lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Jan 18 02:00:02 2006 From: me at n33t.org (Nick Hyatt) Subject: PC Firewall Choices Given the choice between one of those selections and a standard Linksys router / firewall combo, wouldn't it be safer to go with the hardware firewall? I find the configuration options to be quite a bit more in-depth, and the hardware firewall doesn't get itself as stuck in the system as say, ZA does. Nick Hyatt me@...t.org -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Nic Werner Sent: Tuesday, January 17, 2006 4:05 PM To: Steven Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] PC Firewall Choices ZoneAlarm - gets in the way, and hard to diagnose problems. You end up turning it off because it never remembers your settings and you can't trust it. Kerio - I liked the best, but the GUI would crash when trying to display all your packets. This is a known bug. Allows you to create rules, and to see how they are applied in comparison to the system-generated rules. Definitely try. 8Signs - Said it had stateful packet inspection, but didn't. I gave up trying to poke a hole for TFTP. I haven't tried Tiny, its next on my list. The toughest part about these firewalls (for me) is determining how/when a packet is filtered. Does it hit the internal rules first or does it check against yours? If one time you hit Permit on a pop-up window, can you go into the program and find rule? On 1/17/06, Steven <steven@...ebug.org> wrote: > I am looking at supplementing the Windows XP (Pro) SP2 Firewall with a > third party product on a bunch of Windows machines. I am trying to > determine what product to go with and wanted to solicit some opinions > from this mailing list. The four that I really come across and have > used in some cases are ZoneAlarm, Sygate, Norton, Kerio, and Tiny. My > understanding is that Norton has actually acquired Sygate and that the > Sygate Personal Firewall probably wouldn't be the best choice of these > now. With that in mind I am looking for a product that easy to setup, > easy to use, works well, and does not take up too much in terms of > system resources or harddrive space ( I also don't want it to add 20 minutes to the boot process either). > > I am not looking for e-mail protection, anitivrus, or any other > non-firewall type services to be included. I do however want it to be > able to manage applications and their internet usage. (i.e. if they > install something new that tries to access the web (trojans included) > they will get a popup telling them something is doing this). > > Any suggestions and opinions on the above products and any others that > I might not have mentioned are welcomed. > > Also -- on top of this if someone knows of software/hardware that can > scan these machines and verify whether or not both the SP2 FW and/or > the 3rd part FW -- and perhaps prevent them network access if they are > not running -- please let me know. [I am not sure what security > products have these capabilities] > > Thanks > > Steven > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- - Nic _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists