• Welcome to Valhalla Legends Archive.
 

Any firewall suggestions?

Started by MrRaza, January 06, 2006, 12:37 PM

Previous topic - Next topic

MrRaza

I'm looking for a reliable firewall that will protect my system and also which isn't bloated with features that I dont need or with annoying GUIs.

iago

ZoneLabs' ZoneAlarm firewall is my personal favorite on Windows. 

iptables is my personal favorite on Linux. 
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Falcon[anti-yL]

ZoneAlarm caused some problems with my firefox, I've been using Sygate Personal Firewall for awhile and I like it.

iago

Sygate Personal Firewall has been discontinued, IIRC.  I highly recommend NOT using a closed-source security product that's been discontinued.  If a vulnerability is found in it, you are completely open to it, and because there is nobody to maintain it you'll be vulnerable forever.  Same idea as the Witty worm which spread by using a vulnerability in Black ICE, then wiping out your harddrive.  The difference is, Black ICE is still being maintained, so they patched it quickly.

If Sygate Personal Firewall wasn't discontinued, and I'm mixing it up with something else, then please ignore all that.

I've used ZoneAlarm on several different computers, all of which used FireFox, and have never had a problem, so that's odd.

This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Kp

He may be thinking of ZoneAlarm's tendency to conflict with Firefox's rather silly IPC-over-TCP.  Firefox likely needs both client and server privilege from the firewall, since it binds sockets on localhost and then connects to them to communicate with itself.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

Newby

http://force.coresecurity.com/index.php?module=base&page=about

Try it out, I haven't used it but it looks promising, seeing as how its based off of pf.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

shout

Quote from: Kp on January 06, 2006, 08:40 PM
He may be thinking of ZoneAlarm's tendency to conflict with Firefox's rather silly IPC-over-TCP.  Firefox likely needs both client and server privilege from the firewall, since it binds sockets on localhost and then connects to them to communicate with itself.

I have a problem with firefox + ZoneAlarm, and this does not fix it.

WoOdTroll

I just use a simple one, and use Tcpview.