ZoneAlarm? Mcafee Firewall Pro?

I have no clue. I want a good one that doesn't take up resources.

I use Sygate and I love it, easy to use an low on resources.

http://www.sygate.com/products/index.htm

Others use Outpost and I hear good things also.

http://www.agnitum.com/products/outpost/

Those are the best SOFTWARE firewalls, however hardware firewalls are preferred because they require no third party apps. Just find a router with a NAT firewall. I have a cheap Linksys BEFSR41 router that was a NAT firewall, however I don't recommend this router because recently they have a firmware problem that keeps disconnecting me.

Originally posted by mmione
I use Sygate and I love it, easy to use an low on resources.

http://www.sygate.com/products/index.htm

Others use Outpost and I hear good things also.

http://www.agnitum.com/products/outpost/

Those are the best SOFTWARE firewalls, however hardware firewalls are preferred because they require no third party apps. Just find a router with a NAT firewall. I have a cheap Linksys BEFSR41 router that was a NAT firewall, however I don't recommend this router because recently they have a firmware problem that keeps disconnecting me.
Actually, we are in the process of getting a router with NAT firewall and other protection things. I don't even want a firewall, I just want to play with one.:p

:nod: :nod:
sludge, if you just want to play
with one..then play with the best!!
Outpost by Agnitum
!!PlayHere!! (http://www.agnitum.com/)
and then stop by for some more fun here--->
Da PlayGround!! (http://www.outpostfirewall.com/forum/index.php?s=)
you will have lots of fun!!:D :D

Well I am running a hardware router, but I use ZA Pro behind it and it works quite well. :thumb:

I have to agree with hayc59, try this new version of Outpost. On this XP machine it has been awsome. It has not generated not one error or reboot. Have a problem or a question go to the link he posted, "da PlayGround". Their forum is awsome too.

Originally posted by sludge
Best Firewall... ?

Unplugging computer from the internet! :D

I am using Zone Alarm Pro personally but the free one is still in a class completely by itself. The sad thing is that the class it is in is the classification "REAL WORKING FIREWALLS."

What I mean is that only Zone Alarm is the only firewall that generates a "Cryptographic Signature" for every permitted program. This signature is then regenerated and compared before any program of that name is again allowed access. This completely prevents those simple forms of trojans that create a trusted program impersonation, but NO OTHER FIREWALLS OFFER THIS CAPABILITY.

Trojans are capable of using names of programs which causes all other firewalls to be fooled.

Please read as much information from this gentleman's website. The first link I'll post is focused on the firewall issue as discussed in this thread and the second will merely be the home page link. I suggest...as you would also after reading through Steve's site, that you post this link to your favorites list for future reference. This guy has the absolute best informational common language website on the internet...as well as all the credentials anyone would need.

PEACE!!

--Thcranky1

Firewall information:

http://grc.com/lt/howtouse.htm

Home Page:

http://grc.com/default.htm

I'd give my right arm to be ambidextrous!!

Actually, Sygate has the same feature listed above. If any changes are made to a program, before you open it/it opens itself it will tell you its changed and you can choose if you want it to access the internet or not. This happens when I update Steam. Get your facts straight before bashing other firewalls.

I tried the leaktest program and Sygate caught it..

Get your facts straight before bashing other firewalls.

Well it is obvious that you didn't read my post if you think I was bashing a program...and who the hell cares if I was bashing it...IT's a PROGRAM. However go read the links that I supplied and then after viewing Steve's credentials as well as his achievments in the computer world...then come back and start hangin your comments on me...I'll mereley tell you to simply respond to Steve's website with your comments...as you don't know yet due to not reading his site...he will happily reply to your challenge or rebuttle if he deems it so.

It is also apparent by your explaination of how your firewall responds that you don't understand exactly what "that feature" is all about. I stated that a virus (trojan) is capable of using a already allowed programs name and by it doing this it will bypass the firewall protection...this is Steve's discovery...not mine...I merely stated what one of the most highly respectable person's in the tech world said.

PEACE!!

--Thcranky1

Thcranky1 just about every thread you post in you some how tick someone off?:confused:

I have tried and tested just about every firewall there is and I can say first hand..... Zone Alarm sucks. The only reason it is so popular is because of Steve Gibson's site and I would put money on the possibility of Zone Labs giving Steve a kick back.

:rolleyes:

I wonder what it was exactly that pissed someone off...could it have been my answer to the thread which differs from yours?

You know the thing that seems so obvious to me is that no one in this thread ever stated anything close to a real true technical reason as to why their choice of firewall was their choice. I am the only one who posted real technical reasoning behind my choice. The most comical thing of all is the fact that you having obviously not read Steve's site. You go on saying exactly the opposite of what Steve has already stated upfront to not have been the case. Steve gets no endorsements from any firewall company and if you took the time to research prior to your opinionated responses you could also see the very detailed, well versed "CyberSpace Netiquette 101."

Here let me try to get you to the site one last time so you can review his whole philosophy about morals and values with the internet, technology and those companies that lead it.

http://grc.com/discussions.htm

Scroll till you get to the section you certainly need to read...

For you to think that by your statement, "I have tried and tested just about every firewall there is and I can say first hand..... Zone Alarm sucks." is so egotistical and ludicrous as well as pure conjecture. I'll take your bet that Steve gets endorsments from Zone Labs. You seem to know nothing about Steve and it is apparent by the comment, "The only reason it is so popular is because of Steve Gibson's site," proves beyond a shadow of a doubt that you have never even researched software firewall history where and how it began. Let me ask you what your credentials are that make you so superior to Steve who has labelled all of his accomplishments on his site. I honestly chuckle at your pompousness.

One more thing your comments lacked one single reason as to why you feel the way you do about Zone Alarm. I think the reason why you did that is because you couldn't figure Zone Alarm out and it became complicated and a chore for you to use it so you concluded since you don't get it...it sucks.

Another funny thing about your claims is the fact that you seemed to have slipped right past the whole idea that Zone Alarm is FREE to the public. Seems to me that this firewall company is so concerned with the publics internet security that they are in fact giving it to people to use. Of course you toss out your conspiracy theories about Zone Lab Technologies need a 'secret endorsement' by Steve.

Go study and do some research on the history of (software) firewalls. To coin a phrase...read and weep. I am willing to wager a fiver that you also think that Symantec's Norton's AntiVirus sucks as well. Is that correct? I wager this due to the historical similarity between Norton AntiVirus and ZA's firewall.

I await your comments which counter not me mind you but a man's claims who will forever be, no matter how hard you try, for the rest of your life...superior to you by leaps and bounds in and to the computer technological industry on a whole.

Wait a second...maybe I missed the episodes of Tech TV that you yourself were on...as well as the world media discussing your findings about spyware within Real Networks Real Player and finally I must have missed Bill Gates comments about the great accomplishments you have made to the world through technology and the study thereof.

I want you to know that if I pissed you off due to my post which not only had the opinion of a technological leader but reasons stating why the leader of technology concludes on the matter as he didthen I apologize. However all you did was tossed out conspiritorial ideologies and gave no reason whatsoever as to how yand/or why ou arrived at your opinion.

Gosh, I hope I haven't made you angry by demanding that you prove yourself or hell man at least tell us WHY you think the way you do for land's sake.

LOL

PEACE!!

--Thcranky1

by the way...if you have a problem with my posts and/or the way I answer...tough!!!

Maybe you can try to get me banned from this chat forum Adolf!:p

Thcranky1, I have to agree with mnosteele52!!
You amaze me also with your un-informed
post that just go way out of bounds!
You no nothing but what other folks have posted
or stated....please get a life.

Yeah i suppose I'll have to go ahead and admit it...I learn from others. And as I progress in my learning...please inform me as to how you learn or am i to assume that you already know it all? Maybe you just think you do but guy, your own post counters itself...of course I learn from what i read...LOL...how do you go about gaining knowledge there Einstein?

:rotfl: :rotfl: :rotfl: :rotfl:

PEACE!!

--Thcranky1

I am writing this on July 12th, 2000
Not to mention the the kudos you refer to by Mr. Gibson
is like 4 years old!!

Originally posted by Thcranky1
Yeah i suppose I'll have to go ahead and admit it...I learn from others. And as I progress in my learning...please inform me as to how you learn or am i to assume that you already know it all? Maybe you just think you do but guy, your own post counters itself...of course I learn from what i read...LOL...how do you go about gaining knowledge there Einstein?
:rotfl: :rotfl: :rotfl: :rotfl:
PEACE!!
Thcranky1
I progress hardly!! you are and have been stuck on stupid for sometime!!

anyway.........:rolleyes:

Originally posted by Thcranky1
anyway.........:rolleyes:
DUDE!! anyways go play somewheres your wanted!!

yer up in my face because I exceeded your idea of approrpiate reply length...and after running around the chat forum and pasting meaningless things on the threads that I started, you are telling me to go somewhere I'm wanted? Dude you just got done chasing me around this chat forum...how 'bout I say "hey man...or boy or kid...whatever the case may be...leave me alone."

PEACE!!

--Thcranky1

The cranky rofl get a clue i could show post after post where people gain speed and had alot less promblems by removing norton, zonealarm and mcaffee for that matter.

http://news.grc.com/news.exe?cmd=article&group=grc.security.software&item=96417&utag=

froum gibsons fofum

Why should I download a firewall such as the ones mettioned aboved and kill all my system resouces.

Another funny thing about your claims is the fact that you seemed to have slipped right past the whole idea that Zone Alarm is FREE to the public. Seems to me that this firewall company is so concerned with the publics internet security that they are in fact giving it to people to use.

So is sygate and outpost are free too what's your point???

To sum it up za/norton/mcaffee all take up to much resources i don't know how many times over the years i fixed intenet promblems simply by removing zone alarm. The best way to go is a hardware nat..

Thcranky1 I'm not going to get into with you because you aren't worth the time. My reputation here at Speedguide speaks for itself as does yours.

I will say that you are basing all of your facts and opinions on someone else's recommendation, not your own. How many firewalls have you tried/tested/used? The vast majority of comparison tests are such a sham because one or more companies pay for their results.

One thing I hate to see on forums is the question "what's the best......", because everyone has their own opinion and most are uneducated. Someone states how great a product is but that is the only product they have ever used so they have nothing to compare to?? How can you say what is the best/worst without trying them all?

:rolleyes: :cool:

One thing I hate to see on forums is the question "what's the best......",

I agree, people need to find the firewall, antivirus, etc that best fits their needs and they feel comfortable with.

Never take one mans opinion over the rest of the industry.

http://www.grcsucks.com/

someone just might have a website about the guy.

Not that I totally disagree with everything he says but, his pushing zonealarm is shameful. Kerio stops programs from replacing ones with the same name also, as many do.

Great point chpalmer:cool:. I would use and/or recommend Sygate, Outpost or Kerio. While nothing takes the place of an NAT firewall they are all excellent firewalls that offer excellent protection without causing issues as others due. Personally I use NAT & software.... too much important information for someone to get a hold of.

:cool: :D

Being a Kerio user Id probably recomend Sygate or Outpost before Kerio just do to Kerio needing a bit more user imput (writing rules correctly)

Zonealarm Pro however caused a great amount of headaches at my office.

Zonealarm Pro however caused a great amount of headaches at my office.

Computers are different also. ZAP works great on my 2k Pro machine, no problems ever but causes nothing but errors and reboots on my XP Pro machine. About a week after a clean install the problems start and I just get tired of fooling with it. Outpost did the same until the new 2.0 update came along. On the old 98SE computer I have the kerio 2.15 version because of low resource usage and it does great.

HAHAHAHA
You got to be kidding !

Obviois problem with this thread..

Steve Gibson in all his info says Use a Firewall, the fact that ZoneAlarm is the prefured on his site is the fact, that most of his pages he dosnt have time to redo. So he leaves allot in tacked and using a firewall is much better than using none at all. OR it could be what he prefures OR he gets a income from it and it costs allot to run his site. I would have to go with Firewall equils better than none at all..

Zone Alarm is NOT user friendly like one would think.
If you choose to Uninstall it you best be prepared to edit the regisrtry before you reboot. And Remove controll files after the reboot. If you dont you may end up ahving to reinstall ZoneAlarm just to get on line... Well if thats the best then I guess the New user is gonna learn the hard way.. Dont take my word for it look at the advance pages at Zone Alarm on how to completely remove ZA..
Now as Far as a Firewall its been noted all over the web that Zonealarm has a leak in it that crackers could possibly use.

So whats the big deal about using Outpost or Sygate.
Outpost has live help on all there products through there forum with plenty of experianced users "for" when something goes wrong

Sygate and outpost: Simple to use and uninstall for the first time user and at least they have a chance to get back online.

Norton: Giant resource hog and utilizes file locking so it can slow you up to P2 speeds. Definetley not recomended with networks not even the corp editions..

McAfee to busy with Government contracts building spyware for homeland and FBI to work hard enough on general public progects.. Only use for info resources

Norton and McAfee can be used to look up AV definitions and possibly virus removal tools..

I wont get into how bad or good other than to say
ITS real bad to use nothing at all...

Getting back to Steve Gibson grc.com and myself. (my opinion)
Its the best resource for small security tools
ITs also been around since the mid 90s and I read and look through his site on a monthly basis. I totally agree with his opinions on Microsoft security or the lack of microsoft security.
I also beleave its ok to ask whats the best around and that a educated opinion should be posted on the FACTS.

Once you get the opinions do a search in other places not just from one place..
Not all programs you ahve to pay for are the best afteral during the install they tell you there not responsibel for messing up your machine.. Personally I like free
because I have enough money invested in R&D and equiptment.

My solutions is Spybot S&D and Ad-Aware ran once a week on all 75 machines AVG for Antivirus ran nightley Outpost or Sygate depending on the machine and user. Productivity loss per week about an hour.. Productivity loss without them can be $12,000.00 in 3 days you do the math..

Productivity lost to unistall Zonealarm. aprox 1 hour per machine where a software wall is needed...

Everything I do is based on money and time..
I can also proudly say not one system has been hit a virri cracker or trogon since the beginning of last year


Is there enough facts there now..

I cant wait to justify why I stopped using Linksys alltogether and replaced several of them at the end of last year....
I do prefure a router / hardware firewall over software firewalls

Thanks

Dannjr

peace

I cant wait to justify why I stopped using Linksys alltogether and replaced several of them at the end of last year....

What did you replace Linksys with and why? I've been thinking about replacing my Linksys for a ZyXEL Router.

Buy that router ....


HArdware = Best form of protection .... ( In my opinion ) You all feel free to jump my **** and spam my post ... I can take it :D :p

Originally posted by Mytflyguy
Buy that router ....
HArdware = Best form of protection .... ( In my opinion ) You all feel free to jump my **** and spam my post ... I can take it :D :p
Mytflyguy, would not do that, router is a good choice(for some)

Yep everyone has their different needs and just need to find the best "For them"


Although reading which product has the most fan fair and support is usually a good idea for the person who does not have the time or cash to test the various types....

Interesting read from you guys :)


I learned a fwew thing in here :)

A router is no different than a software firewall, it is just that the software is on and resource usage is done by the router.

And yes ZA is terrible, is causes a lot of problems, after you work on/fix PC's you just notice these things. Norton Antivirus is terrible, NIS is even worse. McAfee is a sugar pill, it doesn't do anything.

Sygate, Kerio for FW and AVG for antivirus, if there is a best, those are it.

Originally posted by Mytflyguy
Buy that router ....


HArdware = Best form of protection .... ( In my opinion ) You all feel free to jump my **** and spam my post ... I can take it :D :p

All I need for my little home network if you can call it a network is a router to share my internet connection easily. That's all I feel I need and am quite comfortable with it. No jumping *** or spamming from me. I'm done with this thread.

Originally posted by j79zlr
A router is no different than a software firewall, it is just that the software is on and resource usage is done by the router.

And yes ZA is terrible, is causes a lot of problems, after you work on/fix PC's you just notice these things. Norton Antivirus is terrible, NIS is even worse. McAfee is a sugar pill, it doesn't do anything.

Sygate, Kerio for FW and AVG for antivirus, if there is a best, those are it.


Now I use NAV for my AV needs ... I had never even heard of AVG until today when reading this thread ....What is the advantages and why do you feel it's so much better than Norton or any other AV program ? Does it supply as frequent and as well covered definition updates as NAV does ?

Mytflyguy, My 2cents;)
Norton is a bloated, bogged down peice of nada!!
AVG has a small foot print and does a very good job.
Updates are very frequent almost two aday(sometimes more)
has save my rear-end more time than i can count!!
right now i am using NOD32 and am very pleased with both.
You can learn more here about AVG--->
http://www.grisoft.com/us/us_avg_index.php

Mytflyguy AVG is hands down FAR better than NAV. AVG has a FREE and Pro version and both have updates daily (sometimes more than that if needed) from AVG. AVG is extremely light on system resources and has a much better detection rate than NAV. In the past few months I have switched my clients from NAV to AVG and on over half of the pcs AVG found viruses/trojans that NAV never found.

:cool:

The free verison saved my but from this one virus that norton couldn't find or get cleaned. Also they have a free network edition too.

Originally posted by j79zlr
A router is no different than a software firewall, it is just that the software is on and resource usage is done by the router.



:nope: Not true at all. While I do prefer using a quality router for my firewall protection, routers with their NAT are only dumb hardware firewalls, preventing only unknown incoming traffic from entering the LAN. They (basic home marker broadband routers) do absolutely nothing to block outgoing traffic. Software firewalls will also filter outgoing traffic to your hearts content.

Originally posted by hayc59

right now i am using NOD32 and am very pleased with both.


I've been waiting to hear of someone from here using that package. They're sure on an advertising spree!

Not that I'll ever leave my trusty Symantec Corporate Edition antivirus! ;)

Wow.

I had figure this thread would be dead.:p

Originally posted by YeOldeStonecat
I've been waiting to hear of someone from here using that package. They're sure on an advertising spree!

do you mean all the updates??
its a mighty fine AV!!

Originally posted by dannjr
HAHAHAHA
You got to be kidding !

Obviois problem with this thread..

Steve Gibson in all his info says Use a Firewall, the fact that ZoneAlarm is the prefured on his site is the fact, that most of his pages he dosnt have time to redo. So he leaves allot in tacked and using a firewall is much better than using none at all. OR it could be what he prefures OR he gets a income from it and it costs allot to run his site. I would have to go with Firewall equils better than none at all..

Zone Alarm is NOT user friendly like one would think.
If you choose to Uninstall it you best be prepared to edit the regisrtry before you reboot. And Remove controll files after the reboot. If you dont you may end up ahving to reinstall ZoneAlarm just to get on line... Well if thats the best then I guess the New user is gonna learn the hard way.. Dont take my word for it look at the advance pages at Zone Alarm on how to completely remove ZA..
Now as Far as a Firewall its been noted all over the web that Zonealarm has a leak in it that crackers could possibly use.

So whats the big deal about using Outpost or Sygate.
Outpost has live help on all there products through there forum with plenty of experianced users "for" when something goes wrong

Sygate and outpost: Simple to use and uninstall for the first time user and at least they have a chance to get back online.

Norton: Giant resource hog and utilizes file locking so it can slow you up to P2 speeds. Definetley not recomended with networks not even the corp editions..

McAfee to busy with Government contracts building spyware for homeland and FBI to work hard enough on general public progects.. Only use for info resources

Norton and McAfee can be used to look up AV definitions and possibly virus removal tools..

I wont get into how bad or good other than to say
ITS real bad to use nothing at all...

Getting back to Steve Gibson grc.com and myself. (my opinion)
Its the best resource for small security tools
ITs also been around since the mid 90s and I read and look through his site on a monthly basis. I totally agree with his opinions on Microsoft security or the lack of microsoft security.
I also beleave its ok to ask whats the best around and that a educated opinion should be posted on the FACTS.

Once you get the opinions do a search in other places not just from one place..
Not all programs you ahve to pay for are the best afteral during the install they tell you there not responsibel for messing up your machine.. Personally I like free
because I have enough money invested in R&D and equiptment.

My solutions is Spybot S&D and Ad-Aware ran once a week on all 75 machines AVG for Antivirus ran nightley Outpost or Sygate depending on the machine and user. Productivity loss per week about an hour.. Productivity loss without them can be $12,000.00 in 3 days you do the math..

Productivity lost to unistall Zonealarm. aprox 1 hour per machine where a software wall is needed...

Everything I do is based on money and time..
I can also proudly say not one system has been hit a virri cracker or trogon since the beginning of last year


Is there enough facts there now..

I cant wait to justify why I stopped using Linksys alltogether and replaced several of them at the end of last year....
I do prefure a router / hardware firewall over software firewalls

Thanks

Dannjr

peace dannjr pretty much sums it up :thumb:

Every point he makes is from hands on experience (I can tell). About the exact same experiences I've been through as well.

Good post dannjr.

Originally posted by YeOldeStonecat
I've been waiting to hear of someone from here using that package. They're sure on an advertising spree!

Not that I'll ever leave my trusty Symantec Corporate Edition antivirus! ;)

YEah I've considered taking advantage of my Business licenses I have for this to put on my Home PC :)

We use NAV Corp 8.1 at work ( Which I happen to be the AV Administrator ;) )

Any one know if there are any 16 bit firewall apps out there for my happy Windows 3.11 laptop?

Thanks,
Shinobi :)

Is there even anything out there left that could infect a 16bit o.s.


:D



http://webpages.charter.net/chpalmer/chpalmer/0187.jpg

3.11 has a buit antvirus beleve it or not alot of people didn't know that one.

Originally posted by Shinobi
Any one know if there are any 16 bit firewall apps out there for my happy Windows 3.11 laptop?

Thanks,
Shinobi :) Have a read here Shinobi. (http://www.computercops.us/postt2560.html) You may recognise one of the avatars. :D

Croc.

Originally posted by hayc59
do you mean all the updates??
its a mighty fine AV!!

Just waiting to hear someone's opinion on it. How the performance hit compares to others, if it's been used out in the real world where it earns its keep catching several every day, etc.

Not true at all. While I do prefer using a quality router for my firewall protection, routers with their NAT are only dumb hardware firewalls, preventing only unknown incoming traffic from entering the LAN. They (basic home marker broadband routers) do absolutely nothing to block outgoing traffic. Software firewalls will also filter outgoing traffic to your hearts content.

At least someone else in here knows what they're talking about as well...

PEACE!!

--Thcranky1

Originally posted by Thcranky1
At least someone else in here knows what they're talking about as well...

PEACE!!

--Thcranky1

Everyone knows that NAT firewalls only block incoming attacks. That is why most of us recommend both a NAT & software firewall. I couldn't tell you how many times I've seen spyware purposely corrupt dll files in numerous software firewalls thereby turning them off leaving the person wide open to attacks, this is whare a router will save you.

Your point was that Zone Alarm is the only firewall to have certian features and is the best software firewall available..... it's not, it sucks.

:)

It would probably be a bit more appropriate, as I said earlier...that you give a reason as to why it sucks instead of just an opinion. Why does Zone Alarm suck?

PEACE!!

--Thcranky1

Originally posted by Thcranky1
It would probably be a bit more appropriate, as I said earlier...that you give a reason as to why it sucks instead of just an opinion. Why does Zone Alarm suck?

PEACE!!

--Thcranky1

1. It is a resource hog.

2. It causes numerous connection issues.

3. It is very hard to uninstall, if the uninstall fouls up you cannot access the internet.

4. The protection is adequate but it is intrusive.

5. It is difficult to use for a novice.

:)

Steele could you repeat those facts again i don't think cranky read the 1st serval times durring this whole topic.

I didn't like NOD32. It was far to complicated, everything was a seperate program and I couldn't figure out how to work it.

Originally posted by mmione
I didn't like NOD32. It was far to complicated, everything was a seperate program and I couldn't figure out how to work it.

In what way? I haven't seen it yet, but you mean like completely separate components for real time, pop-mail, update manager, etc?

Well I only used it for a couple hours. Everything was a seperate application, scanner, control, everything! It was all in seperate windows.

Guys,
Firewalls can be very complicated, difficult to understand...

Yes, there is a difference in a software application and the software on a hardware firewall... (A prominent diff being that it must get through the hardware first...) ;)

NAT -network addy translation, layers, packet sniffing, etc., each has its own role... ;)
Software apps are very limited and can not compare to hardware (even though hardware has software...)

But, do not get confused and believe that a router is a true firewall, far from it... Their best defense is hiding you. Changing your address. If you are not seen, your chances of being invaded are less, however, if they know that you are there... hehehehehehehehehh :D

You want to be 100% secure? Unplug it from the wall... :D hehehehheeh

Physical access?? MS says that if someone has physical access to your box, well,... it's not your box anymore! :rotfl:

Lets play nice guys.
l8rz,
Ken

There is but one god (zonelabs), and Steve Gibson is his prophet(profit).

Originally posted by cyberskye
There is but one god (zonelabs), and Steve Gibson is his prophet(profit).
cyberskye, you are in jest right???lol
:rolleyes:

Dont make us quote from grcsucks.com:rtfm: :nope:

nt

What about Kaspersky Lab's AV? Has anyone tried that before? I read from here (http://www.av-comparatives.org/seiten/ergebnisse_2004_02.php) that it's one of the best ones out there. Do you guys know whether it's a resource hog or not?

And how does Kaspersky Lab's firewall compares with the likes of Outpost, Syngate, etc.?

Europa2010AD, Welcome :D
Have not tried that firewall, So i cannot give you
any plus's or minus's on it.
Your best bet is to go with either
sygate or outpost(me i prefer Outpost)
but as you can see you will get a hundred different
opinions :)

Thanks hayc59 :-)

Which version, free or plus, of Outpost, would you recommend? Are the extra features of the plus version worth the money? I am currently running ZoneAlarm Pro, and after reading about the negative sides of it from here and other forums, I'd like to find out more about the alternatives.

Europa2010AD, take a look here--->
http://www.agnitum.com/
and i would go with the 'pro' version
and now that you have all that ZA stuff in your reg.
take a look here before you go and install Outpost.
ZA puts a lot of entries into the reg.!!!
http://www.outpostfirewall.com/forum/showthread.php?s=&threadid=7172
we have great service at the forum also :D
good luck and keep me posted
have agreat day.Gordon

I tried Outpost based on your recommendation hayc, and I think someone else here strongly suggests it..forget who. Anyways, fixing up a buddies computer who was plugged right into cable directly, outdated AV, and no firewall. Sure enough this bugger was deeply hosed with issues. Cleaned it up, he wasn't going to spend the $$$ on a router like I'd prefer...so I plopped on Outpost. First time I'd played with it. Nice and simple, which was important for him, as I didn't want some firewall which kept tossing up "nags" at every action you did, would just confuse him. Clean and simple! And didn't seem to bog his machine down.

I prefer to use ZoneAlarm Pro. It's the best!

I prefer to use ZoneAlarm Pro. It's the best!

No complaints here that's for sure. :)

No complaints here that's for sure. :)
So far ZA free edition has been pretty good to me.

I'll tell you what, I sure opened up a can of chat with this thread.

So far ZA free edition has been pretty good to me.
I'll tell you what, I sure opened up a can of chat with this thread.
yes you did!! but that is a good thing!!
debate/opinions is what matters thats how we all learn :thumb:

As stated above i don't know how many times i used programs since i see debates on here from other techs i switched programs such as anti virus/firewalls a list of others, they were right. People tend to stick to products they use daily sometimes don't even bother or are not aware of other products.


Plus it's good to compare and contrast products to see what has what feature or what it lacks...

As stated above i don't know how many times i used programs since i see debates on here from other techs i switched programs such as anti virus/firewalls a list of others, they were right. People tend to stick to products they use daily sometimes don't even bother or are not aware of other products.


Plus it's good to compare and contrast products to see what has what feature or what it lacks...
Yep.

I used to use Outpost free until I reformated my PC. After that, I put ZA on it. I didn't like it as much after using it for a while, though. It was too 'Windows XP', you know, automatic. I Like outpost more, so I switched back. :)

Kaspersky's firewall is called "Kaspersky Anti-Hacker".

It's not freeware and costs $us39-00.

The URL............
http://www.kaspersky.com/antihacker

Croc.

To add a bit, take a look at our (SG) server stats:
http://www.speedguide.net/stats/#refsite

One good thing about Outpost, as you can see from our server, is that it does block the referring site, another bonus in security...

I really just use hardware anymore and keep a tight system, however, many people do ask...

Thanks Ken And Thanks Fo The Info
Outpost Does A Great Job :thumb:

What did you replace Linksys with and why? I've been thinking about replacing my Linksys for a ZyXEL Router.

Sorry took so long to get to this question...

I use westel or Speedstreams for xDSL connections bridged only because I dont have problems with them in bridged mode.. Up till recently I had been using Zonet routers and changed over to Edimax somethings going on at Zonet... But the edimax has been working fine. Basically there the same

They have twice the memory of the Linksys. More important in my end of things with small to medium businesses I need to have more than a few port ranges to block outgoing on.. Linksys limits the port filtering and as of late needs more restarts or reboots.
With the edimax or zonet I can set up to 30 differant machines with port filtering I can even block a machine from going out to the wed where needed and still connect to remote the desktop.
I have a couple of users that I had to set Outpost on and set there permissions to the point of them getting email only email only and no program install permissions..
I work where privacy is extreemly important. (HIPPA Certified) I cant afford to have your insurance info leak to the web. Some of the Data goes back to the mid 1980s Imagine your health info leaking out..
I have had to many times where I caught ports open on the linksys New and old.. Some of you dont need the type of security I have to watch out for.. On the otherhand and I'll probably regret this statement. I havnt had to reload a primary server thats behind my security settings Some of the settings I wont give out..

Outpost or Sygate with a well setup router will help keep your system clean. Im down to about 4 to 5 peices of spyware a week per machine and thats only because I sometimes get behind in updates OR Im teaching a new user in a office the DO's and Don't..

To all the business owners out there looking for info.. Teach your users what TO and not-to goto on the web. You'll find there not all as Dumb as they look.. As for the users I have blocked from the web Thats 2 people over 6 offices with now over 150 machines.. not to mention the Servers multiple T1's / Cable and DSL connections i them offices.. Be smart dont put all your security in one type application... But as I stated before certain software can slow you to a crawl (Norton and McDaffy)..

Thanks Ken for the added info

I prefer a hardware solution. I have a Nexland ISB that works fine.
I have been toying with the idea of doing a netBSD (http://www.dubbele.com/index.html) or Linux firewall such a m0n0 or smoothwall.
For our home there's really no need at this point, so it would be more for fun, or to replace the Nexland when she dies. :(

Hello this is my first post. I really find all the info on this site VERY helpful. His is my thaughts/experience with PC software routers.

I really likeed the free versoin of sygate but for some reason the new version won't work on my PC. I also had a full versoin of defender PRO its a peice of crap but the antivirus I like so far. I am now using the free version of Zone so far it is working pretty good. When I get a full firewall I will with sygate.

I am using a 56k dial up and am going to a ISDN 128k hopefully by spring. I live in a semi rual area so no cable modem or DSL. I will say going from a cable modem to 56k REALLY BITES!!!!!!!!!!11

Thanks again for all the info.

Speaking of using hardware firewalls.
Could you not use a PC put two nics one for Cable/DSL modem and other for
PC HUB and put a good firewall on the PC .

Speaking of using hardware firewalls.
Could you not use a PC put two nics one for Cable/DSL modem and other for
PC HUB and put a good firewall on the PC .

Yes there are quite a few "proxy like" and software NAT products which do this. An example of this method, I use Microsofts ISA 2000 server at home. My server is multi-homed, WAN NIC to DSL bridge, and LAN NIC to switch for home LAN.

Zone Alarm thats what I currently use in conjunction to my NAT router.

I am new to this forum and want to get help on IPTABLES design for Linux.

The code is given here
# (1) Policies
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

# (1A) ALLOW ESTABLISHED CONNECTIONS EARLY SO THEY DON"T GO THROUGH RULES AGAIN
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#(1B) DROP BAD TRAFFIC
iptables -A INPUT -s x.x.x.x2 -i eth1 -j LOG --log-prefix "WARN: SPOOFED TRAFFIC"
iptables -A INPUT -s x.x.x.x2 -i eth1 -j DROP
iptables -A INPUT -p ALL -i eth1 -s 10.0.0.0/255.0.0.0 -j LOG --log-prefix "WARN: SPOOFED TRAFFIC"
iptables -A INPUT -p ALL -i eth1 -s 10.0.0.0/255.0.0.0 -j DROP
iptables -A INPUT -p ALL -i eth1 -s 127.0.0.1 -j LOG --log-prefix "WARN: SPOOFED TRAFFIC"
iptables -A INPUT -p ALL -i eth1 -s 127.0.0.1 -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "WARN: NEW NOT SYN"
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp -m --tcp-flags SYN,FIN SYN,FIN -j LOG --log-prefix "WARN: SYN-FIN SCAN"
iptables -A INPUT -p tcp -m --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp -m --tcp-flags ALL ALL -j LOG --log-prefix "WARN: ALL-ALL SCAN"
iptables -A INPUT -p tcp -m --tcp-flags ALL ALL -j DROP

# (3) INPUT CHAIN RULES
iptables -A INPUT -p ALL -i eth0 -s 10.0.0.0/255.0.0.0 -j ACCEPT
iptables -A INPUT -p ALL -i lo -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p ALL -i lo -s 10.1.2.96 -j ACCEPT
iptables -A INPUT -p ALL -i lo -s x.x.x.x2 -j ACCEPT
iptables -A INPUT -p ALL -i eth0 -s 10.0.0.255 -j ACCEPT

# TCP Rules
iptables -A INPUT -p TCP -i eth1 -s x.x.x.x1 --destination-port 20 -j ACCEPT
iptables -A INPUT -p TCP -i eth1 -s x.x.x.x1 --destination-port 21 -j ACCEPT
iptables -A INPUT -p TCP -i eth1 -s x.x.x.x1 --destination-port 22 -j ACCEPT

# UDP Rules
iptables -A INPUT -p UDP -i eth1 -s x.x.x.x1 --destination-port 20 -j ACCEPT
iptables -A INPUT -p UDP -i eth1 -s x.x.x.x1 --destination-port 21 -j ACCEPT
iptables -A INPUT -p UDP -i eth1 -s x.x.x.x1 --destination-port 22 -j ACCEPT
iptables -A INPUT -p UDP -i eth1 -s 0/0 --destination-port 53 -j ACCEPT
iptables -A INPUT -p UDP -i eth1 -s 0/0 --destination-port 2074 -j ACCEPT
iptables -A INPUT -p UDP -i eth1 -s 0/0 --destination-port 4000 -j ACCEPT

# (4)FORWARD RULES
# accept the packets we want to forward
iptables -A FORWARD -i eth0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

# (5) OUTPUT RULES
# ONLU OUT PACKETS WITH LOCAL ADDRESSESS ARE FORWARDED
iptables -A OUTPUT -p ALL -s 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -p ALL -s 10.1.2.96 -j ACCEPT
iptables -A OUTPUT -p ALL -s x.x.x.x2 -j ACCEPT
#^--Basically same as having a default OUTPUT policy of ACCEPT (not real secure)

# (6) POST ROUTING RULES
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source x.x.x.x2

can some one tell me that is to safe for lan users to goto internet through the server with ip x2 and surf / download while only one machine x1 can come in to do something.


Looking forward to hear from you experts on this forum.

Thanks

Ratan

As stated above i don't know how many times i used programs since i see debates on here from other techs i switched programs such as anti virus/firewalls a list of others, they were right. People tend to stick to products they use daily sometimes don't even bother or are not aware of other products.


Plus it's good to compare and contrast products to see what has what feature or what it lacks...

As stated above i don't know how many times i used programs since i see debates on here from other techs i switched programs such as anti virus/firewalls a list of others, they were right. People tend to stick to products they use daily sometimes don't even bother or are not aware of other products.


Plus it's good to compare and contrast products to see what has what feature or what it lacks...
:irate: :irate: :irate:

zoane alarm pro ((for ever)) :nod:

outpost firewall rox :) but if u need somthing light on resources i would recomend Look 'n' stop as the best and then zonealarm.