• 0

The Definitive "BEST FIREWALL" thread

Asked by MxxCon,

 Share

The Definitive "BEST FIREWALL"  

881 members have voted

  1. 1. The Definitive "BEST FIREWALL"

    • Black Ice
      23
    • Kerio/Tiny Personal Firewall
      99
    • Norton Firewall
      108
    • McAfee Firewall
      24
    • Zone Alarm (Pro)
      259
    • Sygate Firewall
      113
    • Outpost
      80
    • Any *nix solution
      35
    • Windows XP Built-In
      66
    • Other
      74

Question

351 answers to this question

Recommended Posts

  • 0
Mentor

iwod

Posted
Posted

if this thread was to help those who choose firewall software. Then i suggest Outpost should be added to the poll.

nth said. I think i post about Outpost more than a year ago and rarelt anyone uses it. Now i see there is just so much more suppoter. Resources Efficent, and powerful. What more do you want?

  • 0
Rising Star

VazaGothic

Posted
Posted

I like and I use Outpost 2.0 - small, fast, has additional components - like pop-up

blockers, etc

Here's a link to comparision of different firewalls, some of them have one flaws,

other have another ones, etc ..

http://www.firewallleaktester.fr.st/

But it's good to know what your current firewall is good (and bad) for :)

  • 0
Rising Star

VazaGothic

Posted
Posted

PS

IMHO - only VERY brave people use XP built-in firewall, because this

firewall shouldn't be even called firewall at all. It sucks in almost everything.

In this situation saying that "No Protection is the Best Protection" is a right thing to do :)

  • 0
Grand Master

canadian397

Posted
Posted

I'm gonna have to say the best Firewall I have ever used is honestly the firewall on my Dlink DI-604. It has stood up to many attacks (Don't ask, :whistle: ) It was already configured when I took it out of the box and right after I tested my internet security at Sarc.com and it was perfect! I have use ZoneAlarm Free Edition but I found it too annoying and Windows Firewall does nothing! Best thing about hardware routers is you don't get annoying messages telling you that a program wants to talk to the net. ARG! lol, jk

  • 0
Grand Master

Pink Floyd Veteran

Posted
  • Veteran
Posted
I use Outpost Firewall Pro 2.0.

like others said, it's the most secure software based firewall available right now, when propperly configured, that is.

Keeps all my ports stealthed and monitors progs as well as the *.dll's used by them.

On average it uses just 5mb of ram, which is the lowest ram consumption i've seen so far.

It has it's quirks too, though. One of the major ones is, that it's impossible to limit the logsize. If you use programs which create a lot of traffic, your log's size will increase to 500mb over the months running Outpost. Thats easily fixed by renaming op_data.dll to lets say op_data.dll.bak, which will prevent outpost from adding the monitored traffic to the log database.

Number two would be Sygate Firewall Pro 5.5.

Has it's probs with DNS. Tho DNS is allowed at its settings, at an auto reconnect to the net, resolving hostnames isnt possible any more all of a sudden.

This can be solved by manually creating a rule, which allows outbound connections from port 53.

Apart from that its just as good as Outpost besides one thing - it uses more ram.

Number 3 on my list is ZoneAlarm 4.5 Pro.

It's great for beginners. almost everything is preconfigured or very easy to set up.

Creating additional rules is a bit limited, but addons like the prevention personal data leakage thru html forms and cookies make up for it.

Popup blocking is a nice addon too, but Outpost does this as well, and ad blocking on top of that.

The major issue i had with this otherwise nice tool is, that over a few days of being connected to the net, creating a lot of traffic, Zone Pro started to screw up, consuming more and more ram (innitially 25mb already, adding all its processes together) and started to give me ping timeouts on irc, or disconnecting me from servers. my guess is, that the monitored data keeps piling up until Zone cant handle it any more.

Still an OK tool for people who want a firewall which doesnt leave them puzzled on how to use it.

-Lef

5 mb of ram is big...

thats because u have never tried kerio 2.1.5 yet!

  • 0
Enthusiast

ht990332

Posted
Posted
after setting up an ISA Server at work I have to say that ISA is probably the most secure (and complex!!) firewall out there. I used to to IPTables however ISA is the better option (however it costs bucks!!).

ISA is definitely the best ever, but if you want a personal firewall zonealarm pro is the best. I've tried Norton firewall 2003 and it did not stop people from hacking into my computer. However zonealarm pro seem to do an excellent job

  • 0
Grand Master

PseudoRandomDragon

Posted
Posted

A router is really only good for most inbound threats. It cannot stop a trojan and I know people who can cut through routers like cheese. Of course, these people are really good. A router makes for a good script kiddie blocker and blocks just about all the scans caused by trojans.

  • 0
Grand Master

Spyder Veteran

Posted
  • Veteran
Posted
wow...this is only about the 4,000th thread like this, woohoo....anyways, zonealarm pro all the way.

actually if you note the date of the first post in this thread, this thread is quite old. all other threads like this get merged with this one.

  • 0
Grand Master

ToastGodSupreme

Posted
Posted

Occassionally, I've had to stick myself in the DMZ for my server, and man, when I look at my firewall logs, it's just absolutely frightening. :o

I will NEVER use a broadband connection without being behind a router. Even if I go back to just having one machine. I mean, there's so much that a router just protects you from by default, why not spend the extra $40?

  • 0
Apprentice

blue baby boo

Posted
Posted

been using kerio 2.1.5 which was great but its driver would crash every now and then .. which was annoying

tried outpost 2.x pro and working great.. and small mem usage

i would use my routers firewall but being dailup .. has no use to me :(

  • 0
Explorer

Lefhark

Posted
Posted

For those who want to try out something new, how about Kerio 4.0.8?

Its as easy to configure as Zonealarm Pro but has more in depth options. For those who tried earlier Kerio 4.x.x releases, the annoying "crash after running Kerio 4 for 20 or more hrs, because of unreleased ports piling up" has been solved in this release.

You can get Kerio 4.0.8 from here:

Kerio PF 4.0.8

Think of it as Kerio 2.1.5 with a better GUI and more options (popup blocking and all other functions Zone has) ^_~

GUI:

kpf_conn_info_small.jpg

-Lef

  • 0
Rising Star

40420_1437839287

Posted
Posted

I use hardware: Netgear Firewall/VPN router.

Blocks anything and everything by default, so you have to manually configure ports you want open etc.

Had no problems since I started using it. Logs are scary. Its amazing what people try to get from your network !!

Some of the features are:

Stateful Packet Inspection (SPI) to prevent Denial of Service (DoS) attacks (syn flood, ICMP flood, UDP flood, "ping of death", IP spoofing, land attack, tear drop attack, IP address sweep attack, Win Nuke attack). Intrusion Detection System (IDS) including logging, reporting and e-mail alerts, address service and protocol), Web URL content filtering.

SEight (8) dedicated BPN tunnels, Manual dey and IKE Security Association (SA) assignment, 56-bit (DES) or 168-bit (3DES) IPsec encryption algorithm, MD5 or SHA-1 authentication algorithm, pre-shared key, perfect forward secrecy (Diffie-Helman and Oakley client support), key life and IKE lifetime time settings, prevent replay attack, remote access VPN (client-to-site), site-to-site VPN, IPSec NAT traversal (VPN pass-through).

Network Address Translation (NAT), static routing, unrestricted users per port.

Static IP address assignment, internal DHCP server on LAN, DGCP client on WAN, PPPoE client support.

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.