies.
jeanpaul1979

jeanpaul1979

New member
Dec 30, 2007
471
3
0
I use ESET NOD32 as my virus scanner, and I like it because it's lightweight and clean... But after reading a couple of reviews their firewall it doesn't seem all that great.

So if it's not ESET...

What is the best firewall out there when you're looking for a firewall that is lightweight, and has good protection and usability?
 


jeanpaul1979 said:
I use ESET NOD32 as my virus scanner, and I like it because it's lightweight and clean... But after reading a couple of reviews their firewall it doesn't seem all that great.

So if it's not ESET...

What is the best firewall out there when you're looking for a firewall that is lightweight, and has good protection and usability?
Click to expand...

I just configure ESET to work with the XP Firewall.

NOD32 always seems to pick up on any shit and when it does, I always run Malwarebytes as an extra precaution immediately afterward. Of course, I'm not cruising warez sites all day either.

Otherwise those free firewalls are going off all the fucking time.
 
Personal firewalls are a fucking waste. No one cares whats on your shitty home computer unless you're IBM or something. What are they gonna do? Hack you and steal all your skittles pics?
 
Make sure your router has SPI, stateful packet inspection, and don't be stupid, like open the IP/iprange of your PC in DMZ.

If you can't afford a nice $80 router, get the fuck out of IT.
 
I'm using BitDefender on my gaming rig, zonealarm on my laptop and media server, and also the built in firewall in my Belkin router.

Abhorrent: They will if you got to a LAN party! Zonino!!!
But a personal firewall is much needed if you like to get free porno... Never know what nasty shit is lurking on all of them TPGs. And I'm not even going to imagine what an unprotected system could get from visiting the .box.sk network.

Lacrosse: I like some JB as much as the netx guy, but seriously dude, how old is the chick in your sig? Like 12?
 
use a hardware firewall like smoothwall, you can make it out of any old pc. I used one for years that ran on an old pentium MMX. seriously, you can pull something out of the trash and build a smoothwall box on it. Welcome to Express 3.0! - SmoothWall.org

If you want something a bit more functional that just a firewall look into clark connect ClarkConnect - Server and Gateway - Linux Small Business Server SBS you can take an old pc and fill it with cheap terrabyte drive and make it a firewall and network file server. or web server. or streaming media server. whatever. it's pretty cool
 
Maz said:
kaspersky kaspersky kaspersky


Look into "firewall leak tests"

A hardware firewall wont help with shit except "in the dark" attacks which are not that much of a threat nowadays. A "in the dark" attack is where a computer will try and scan your box for open ports or responses from various requests looking for a entry point. You are so unlikely to get hacked this way, its not worth it. Not to mention a standard 20$ linksys router offers just as much protection towards this as some stuff quoted above.

What you want is a application layer firewall that tells you when a program is trying to access the net. A router doesnt know if a program is good or not.

Everyone above me who said to use a router or other hardware device either doesn't understand your needs for a firewall or is trying to sound knowledgeable about this shit but comes off like a idiot.
( And to any of the users offended by me calling them a idiot, Feel free to challenge me. I have authored multiple firewalls (both hardware and software) and would love to assrape you in arguendo. )
Click to expand...

Or we could be using Windows7 which takes care of this for us. Plus, some people actually read their firewall log files daily.

:rolleyes:
 
Nobody said Router firewall was the end all solution. I usually only install software from trusted sources. I'm usually not worried about when they call home. If I do decide to go the bittorrent route, i usually place it in a vm and then run virus scans on it and let the software firewall that is in place in the vm let me know what the software is doing. And if I start to feel sketchy about the keygen i open up IDA Pro and take a look what's going on.

I'm more worried about browser attacks such as xss and others of its type than I am with installing malware. Noscript does a pretty good job with blocking those. If your going to install a lot of questionable software then by all means go Kaspersky or others of its type.


Edit: I do turn on a software firewall when I travel though.

Maz said:
kaspersky kaspersky kaspersky


Look into "firewall leak tests"

A hardware firewall wont help with shit except "in the dark" attacks which are not that much of a threat nowadays. A "in the dark" attack is where a computer will try and scan your box for open ports or responses from various requests looking for a entry point. You are so unlikely to get hacked this way, its not worth it. Not to mention a standard 20$ linksys router offers just as much protection towards this as some stuff quoted above.

What you want is a application layer firewall that tells you when a program is trying to access the net. A router doesnt know if a program is good or not.

Everyone above me who said to use a router or other hardware device either doesn't understand your needs for a firewall or is trying to sound knowledgeable about this shit but comes off like a idiot.
( And to any of the users offended by me calling them a idiot, Feel free to challenge me. I have authored multiple firewalls (both hardware and software) and would love to assrape you in arguendo. )
Click to expand...
 
Outpost is the best Windows firewall around. You don't need to worry about people getting into your box remotely, because nobody does that anymore. The way it works now is they have the worm/trojna/payload connect to them.

This means you need to watch what outgoing connections a program is making. Most modern firewalls do that, but to get around that, what we did was we began injecting the payload into existing and trusted apps like browsers. So what my worms used to do was force your default web browser to load a DLL file that did all the dirty work. Since most people allow their browser full access to the net (inbound and out), my worm bypassed the firewall. Nobody is going to let Notepad.exe access the Internet, after all.

And to 1up us, what The Man did was to issue warnings when DLLs were dynamically loaded, especially if the DLLs did not reside in the web browser's program folder. I don't code for Windows anymore, and in all honesty, if somebody has a problem with you, there's almost no way to secure yourself. Best tips I can give is to turn off auto-run (I used to pwn my enemies by sending them a CD that had the worm hidden on it and executed via auto-run), get something that will keep tabs on items that are being added to startup, and make sure they keep watch on ActiveX objects, because for as long as I can remember, that method has NEVER been detectable except maybe by HijackThis if you paid close attention (no one did).
 
Status
Not open for further replies.
Top Bottom