Zone Alarm Free
Jack Wallen is an award-winning writer for Techrepublic and Linux.com. As an avid promoter/user of the Linux OS, Jack tries to convert as many users to open source as possible. His current favorite flavor of Linux is Bodhi Linux (a melding of Ubuntu and Enlightenment). When Jack isn't writing about Linux he is hard at work on his other writing career -- writing about zombies, various killers, super heroes, and just about everything else he can manipulate between the folds of reality. You can find Jack's books on Amazon, Barnes & Noble, and Smashwords. Outnumbered in his house one male to two females and three humans to six felines, Jack maintains his sanity by riding his mountain bike and working on his next books. For more news about Jack Wallen, visit his website Get Jack'd.
It's a lot of back story below but my question is: Would you ever consider using only an infrastructure firewall? I am assuming that infrastructure firewalls are updated as frequently as personal firewalls and are thus as capable as personal firewalls. Would anyone disagree? Would anyone presume an infrastructure firewall to be more effective than a personal firewall? Please correct me, but from my understanding the products in the article are all personal firewalls: they protect only the environment they are being run in. I saw a few names being bandied about in the comments that from my understanding were infrastructure firewalls: a perimeter defence for a network. Smoothwall being the most notable. Whilst from memory of my investigation (now somewhat outdated) most fo the infrastructure firewalls are based on *nix/BSD. Tehy are (generally) intended to run on separate hardware, but possibly can be run in a virtual environment. Infrastructure firewalls provide different protection: * they do not protect from LAN side attacks. * they do not interact with the end user (allow/block notices) * because they use a separate environment they are not prone to exploits on the endpoint. Some infrastructure firewalls (such as untangle) also offer a degree of endpoint protection, and many offer other features such as VPN gateways.
In Win7 or Server2008, click start > enter wf.msc into the "search programs and files" field. This Brings up Windows Firewall with Advanced Security. There are Inbound Rules and Outbound Rules. On most workstations you can block all inbound options (you'll have to open specific ports to use an email client, accept RD connections or VNC connection, SSH connections, FTP or serve any web pages, or share files on your network...but you can determine which ports to open based on your needs, search for a list of TCP/UDP ports and open those you need for incoming and close all others. Next for outbound, you can also close all of those, however, you can run into problems here. You will need to have a number of ports open for your computer to run well. You'll have to open ports to the local machine or loop back, you'll have to open port 80 for web browsing 443 for secure web browsing, 20 and or 21 for ftp access to other clients, etc... It is possible to use windows firewall advanced settings to close outbound traffic but you have to do some research and open the ports you need. Also, once you have created a firewall configuration that you like, you can export it, save to a usb drive and import to any Win7 Server 2008 machine saving you the effort of recreating the configuration by hand. For additional security, look over the list of services running on a semi-regular basis. in the same search box off the start menu, type msconfig and look over the list of programs in the startup tab, check them on the process library site and disable any that are not needed...keep an eye out for any that are suspicious too. Same with the Services tab.
TBBrick - You seem to enjoy just tossing one liners out disparaging various products, but fail to elaborate. There are mostly techies here and you need to tell us what bad experiences YOU (not your buddy or his friend) have had with this product. Otherwise, you run risk of just being ignored as another troll.
Features * Antivirus, Anti-Spyware, Anti-Rootkit & Bot protection * Defends your PC from Internet attacks * Detects and eliminates viruses * Prevents malware from being installed * Auto Sandbox Technology? * Easy to install, configure and use * Free to both business and home users Price: 100% Free ^^ That was from their site: http://www.comodo.com/home/internet-security/free-internet-security.php Yes, both antivirus and firewall are free. You only need to pay for Plus and Pro version. They adds additional services. (read about that at their site)
If you are fairly firewall savvy and have a machine you can dedicate to the task, Endian Community Firewall has served us well.
Been using (paid) Zone Alarm Suite for a helluva long time now, and it is good, very good, at doing what it does. The paid version has so many other useful features it is, IMHO, worth every cent of the yearly subscription. BUT ZA takes a lot of work (aka A REAL PAIN IN THE REAR END) to regularly go through the 'Program Control' section and block all those programs that give themselves unfettered access to the internet, as well as server privileges and mail access. Unfortunately ZA CAN'T stop M$ programs reporting back to M$ Home, it seems. Ultimately, if anyone is REALLY serious about internet security you have to be pro-active. NAT hardware firewalls are a good start but as others pointed out, won't stop stuff leaking out of your computer. A good software firewall, tightly screwed down to allow only programs YOU want to have net access is the best of all - irrespective of the OS you use! (Don't get too smug you Unix-based fanbois - sooner or later you will get caught with your pants (firewall) down.) ;-)
I'm surprised smoothwall express (www.smoothwall.org) didn't make this list. It's linux based and has a large addon community.
So yes, your personal firewall will allow individuals in Scotland to watch something that was stolen in 1993 from the US to remain in enemy hands..... :) Cheers
...14 1/2 - 13 1/2 It was a rather good match, don't you agree...except for the US not getting that last point. :-)
If memory serves (and I sincerely wish to be corrected if ill informed), there are at least four MS client firewall products: Windows Defender, Windows ICF, MSE (Security Essentials), and Forefront. I would greatly appreciate some knowledgeable reader elaborating on and differentiating the MS products or pointing out a reputable article on same. I use MSE, and my employer recently dumped McAfee for Forefront. Both use resources very sparingly compared to Trend, McAfee, and ZA.
For personal use? Corporate use? Too many TR articles name "free" stuff that isn't free for corporate use.
The article speaks about software applications unlike Smoothwall which would be installed on hardware and become a security appliance. Another security appliance OS is Untangle and I have been itching for a while to cull together some old parts to build a boxen. Some day I will get one running.
It's because it's not an installable program onto an OS. Smooth wall is more like a stand-alone or it's own OS. It's a great product!
Many people really do not need a separate personal firewall product, as they probably already have a hardware firewall. If you are on a Linux PC behind a normal NAT firewall on a home network, a personal firewall is not needed. If you are on a Windows PC on the same network, a personal firewall serves only one purpose...it may stop a virus from communicating outbound, that's it. And even then, if the firewall asks the user for permission to communicate outbound for a particular unknown process, and the user clicks on OK, the firewall protection has been all for naught if that process is a keystroke logger installed by a virus. As far as protecting your Windows laptop when connecting to a public WiFi access point, the Windows firewall is all you need.
Well, ICF is, but the rest are security suites - Anti-virus, update checks, etc. Forefront is a network security server app. Look up each of the MS products at the MS sites and see. The TechNet library would be a fairly in-depth place to look at docs on any version of these things. The non-MS stuff also comes in suites or in pieces: different malware scanners, firewalls, AVs, etc.
I'm using OpenDNS to block phishing and other malware sites. There are tools to block porn and and the like. I recognize I got off topic but when discussing security its all good.
I have tried the different freebees and found that the Windows built-in firewall is good enough. As robo_sev said, if the user is prompted and acknowledge a bad outbound then the user has a false sense of security... and I can confirm that users will simply click OK on any messages if they need to access the Internet.
Renewer routers/gateways also have configurable firewalls. Configuring a Linux or Windows firewalls behind the NAT adds fine tuning to the network/PC. ie, unwanted outbound traffic, exploited inbound ports, etc.
I agree with your post for the most part. I think some of your negative feedback is simply too many people don't know how to properly secure a PC.
A personal firewall can help reduce your attack surface when: 1) A friend brings over their (infected) laptop and hooks to your network. 2) When you take your computer to any other location (coffee shop, repair shop, work, friends house, etc). 3) When your existing FW/NAT dies, and you decide to hook directly to your DSL or CABLE modem (in the meantime), not realizing it is an older type that doesn't perform NAT (IE: you are directly connected to the Internet). 4) Your always-on BitTorrent/Server isn't patched in time and gets infected, which in turn starts scanning the internal network. 5) And yes, maybe 1 in 10 people just click "Allow" when they see an outbound request, but that still means 10% of the people are protected.
".......it may stop a virus from communicating outbound, that's it." I love statements like this---they don't tell everything. A lot of "if's" in the beginning of the message and a lot of assumptions following. What is really being said is this-----Using your example, if used properly a firewall should keep unauthorized and unknown processes from communicating with the outside world. Could be a virus, could me something to cause DOS attacks, could be your bank account numbers and access codes, could be a spam generator. Strange that Microsoft (I've said the "M" word here!) thinks enough of security to include a good firewall and insists with warnings, etc., that you keep it activated and up to date. Other companies feel the same way and have also produced good firewalls that may be added anytime. An unprotected PC now has about 20 seconds on the network before being attacked. It used to be longer. The majority of recent attacks begin within the PC from emails, etc. A good firewall will block these from completing their outbound tasks----a NAT firewall will not as it deals with incoming only.
And using OpenDNS is a very good idea. Things like Anti-Virus, Personal Firewalls, and Anti-Spyware are like body armor or a bullet-proof vest. They are the last line of defense, and they do not work in every situation. Using OpenDNS or a proxy server like Untangle or WebSense essentially keeps you out of the bad neighborhood, where bullets are known to fly.
Windows firewall blocks all unwanted inbound traffic and does not severely affect the network performance or performance of the PC, and it's free. Windows firewall has two faults, and one of them is by design. The first fault is that it can be programatically disabled, so some viruses can kill it. Yes that's a fault...but many viruses can also walk right past many personal firewall products....I've seen that happen. So this fault is not unique to Windows firewall. The second fault, by design, is that Windows firewall does not block outbound processes. If your PC and browser is locked down properly and you're not surfing some asian-donkey-gambling-love web site, then outbound processes should not be a concern. Based on this logic, I suggest that Windows firewall is perfectly adequate as a firewall product, if used as intended.
TBBrick - You've indicated that the Windows Firewall is not a good product...rather than just toss an innuendo out, please explain. I've put on machines inside and outside of company networks for years and found it to be reliable, updated often, and live up to it's stated purpose quite well. I'm curious to hear where you have seen it fail.
I don't have any friends, so I am not worried about attacks from inside my LAN. If you take a PC out into the world, Windows firewall is perfectly fine. It blocks inbound ports, which is all you need. While it's true that Windows firewall stops nothing going outbound, it won't save you from a virus, but that's not the point. One fault with Windows firewall is that it can be programmatically disabled, but there I go again arguing against myself.... Hopefully anybody who has a clue and two brain cells knows not to plug a non-firewalled device into a cable modem? If they are this ignorant, would they be capable of installing a personal firewall? (catch 22) Torrent: Just say no. Sorry, I don't do Torrents, period. If I really needed to, I setup a DMZ within my network or install a live Linux distro on a box (try and hack THAT, script-kiddies!) Personal firewalls that ask permission are bad for two reasons...either the user gets sick of being asked for permission and turns it off, or they say yes to the wrong things. I've seen clever viruses that name themselves the same as Internet Explorer (just in the wrong directory), so the end-user has no clue that something is not legit. There are those who think the red 'OIL' light on the dash means it's time to change the oil. :) Cheers