Do any of your internet/computer gurus types out there know of a good freeware firewall available on the net?

There are a few linux-based ones, like smoothwall. Search for things like "linux" and "firewall" and you ought to find something.

Bird

I wish I was computer literate enough to use/understand linus/x :) bird. I'm strictly a windooze user. :rolleyes:

Paul, Zone Alarm is very good I've used it for a number of years.

There is a basic level that works very well ( free ) or you can purchase the more advanced unit. Just type in Zone Alarm and it will take you to the site. Cheers, John:nerd:

I've used Zone Alarm myself a few years aga John, I should have remembered that. :doh: Friday nightitis I'm afraid

Paul, >http://207.33.111.31/spf/spf5.5b2710.exe
This is a free Sygate Firewall that is very stable & easy to configure..Been using it for over 15 mths. np.
Another good one is Zonealarm....HTH. :D L.

Paul, With a fresh download, it will allow you to use Zone Alarm Pro for two weeks for free. You can then buy it or go back to the basic level;)

Cheers guys, that'll get me going. I've used both Zone Alarm (V.4 from years and years ago) and Sygate. Guess I'll download both and see which one I like the best. If I install them both but only have one working at a time will they interfer with each other?

I use Kerio personal firewall, but its for a more advanced user who knows a bit about internet protocols.

Yup, Kerio is not bad. I've been using zonealarm for 4 years with no problems.

tony kERIO HAS BEEN BOUGHT OUT BY SYMANTEC AND IS NO LONGER SUPPORTED OR AVAILABLE

I've taken the easy option. I've loaded Sygate on a laptop and Zone Alarm on one of the desktops. That way I'll can evaluate both over the next few months and see which one I like the best. Thanks Guys

If you are evaluating Zone alarm you must remember that the latest version while having more features slows the computer down. I am using V4.5 as I found all the newer ones to be too slow.

Does that go for just the basic Zone Alarm V6 as well cj? or for the pro version. I'm only using the free version with just the firewall ability

Sorry, haven't used the basic one.

I've used zone alarms pro for years. Now I'm on Zone Alarms suite 6 and I swaer by it.

If you are on broadband I'd strongly suggest connect your modem via a NAT router with and in-built hardware firewall ( a $119 D-Link or sysgate is fine) then add zonealarms and finally spybot search and destroy. Also make sure you keep all your windows patches up to date and turn off global file sharing - share particular directories - not entire drives annd enable strong passwords on all accounts e.g not null accounts or password = qwerty or password!

Bird is right though. If you want a cheap and easy firewall you stick Linux on an old PC and make it your firewall server and connect to the web through that. Stuff running on your windows box is not going to be nowhere near as secure. But any firewall is better than none.

Paul,

Do you have broadband or a modem dialup?

Regards

Paul, The Sygate 2710 link is very good. Sygate have been bought out by Symantec? As such, they no longer support the free versions. But the later versions were glitchy. Nothing wrong with 5.5.2710. Why upgrade? It's a firewall. It works or it doesn't. Mine does. No bugs here. Ever. Why pay when there's free ones..:D L.

Dialup :eyepop: :shudder: never again. ......Broad band netwolf.

A linux based firewall is good for protection for a lan, but a 'personal firewall' running on your pc will also allow/deny rules per application. eg, I only allow my email client outbound connections to valid ports required for email only, ie no html links to ads or web bugs.

I have never run a firewall program in my life.

I let my Router do the job.

Good luck with the firewall programs Paul

I have a Netgear ADSl Router Tony, (DG834GT) how would that stack up?

I'm with Tony, most routers have good working firewalls (which are user configurable) as part of their standard options. I have no firewall apart from the one provided by the DSL router and have never experienced any problems. Your most likely security problems will lie with email and web browsing software, and without locking down scripting etc (which is necessary for most web browsing) there's not that much you can do about it, apart from keeping up with security updates. If you're paranoid about your security there are a number of free sites that do tests of your firewall security. http://www.auditmypc.com/ is one such site. Also make sure you have some spyware checking software on you PC, I use Lavasoft Adaware, but there are others, such as SpyBot.

A router will protect you from outside malicious activity to an extent, but wont prevent any suspect software or trojans on your pc from 'phoning home' and opening a connection. Hence the name 'trojan', a program you are tricked into downloading, and once inside your pc, can establish coms and bypass defences only designed to keep stuff out (nat router).

Maybe someone could explain how all this stuff works and the different options open to use. It would be great info for those who use the internet but aren't really up with all the techo protective stuff and what it actually does. (like me :D )

1: Make sure you keep up to date with Windows updates and security patches.
2: Run an antivirus package and keep its definition files updated.
3: Never ever install any custom software "required" to view a particular site unless absolutely certain. If the site insists that you click the 'yes' button, leave and go elsewhere.
4: Be very wary of emails with file attachments that you did not ask for :whistle:

I personaly find a good updated antivirus working with my router is enough for me.....I suppose I have the pleasure that I can format my system and reload windows myself at any time.

It's your call Paul...you cant go too far but I personaly found too many problems with firewall software exspecialy at the time when I was into online gaming...it just wasn't worth the hassle.

But some people wouldn't run their system without it.

Yes Paul that Router has the same internal firewall I am using.

Paul,
I reccomend you go over to Steve Gibbs website and take a look around.
http://www.grc.com/default.htm

You should do the Shields UP probe test, this will test your Router/Modem and tell you how well its doing its job.

Now even if you recive a stealth rating for all ports on your Router/Modem, you still need other protection.

Look at it like this.

1. Inbound Traffic, A door to stop ousideters getting in. A stelth door just means that it will be invisable. A closed door is still visable and people can try to get in. An open door...

2. Outbound Traffic, A door does not usualy block outgoing access. But a good door can allow certain people out and keep others in.

Most good NAT based Routers today will give you a stealth rating.

However they will do nothing to stop outgoing traffic. One of Steve Gibbs earliest test was to let you download a small program to your PC and run it. It would then establish a FTP connection to a server and state you failed the test. But of course you want to be able to connect to the outside world otherwise whats the point of having access to the Internet. For example connecting to Iceinspace forums clearly shows your Router does not block outgoing HTTP traffic. But this is be design.

The question is controlling what on your PC is talking to the outside world. Is it being intitated by you or automaticaly on your behalf, worse still is it running without your knowledge for a malicious purpose. Usualy this is called a Trojan, as the refrence to a gift you recived that opens your doors to unwanted guests. Imaging you get an email with some innocent looking attachement. You run it and its some silly animation, but in the background it establishes a http connection to a website of its author, and uploads your personal information. Or downloads further instructions of malicious programs to be run on your pc.

An email from a trusted friend, which is actually not from him but from a Malicious program that has infected his system and automatically emailed everyone in his address book... You open it because its from your mate.. you click on the link or run the attached file and then your infected and your contacts get a nice email from you.

So there are many things to consider.

1. A good router should be tested by Shields up to ensure you get A stealth rating. If not consider a firmware upgrade or replace it. Infact Steve is now recommending two NAT Routers are better than one but thats beyond the scope of this.

2. A good per application firewall on each of your PC's, ok this is not really neccessary but this will ensure you know when something on your PC wants to connect to the outside world. Zone Alarm is the king of this, its annoying at first because you have to teach it what to let out and what not to. And the fact that rules are per application makes it very powerfull.

3. Anti-Mallware are the following. A must have.
a. Anti-Virus.
b. Anti-Spyware. See above link for a link to a site with a comparisson. You will note from the comparisson that no one protects from all. For your ease here is the link http://spywarewarrior.com/asw-test-guide.htm
c. Anti-Trojanwares..
d. Hijack This.. this is not a protection tool but more a way to find if you have mallware on your system. It takes a snapshots of your system and you post it on the forums were people analyse it to see what your PC ailment is. Given time anyone can learn to analyse these reports.

By the way If you think your machine is running slow, or something just isnt right. Check your Taks Manger to see what process are running. Sear for each process by its name on Google. Ther are many lists out ther describing what each process is, if it is legit or mallware. Note you wont find everything this way but you can get many this way. Then you can searh for instructions on removing it.

Last and most important. Protection is allways better than disinfection later. There is a case of a person inside a Corporate protected environment instlling a PC with there corporate Windows image, and being inffected during the installation. Basicaly a brand new Windows install should not be connected to the Internet before it has protection. Like the email example i gave above other Worms or bouncing arround the internet still even very old worms. Why becuase they are bouncing from unproteced machine to unprotected machine. Dont be the next PC to give more life to a Worm...

Regards

Appologies for the long post..

Thanks netwolf. It looks like I'm going down the right path then. I have two desktops and three laptops all connected to the ADSL router. Each machine has either Nortons, McPhee or AVG running with automatic updates and autoprotect activated. Each machine has either McPhee firewall (packaged with the antivirus), Zone Alarm or Sygate. Each machine has both AdAware and Spybot installed along with spyware preventer (can't remember what it is) on the desktops (probably should put it on everything). I also ahve the Windoze autoupdate turned on to let me know about new patches etc, though I sometimes think I'm running more windoze patches on my machines than any other applications.

FWIW, If running XP with SP2, & you choose to run Sygate OR Zone Alarm Firewall, make sure you turn the Windoze Firewall OFF. May get conflicts with 2 running, if you do not. :D L.
ps. www.grc.com is a must.

Your decent ADSL router should have a builtin firewall hardware ?
so you dont need all the firewall software !

I use a router, but I still use a software firewall. A router stops inbound traffic only. If you get spyware or a worm on your computer there is nothing stopping it accessing the internet.

Go to Grc.com by Steve Gibson and download a small program called leaktest. When you run it, it attempts to contact the grc site and tests out your firewall's outbound protection.