PC Pals Forum
Technical Help & Discussion => Broadband, Networking, PC Security, Internet & ISPs => PC Security - Useful Posts and Tutorials (Archive) => Topic started by: Adept on November 17, 2002, 17:01
-
Go here (http://www.pc-pals.com/firewall.htm) for a list of the currently available Personal Firewall software.
If you know of any other software which is not not listed here, please add to this thread with any details you have and we will update the web page. Similarly, you can let us know of a version update by adding a comment.
-
There is also Sygate Personal Firewall (http://soho.sygate.com/products/shield_ov.htm), which is available in a free version, of a paid for Pro version.
Added - thanks Simon
-
Here's another Firewall product that's rapidly gaining fans.
Kerio (http://www.kerio.com/us/)
Added - thanks Rodders
-
This could be one for Hitch. If you go here (http://soho.sygate.com/products/comparison.htm), you can compare Sygate 'Free' and 'Pro'. I have the 'Pro' version *cough*, but is the free one just as good? The Pro version does seem to have lots of extra features, but I'm not really sure if it's all neccessary for a home user. Any opinions anyone?
-
OK i use the free one coz i forgot to install the *cough* Pro version and have found no use for it.
IDS - I use norton 2003 which script blocks for me and detects the same trojans, I suspect most people have both items therefore thisis IMO un-needed.
IPS - Same as above
ICS support - This is a little daft, my firewall is on the gateway machine therefore protectin me from ALL network traffic. I use ICS without Pros help so again pointless.
VPN - This aint that far off ICS with a proxy and again i cant imagine the free version doing anything less than the Pro. The VPN will go through the Free version and protect just aswell IMO.
Stealth Browsing - Norton 2003 does this, IE does it on its own. Ive never found this a problem though in several years of netting so again i think pointless.
ATP - Norton again so who needs it.
From the list above id say its like most thing viral and just an attempt to scare you into parting with your money.
There seems no reason to *purchase* this product.
-
ICS support - This is a little daft, my firewall is on the gateway machine therefore protectin me from ALL network traffic. I use ICS without Pros help so again pointless.
That's interesting Hitch. When I tried Sygate a couple on months ago, one of the reasons why I rejected it and went back to ZoneAlarm was because Sygate wouldn't let my other PC connect to the Internet via ICS.
How did you get it working?
-
Just to clarify Hitch, "Norton 2003" refers to Norton Anti Virus, yes?
I would assume that having *ahem* 'purchased' the Pro version (laa laa la la la la Sean!), it's not going to conflict with NAV, so there wouldn't really be much point in changing back to the Free version?
-
ICS support - This is a little daft, my firewall is on the gateway machine therefore protectin me from ALL network traffic. I use ICS without Pros help so again pointless.
That's interesting Hitch. When I tried Sygate a couple on months ago, one of the reasons why I rejected it and went back to ZoneAlarm was because Sygate wouldn't let my other PC connect to the Internet via ICS.
How did you get it working?
All i did was tell my client to use the gateway IP and use DHCP, this goes through the wall once you tell sygate to allow certain things through the network.. cant remeber what off the top of my head but its standard files it will ask if can access it.
But ya know what PC's are like!
-
Just to clarify Hitch, "Norton 2003" refers to Norton Anti Virus, yes?
I would assume that having *ahem* 'purchased' the Pro version (laa laa la la la la Sean!), it's not going to conflict with NAV, so there wouldn't really be much point in changing back to the Free version?
Yes Simon, 2003 AV only, i dont like the rest of norton i find it intrusive and useless. And yes if you use the Pro it should cause NO conflicts anyway.
Im a bit of a power user and hate to see things redundant yet taking up resources... windows does enough of that on its own :)
-
Well, resources aren't a problem for me at the moment, but, like you, I like things to be as efficient as possible, and hate anything being stuck on my PC that is of no use.
Silly as it sounds, it's now bugging me that I've got two things doing the same job ::) so I may try out the Free version, and if it's still as water tight as Pro, might ditch Pro and switch over. Stupid isn't it - these little things that are sooo niggling, like that Links folder! ::) ;) ;D
-
For any new members who have not yet installed a 'Firewall' on their PC, try these security tests. Sheilds Up (https://grc.com/x/ne.dll?bh0bkyd2) or this one that you download, and an icon sits on your desktop Leak Test (http://grc.com/lt/leaktest.htm) Then download a free firewall and do the tests again.
I use the free version of ZoneAlarm (http://www.zonelabs.com/store/content/company/products/znalm/comparison.jsp) and it pass's both tests with flying colours
Go on have your 'Ports probed' you know it makes sense, you wont require a tissue I promise :o
-
If you are on a router with its own inbuilt NATS then you will need to use their FREE IP AGENT to check the router properly as the normal tests will show it leaking like a sieve ;)
-
I no longer have Zone Alarm installed but a quick Shields Up test shows that I don't have any leaks. I found that having both a router firewall and ZA caused many websites such as Yahoo to be inaccessible unless I disabled ZA.
-
That Steve Gibson guy is a genius!
As many of you will have gathered, I detest Firewalls. I've tried all the freebies and several paid for (cough) Firewalls. Every time I do a clean install I try another. I am so desperate not to use one, I often disable my firewall and go to Gibson's site to take the tests, hoping for a miracle, but the results read as grief stricken.
I was looking at the site again tonight and was surprised to find that Stevie boy, although a self-confessed fan of Firewalls, actually belongs to the line of thought that they are not essentially necessary for a standalone PC with no file or printer sharing.
If you have no immediate need to share your files with any other computer ? local or remote ? the safest, cleanest, and simplest solution is the "unbinding" of Windows insecure networking client from your network. And you should ABSOLUTELY do this even if you plan to get a firewall . . . mine or someone else's.
He then "advertises" his own free Firewall that will so be available but goes on to say:
It should be noted, however, that using a prophylactic program (like a firewall) to suppress the operation of another (like Microsoft's Networking) is not nearly as safe and sane as removing the program whose operation and behavior you wish to suppress.
Having read all that, I then spent a hour reading, digesting and then unbinding the network client. With my Firewall off, I then took the tests. Here are the results for the Test My Shields tests:
Preliminary Internet connection refused!
This is extremely favorable for your system's overall Windows File and Printer Sharing security. Most Windows systems, with the Network Neighborhood installed, hold the NetBIOS port 139 wide open to solicit connections from all passing traffic. Either this system has closed this usually-open port, or some equipment or software such as a "firewall" is preventing external connection and has firmly closed the dangerous port 139 to all passersby. (Congratulations!)
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
I might try Gibson's own Firewall when it's released.
-
Nice results Dave :)
-
Interesting experiment Dave. Personally I have found the Sygate Personal Firewall (http://soho.sygate.com/products/spf_standard.htm) very effective, and, once configured, no hassle. It's also free, but there is a Pro version also available.
-
Having read all that, I then spent a hour reading, digesting and then unbinding the network client. With my Firewall off, I then took the tests. Here are the results for the Test My Shields tests:
So how do you do that then Dave, like Simon sez a very interesting post, well done mate.
-
I didn't really do anything except for follow Steve Gibson's step by step instructions at
http://grc.com/su-rebinding9x.htm.
I had been reading through the site, following the links, when I read his concluding remarks:
Although I'm a BIG fan of Personal Firewall products, as you'll see on page 7, "Personal Firewalls", the tremendous power of these straightforward "component unbinding" techniques has allowed you to disable an unwanted and unneeded capability from your system. This solution is superior to depending upon some other product or technology to "suppress" that unwanted capability. That's an important distinction in the realm of robust security.
AND, if neutering your system's networking is not possible because you do still need to share files across the Internet then full security will require the suppression of unwanted networking capabilities. The following two pages, "Evil Port Monitors" and "Personal Firewalls" detail your options and discuss pitfalls.
As I don't share any files and I had plenty time on my hands, I went back, read through again and got on with it. I still have Sygate installed on my system, so if I start to feel insecure, I can always re-enable it. :)
For anyone thinking of having a look, the instructions only apply to Win95/98 and NT.
-
This Gibson configeration certainly seems to do the trick. I've just tried another test at stealthtest.com and this is the result:
We are now scanning your computers NetBIOS information, please wait.
Was unable to connect to your computer.
No shares or Sharing is not enabled....
-
Handy to know, especially if you don't like Firewalls - thanks Dave. ;)
-
ChorleyDave, all you have done is disble Microsoft Networking (NETBIOS). The NETBIOS port is only ONE port out of thousands (65535 or 65536 can't remember) that can be exploited to pass information from your PC back to a cracker or other cybercriminal.
I think you should go back to the grc.com site and to a full port probe, or better still try the tests at www.pcflank.com and then you'll see why you need to switch on your firewall again :o
-
I'm pleased to say that my router passed that test with flying colours. ;D
-
Hi, Adept. Hope you had a good holiday. Looking at your picture, you don't appear to have caught the sun. Were you in the boozer for the duration?
;D ;D ;D ;D
Thanks for the URL for PCFlank. I've been trying to find the site all week, having deleted the URL in error last time I gave my Bookmarks a spring clean. Unfortunately, the tests didn't make much sense. The quick test alerted me than Ports 137 - 139 were open, but the advanced port test says they are closed! Having visited several over the past couple of days, I'm begining to think that these security sites are a bigger gimmick than some of this so-called security software. Nevertheless, I re-enable Sygate, but if anyone knows of an alternative extremely light but effective firewall, I'm all ears.
-
What do you not like about Sygate, Dave? It's the best free one I've found, and I've tried most of them.
-
It isn't Sygate that's the problem, it's me. It's the best free one I have tried too, Simon. The problem with me is that if I have something running, I like to know what it is doing, and unlike anti-virus software which can be installed and forgotten about, except for checking for updates every week, I find firewall alerts to be as intrusive as the phone continually ringing during the Cup Final. In the past, I must have spent weeks of my life attempting back traces, particularly when I was using Black Ice Defender. Now I either turn alerts off, or try to ignore them, but to me that defeats the whole purpose.
Yep, I know I'm a bit mad. :o
-
What do you not like about Sygate, Dave? It's the best free one I've found, and I've tried most of them.
You seem smitten with Sygate Simon, not tried it myself, tell me please what does it do better than ZoneAlarm [free]
Cheers
-
Apart from when I walked into a lamppost, I think the old adage "what the eye dosn't see, the heart doesn't grieve" has served me well Dave. ;D
-
Tony,
I haven't tried ZA for ages, so to be fair it may have changed, but I found it quite intrusive, with constant alerts and flashing system tray icons. There was also something else about it I didn't favour, but I can't remember what that was now. I think it was mainly the alerts that put me off.
Of the free ones I have tried (ZA, Outpost, Tiny), and also Norton 2002/2003 I have found the Sygate one to be the most hassle free, and it hasn't stopped me doing anything I want to do. Outpost didn't get on with WinMX, Norton 2002 was OK, but 2003 wouldn't allow PC Banking, or Pals chatroom, and seemed over complicated to configure. I was getting permission requests for each and every web page, even after ticking the 'allow all the time' box. Tiny was just horrible, from what I remember.
I'm not saying that Sygate is the be all and end all of free firewalls (I actually have the Pro version), but it's the one I have been happiest with.
-
Tony,
I haven't tried ZA for ages, so to be fair it may have changed, but I found it quite intrusive, with constant alerts and flashing system tray icons. There was also something else about it I didn't favour, but I can't remember what that was now. I think it was mainly the alerts that put me off.
You can turn the 'alerts off' Simon, as I agree they are annoying, got mine off. And it only asks permissions for applications you have not given the green light for regards connecting to the web. As long as I can remember it has always been like that, mind you my memory is not what it used to be Clive. ;D
-
It's quite a while since I used it, but the only problem I had with Zone Alarm Pro was that every time I started my PC, even to simply type a letter, it tried to connect me to the internet. Outpost used to simply stop working on its own accord, while Norton slowed me down so much that I was continually switching it off just to be able to surf. Black Ice Defender has so many features (or gimmicks depending on how you look at it) that I spent a month doing nothing else but playing with it. I didn't even try Tiny after reading horror stories about it in the Newsgroups. Therefore, for now, its Sygate or bust.
Hopefully, in the not too distant future, someone will develop something that puts your PC in stealth mode and then lets you forget about it. I don't want anything else. My anti-virus, anti trojan and Adaware does the rest.
-
Apart from when I walked into a lamppost, I think the old adage "what the eye dosn't see, the heart doesn't grieve" has served me well Dave. ;D
Lol Clive. Of course, you are right.
My son has been sitting here with me this morning (he's finished school now - the sooner he gets a job the better!) and even he said I faff around too much:
"You're always messing about with things on there. I'm surprised you ever get to any websites".
Therefore, I have turned off notifications, hidden the task bar icon and changed log settings from the default 512KB and 30 days to 100KB and 1 day, with the intention of preventing me from keep snooping about in them. Hopefully, my anti-instrusion program will now cease to be the most intrusive software I have on my machine. :o
-
So, basically, it's only 'intrusive' because you can't leave it alone, Dave! ;D ;D