Re: alternate to firewall?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: alternate to firewall?

From: <jameshanley39@yahoo.co.uk>
Date: Tue Sep 27 2005 - 05:25:49 CEST




ashecorven wrote:


> Thankyou VB, james and casey for your responses.


>


> I should have explained some more. I have being using tiny firewall for


> quite a while but now i have bought a router and i do believe (please


> correct me if i'm wrong) i don't need the "main" use of the firewall


> anymore.



that's 90% right


'Home Routers' block incoming,  (the main security advantage)



Thoguh if you wanted to run a server, then you migt want to tell your


software firewall to restrict access so that it's not open to any IP.



And also, the PFW offers a second layer of security.



What you need or don't need is relative to you.  But if you were


runnign servers and you don't want anybody to connect to them, then you


would need a firewall.



And you will probably want to run servers. Running an FTP or similar


server is almost the only easy way to transfer files.  And you wouldn't


want anybody conecting, so a firewall blocking or restricting incoming


is important.



>But tiny like other firewall products i have used in the past (ZA,


> Sygate) it pops up when a new program starts and asks whether it is


> trustworthy etc. or if the file has changed since the last time is was run


> etc. I find this quite useful and was wondering whether there were any


> programs that did JUST that.



that is blocking outgoing and prompting with a popup


there are no programs to block just outgoing. So your software firewall


would be blocking incoming superfluously/redundantly . The incoming


packets wouldn't actually reach your PFW, they would stop at the


router.


your PFW won't use up much resources from blocking incoming (especially


since there's nothing to block if your router is stopping it and you


don't want it to reach one of your servers)



> However i would like to know which firewall software is currently regarded


> as the best. I would rather a firewall that uses minimum system resources.


> Any trustworthy third-party websites with features, effectiveness, etc?



I just ask a few people, they usually rate Sygate very highly. I've


heard Kerio rated highly.   I prefer sygate, nice gui.



but, I don't think sygate prompts when a file has changed like your


current PFW does!


sygate does has a nice port logger updated in real time. maybe some


other PFWs don't have that.  The windows firewall doesn't.



There is debate as to whether it's worth blocking outgoing at all. See


recent threads where VB demonstrates how a malicious program can easily


get aroudn this.



You shouldn't worry about a firewall using resources blocking incoming.


It really doesn't use much resources.  I know sygate has an option to


"allow all" but that'd allow all incoming and outgoing. Leaving you


with the port logger as the only feature left!


Received on Thu Sep 29 20:11:01 2005