The Definitive "BEST FIREWALL" thread

[MxxCon]

i'm so sick of these threads poping up every single week. so here's the one and only thread you should need untill the end of your life. moderator can modify poll entries to update.

BEST FIREWALL

[uniacid]

hmm whats a good firewall I can use on a Remote Win2k3 Server? I don't want to try Zonealarm b/c it would lock me out before I would be able to configure it and I also tried installing Kerio but it doesn't support 2K3

[PseudoRandomDragon]

Get your butt over to that server and config it or get someone else to do it for you. All you are going to do is lock yourself out if you aren't there configuring it yourself. Common sense.

[sgtLENIN]

Kerio! :D

[Tews]

A good router and Zone Alarm Pro is the only way to go!!

[carpediem]

I''ve been forced to yet again try Zone Alarm and I hate it. Settings are spread out EVERYWHERE and there is bad control over what you really let your program do when you grant it access. I URGE everyone to try out Outpost 2.x pro instead and you will see how superior it is. Very easy to set up and it has pre-configured rules for alot of programs. When you run it in wizard mode it's very easy to let programs only communicate through specified ports as well. You see what processes and programs that are in use and what traffic they are causing individually.

[Autoexec]

Those software firewalls are ok but we have a quite a bnumber of pc's on the network here at home so theres a Zyxel Router & a Zywall Firewall between the Network & the internet.

The Zywall 10 is great it can block incoming & outgoing traffic !

[uniacid]

Get your butt over to that server and config it or get someone else to do it for you. All you are going to do is lock yourself out if you aren't there configuring it yourself. Common sense.

if I could go to Tx sure.... anyways I did try Sygate and it did lock me out but my Server host disabled it so I could access it, but I tried connecting this morning and could not find an icon or control panel for it :| and I reloaded it a couple of times

[mimeryme]

Just a thought, didn't bother reading this whole thread, but: the poll loses meaning as newer versions come out and such.

For example, many people are still using KPF 2.15, but that's not evinced in the poll at all.

[YaZoR]

No firewall.

Never had a computer virus/trojan/worm in my life. Never been hacked or exploited. Always keep everything upto date.

I suppose my firewall is either my power button or my rj45 jack.

I'm not saying at all that I'm safe. There are exploits that aren't known yet, or at least known by network security organisations.

If someone was to hack me and succeed, kudos to them. I find them either lucky or knowledgable. I'd just fix my machine and live with it, I have nothing of value or interest on any of my machines.

[Spyder Veteran]

wow only 6 people voted for mcafee? their latest Mcafee firewall plus is great! easy to use, lots of information (graphs, pie charts, ip tracking, etc), blocks everything.. and even looks nice! :)

[PseudoRandomDragon]

PCMag gave Mcafee like, a three. ZoneAlarm Pro and Norton got a 5. PCMag tests were a little messed up though, they said that both Norton and ZAP didn't pass the Tooleaky test. I know for a fact they both have protection against it.

I am glad that there isn't a monoculture of firewalls. That in itself makes the internet as a whole more secure.

[Ivand]

NIS2002 here, its imply the best :D

[Digitaholic]

i use blackice. Can you use more than 1 firewall on a pc?

[PseudoRandomDragon]

Using two software firewalls is not recommended. It does not increase security and it can cause problems.

[livesoca]

I'd have to say I'd go with Norton Firewall

[PlagueWielder3k]

I got a question about my router's (DLink DI-704P) firewall: On the log it has hundrends of lines saying 'Sunday, November 03, 2002 7:11:08 PM Unrecognized access from 62.25.99.20:80 to TCP port 5065' (every line is a differenct port and a different ip).

Does it mean that the firewall blocked it?

Thanks

BTW, don't pay attention to the date because I never took the time to set it right.

Edited March 19, 2004 by PlagueWielder3k

[ring0]

i've fallen in love with Outpost.

easy to configure/set up, it registers as "stealthed" on damn near every test i've run on it so far, and it doesn't kill my ISP connection like zonealarm did, even after i spent two months and countless hours in the ZA forums trying to get it properly configured.

i'd like to retract my previous ZA vote and put it towards Outpost 2.x :p

[netstarman]

Zonealarms been good to me for awhile, Mcafee firewalls good also.

[coresx]

i've fallen in love with Outpost.

easy to configure/set up, it registers as "stealthed" on damn near every test i've run on it so far, and it doesn't kill my ISP connection like zonealarm did, even after i spent two months and countless hours in the ZA forums trying to get it properly configured.

i'd like to retract my previous ZA vote and put it towards Outpost 2.x :p

I just installed Outpost and went to Shields up to test it. Pratically all ports are closed and only 3 stealth. It said it failed. I don't know what I'm doing wrong when I configure it. All I have done is allow the programs which need access like IE, Firfox, email,WMP, etc...

What am I doing wrong ?

thanks.

[coresx]

Right, I just unistalled my firewall. Went back to shields up to see what results I would get with no firewall, windows xp firewall is not on either btw. I get the exact same results plus this result from another test. I am using a router to connect my computer wireless so has that got something to do with it. Here is what result I got for the other test.

"Attempting connection to your computer. . .

Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely that no one has told you that your own personal computer may now be functioning as an Internet Server with neither your knowledge nor your permission. And that it may be serving up all or many of your personal files for reading, writing, modification and even deletion by anyone, anywhere, on the Internet!

Your Internet port 139 does not appear to exist!

One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet."

So I don't need a firewall because I'm using a router ?

thanks

[devn00b]

Best firewall is to unplug yerself from the net :D

My fav has always been Kerio.

[PseudoRandomDragon]

WooHoo, your question has been answered previously. See the previous posts in this thread.

[silversky]

Cisco Pix. Okay, so it's a $500 firewall. You get what you pay for.

[ring0]

I just installed Outpost and went to Shields up to test it. Pratically all ports are closed and only 3 stealth. It said it failed. I don't know what I'm doing wrong when I configure it. All I have done is allow the programs which need access like IE, Firfox, email,WMP, etc...

What am I doing wrong ?

thanks.

i got an all-stealthed rating there, and all i did was tell it to apply the pre-set program rules, pre-set isp rules and then changed just a few things (not letting some windows system files connect to the web - explorer.exe doesn't need 'net access) - i don't think i did anything too special

[PseudoRandomDragon]

I worked with some WinXP computers and found that explorer.exe needs access, or you will not be able to view web pages with any browser. SVCHOST.exe also needs access, but I found I could restrict it by only giving it access to localhost,trusted zone, the DNS servers.