General discussion

  • Creator
    Topic
  • #2072859

    Ed Bott’s Microsoft Challenge–6/29/00

    Locked

    by ebott ·

    On the corporate network, you use the best firewall you can find, and price is no object. But when your people unplug the network cable, they lose this protection. So what do you recommend for personal security software for Windows users? With the rapid growth in DSL and cable modem connections, I’m especially interested in reading your thoughts about the best software for these configurations.

All Comments

  • Author
    Replies
    • #3782800

      Ed Bott’s Microsoft Challenge–6/29/00

      by lil_turk ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      If it was regular user and your Company uses Norton I would recommend Norton’s Internet Security 2000 for ease of use. Also you can upgrade their software from you LAN and make sure they have the latest patches, but for Power Users I would recommend Black Ice for it’s power and logging ability. If you use the Black Ice Corp software you can even monitor their log files for them and let the users know of any possible attacks. It’s not for the regular user but the power user will love it.
      Thanks

    • #3782784

      Ed Bott’s Microsoft Challenge–6/29/00

      by techmail ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Goto http://www.zonelabs.com there is a very good free windows firewall.

      JDA

    • #3782780

      Ed Bott’s Microsoft Challenge–6/29/00

      by leo.valmores ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      On corporate intranet/internet networks, I would like to categorize them into three: large companies that maintain their own intranet/internet sites; medium/small companies that maintain their own intranet/internet through ISP’s; small/SOHO that maintains their own intranet/internet thru ISPs.

      I will take my stand on small/SOHO category where DSL and cable modems are widely embraced.

      My smal network is using WINPROXY software for internet connection with ISP thru DSL. It is easy to install and configure; uses NAT; has built firewall and virus protection, plus many configurable options you want to customize; i.e. ports allowed or disallowed, list of specific users that can use what ports, etc. Internal IP is using the 90.0.0.X allowing up to 254 users. WINPROXY host must have dual-NIC: one for the intranet and the other for ISP connection.

      I find the software inexpensive yet functionaly effective.

    • #3782751

      Ed Bott’s Microsoft Challenge–6/29/00

      by mckaytech ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      If you’re talking about people taking their company laptop computers home and connecting them to a DSL/cable connection, I prefer a hardware appliance (e.g. LRP, Linksys, etc.).
      It can be set up at the office and sent home and there is a lot less tendency for users to experiment with the settings.

      If you are constrained to a software solution, ZoneAlarm works although I find it highly annoying. You can also accomplish firewalling with Sygate and it’s a product I like a lot.

      paul

    • #3782744

      Ed Bott’s Microsoft Challenge–6/29/00

      by mcessna ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Since money is no object, Checkpoint makes two clients for remote users. The Secure Remote and Secure Client. One is for regular dial up users and the other is for dedicated ‘always on’ connections. The licensing can get expensive quickly though andnot very intuitive, so non savy users will need a lot of hadholding.
      I have also found that the Sonic Wall firewall appliance works very well. It costs about $350 and supports NAT so you can use it to hook up more than one computer even if your DSLprovider gives you only one IP address.

    • #3782741

      Ed Bott’s Microsoft Challenge–6/29/00

      by syscokid ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I don’t have a cable modem -yet. I expect to get one within the next year, so I have been studying the issue closely.

      Steve Gibson, of Gibson Research Corp., whose opinion I respect, is currently recommending Zone Alarm, in part becuase of its ability to detect and block suspicious outbound traffic. So that would be the first product I looked at, followed by his previous favorite, Black Ice Defender.

      Read about these two and more here:

      http://grc.com/su-firewalls.htm

    • #3782726

      Ed Bott’s Microsoft Challenge–6/29/00

      by Anonymous ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Hmmm…Personal security I guess would leave out the software Linux firewall. Free. But that would require another computer. I use Norton Internet Security 2000 and Black Ice. Internet security sometimes doesn’t tell you everything you want to know about security violations, so I would recommend the more robust Black Ice software.

    • #3782717

      Ed Bott’s Microsoft Challenge–6/29/00

      by khwa ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Without a doubt….. Zone Alarm..second choice would be Norton’s Internet Security 2000…It’s a bit easier to manipulate, but functionality fall’s short of Zone Alarm..

    • #3782674

      Ed Bott’s Microsoft Challenge–6/29/00

      by swcruz ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      One important consideration is your user probably has a small LAN at home that he/she will connect the office laptop to in turn connect to the office. Whether via DSL or Cable, the user can have any number of configurations to share this connection.

      Windows 9x ICS provides a simple NAT scheme to at least hide behind, but a power user will have some sort of router (eg. Netgear RT311) performing NAT and blocking open ports. On top of that I would recommend Norton Internet Security, now available in personal and corporate flavors. NIS should cover all possible configurations and leave the laptop as secure as can be.

    • #3782658

      Ed Bott’s Microsoft Challenge–6/29/00

      by don christner ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Steve Gibson at http://www.grc.com recommends Zonealarm. I downloaded it at home and it works great. It even stops outbound traffic that does not seem right. However, it will ask if you want to allow it, so it’s easy to configure.
      Don

    • #3782639

      Ed Bott’s Microsoft Challenge–6/29/00

      by timecube ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Everyone is mentioning PC Conseal or Zone alarm. Why not just use linux? I got my old 486 out of the garage, downloaded Caldera, and configured it as a proxy server and firewall. Haven’t had any problems yet. Better than sending old hardware to the junkyard and I didn’t have to pay the $$ for someone elses idea of what they think I need.

    • #3782623

      Ed Bott’s Microsoft Challenge–6/29/00

      by pvp ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      ConSeal is inexpensive and a snap to configure–my non-technical son got it running without my knowing it was in the house!

    • #3783255

      Ed Bott’s Microsoft Challenge–6/29/00

      by fubad ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      For a home LAN, a hardware solution over software would eliminate any conflicts with installed software as well as being quick & simple to setup.
      My hardware choices would be the Linksys EtherFast Cable/DSL Router or the 3Com OfficeConnect 56K (3c886) for dial-up connections.
      I use the 3Com at home and, according to Steve Gibson at http://www.grc.com, his Shields Up and Port Probe tests determined that all of my pc’s are invisible to the internet while these tests are being run. His response is that the ports do not respond since the firewall is discarding the connection-attempt messages sent to the pc’s ports instead of refusing or accepting them.
      If software is the only choice, ZoneAlarm from ZoneLabs would be the one, bugs and all.

      JR

    • #3783254

      Ed Bott’s Microsoft Challenge–6/29/00

      by lyf ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Personal Secuity is as important to me as Corporate. After all it is MY life, reputation, livlihood, credit, work, etc. and it is MY responsibility to secure it. No one else’s – so it has to be right.
      I favour multiple layer security. Consequently,for my always-on DSL connection to my home network, I use a separate firewall computer, then add ZoneLabs Zone Alarm with “high” internet security, and add a further layer with Avirt SOHO nework firewall& Internet sharing to/over the rest of my network. Of course, to this I also add up-to-date Norton Anti Virus software.
      I employ full logs, and when suspicious events occur, I turn on Black Ice Defender if necessary to help with IP tracking. Other software such as NeoTrace from NeoWorx etc. canassist with active tracing and proscution of offenders.
      After trying many varieties of security software, for personal/home use, it has to be strong/secure enough, and yet still flexible to allow for diversity or users who often lack technical skills. Their education

    • #3783228

      Ed Bott’s Microsoft Challenge–6/29/00

      by thurai ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I use http://www.zonelabs.com’s free Zone Alarm firewall program that does a good job.

    • #3783227

      Ed Bott’s Microsoft Challenge–6/29/00

      by mike.barry@thehartford ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Zone Alarm at http://www.zonealarm.com. Pre configured, simple, easy to understand terms and concepts. Perfect for techies and non-techies alike. And you can’t beat the price – free.

    • #3783225

      Ed Bott’s Microsoft Challenge–6/29/00

      by josephmassaro ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I like the mcafee personal fire wall soft ware it give you the protection you need with out the high price . i use it and already found 5 people tring to gain access to my computer and block them out . Joe

    • #3783222

      Ed Bott’s Microsoft Challenge–6/29/00

      by supermonch ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      In a setup where a DSL modem is directly connected to a PC, the best firewall solution is ZoneAlarm from Zone Labs (www.zonealarm.com). ZoneAlarm is easy to use and has features that rival the expensive heavy hitters at a price any home user can appreciate, FREE.

    • #3783195

      Ed Bott’s Microsoft Challenge–6/29/00

      by steveh ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      For such a problem, go with the obvious. Learn how to program in C++ and Assembly Language, and write your own security program with an unbreakable firewall configuration. Include hardcoded IP addressing, authentication, and tracking capabilities with support for all protocols. Sounds like fun to me!!

    • #3783187

      Ed Bott’s Microsoft Challenge–6/29/00

      by bblakely42 ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I use four components to insure security on my home’s DSL connnection:My DSL line goes into NIC on a networked server running MS Proxy 2.0 (part of the SBS 4.5 eval pack at http://www.microsoft.com/smallbusinessserver/productinfo/eval.htm) and BlackIce Defender (to alert me of any holes in my Proxy Server config). On the clients, I’m running Norton Anti-Virus 2000 & ZoneAlarm in case I download a trojan that attempts to send information from behind my personal firewall. Norton will catch most of them before I run them. ZoneAlarm will alert me if something too new for Norton gets in and attempts to transmit data. Last, I download my e-mail and then take Outlook off line before reading the msgs. I can then see how many outbound msgs are queued before I go back online.

    • #3783185

      Ed Bott’s Microsoft Challenge–6/29/00

      by bstadtherr ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Signal 9’s ConSeal Private Desktop(now McAfee’s Personal Firewall) or ConSeal PC Firewall for Windows 95,98, and NT.

    • #3768775

      Ed Bott’s Microsoft Challenge–6/29/00

      by dad ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Ed,
      I’ve a cable modem at home and have tested several firewall/proxy servers including the AnalogX proxy and Windows 98SE ICS. I finally settled on a LinkSYS BEFSR41 Cable/DSL router with builtin NAT, Firewall, DHCP and a 4-port 10/100 switch to boot. It works exceptional for my needs (can be ordered in 1-port and 8-port models). Has advanced filtering features as well.

    • #3768764

      Ed Bott’s Microsoft Challenge–6/29/00

      by dmeese ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      ZoneAlarm 2 from http://www.zonelabs.com. It’s free, and it’s extremely easy to use. Some people may suggest using something like Black Ice Defender, but it won’t protect against unwanted outbound communications. With Zone Alarm, you can allow each individual program send out with a single click.

    • #3768749

      Ed Bott’s Microsoft Challenge–6/29/00

      by mickbowen ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      For Win32 I use ZoneAlarm from zonelabs. This is simply the best personal firewall available, you can select exactly which programs, processes are allowed to access the internet, act as a server, etc. Also you can test any personal firewalls you tryby going to http://www.grc.com and selecting Shields Up. This web app tests your firewall for open ports and services.

    • #3768711

      Ed Bott’s Microsoft Challenge–6/29/00

      by dpb24 ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I use Zone Alarm @ home. It is user friendly and easy to configure. For personal use it is freeware. 1 nice feature it block any application from accessing an Internet connection unless you allow it. So if you deny everything it will give a pop-up and ask if you want to allow that session to be set up.

    • #3768709

      Ed Bott’s Microsoft Challenge–6/29/00

      by david.ladd ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      For single computers, I recommend ZoneAlarm from http://www.ZoneLabs.com. It’s freeware and very robust. Additionally, it detects OUTGOING internet traffic and optionally warns the user. To test it, go to http://www.grc.com and have your ports probed.

      For homeor SOHO networks and sharing of a DSL line, I recommend Linksys’s EtherFast
      Cable/DSL Router which provides hardware firewall protection for networksand IP sharing. Costs about $170 for the model with a 4 port 10/100MB SWITCH, or about $119 for themodel which goes between your existing hub/switch and your DSL modem. To test it, go to http://www.grc.com and have your ports probed.

    • #3768476

      Ed Bott’s Microsoft Challenge–6/29/00

      by aspeelma ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Zone Alarm.

    • #3768031

      Ed Bott’s Microsoft Challenge–6/29/00

      by jeffl ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I would suggest a little different approach. Most of the companies I work with are more concerned with someone getting into the main network than anything else so, the first thing I would suggest is the usage of remote VPN access. Because of this,I would suggest a hardware solution as opposed to software. There are a number of small firewall boxes out there (SonicWALL, OneGate,
      NetFortress, etc.). I would probably go with a SonicWall.

    • #3767905

      Ed Bott’s Microsoft Challenge–6/29/00

      by tom ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I have been using ZoneAlarm from Zone Labs for several months on both my laptop and desktop computers. It begins by blocking all access and you then answer each succesive “Do you wish to allow this program to access….” question and select whether or not to make your answer a permanent one. Zone Alarm also blocks any attempted access to your computer while online and notifies you of it telling you the address of who tried to access and the port used. The latest version also allows you to log these instances for later referral to see if there is any pattern. Best of all for home users it’s FREE, there is a minimal charge for business use.

    • #3767160

      Ed Bott’s Microsoft Challenge–6/29/00

      by wayne.maples ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      if you want to monitor what people are trying to do, whether and how they are trying to penetrate your PC, I would recommend Black Ice. If you
      want to just protect your PC while connected to the internet, stop Server services. The remote hacks that are available against NT workstation (and this is NT specific), depend on that service. This would not protect you against an ip-level Denial of Service attack but that is very rare against anything but servers targeted such as DOD, Amazon, or whatever the nut of the day is mad at. There is no informational exposures, the hidden shares (all shares) are gone, no remote login, no anything.

      -Wayne

    • #3766872

      Ed Bott’s Microsoft Challenge–6/29/00

      by astanis74 ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      ZoneLabs ZoneAlarm, Great Firewall and its free

    • #3766771

      Ed Bott’s Microsoft Challenge–6/29/00

      by lynnp ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      I have a cable modem, and use several methods to protect myself. First, file and printer sharing are turned off for the IP connection to the modem. Second, I use Zone Alarm 2, and have it log attempted intrusions. I also have up-to-date anti-virus software, configured to watch for unfriendly activity, in case something does slither past Zone Alarm (tho nothing has – it works very well – it even alerted me to software that was sneakily connecting to its vendor’s site for whatever reasons, and stopped it cold). I also have some tools that let me find out from whence attempted intrusions come. Then I can let the culprit’s ISP know that there’s mischief afoot.

      Can you tell I’m a network administrator … 🙂

    • #3768098

      Ed Bott’s Microsoft Challenge–6/29/00

      by sbolton4211 ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      Aladdin’s Esafe Protect Enterprise package is the best I’ve seen. It combines personal firewall, content blocking technology, virus protection, as well as excellent vandal “sandbox” technology. If configured correctly the “sandbox” can detect and prevent new “in the wild” vandals from harming your system without having the latest signature files. The personal firewall allows port blocking and remapping, as well as url and web page blocking by content. For you controlling admin types, it canbe configured, deployed, and updated from a centralized console. You also have the ability to password protect the client configuration to prevent enduser reconfigs.

      Hope this helps someone

    • #3750435

      Ed Bott’s Microsoft Challenge–6/29/00

      by ebott ·

      In reply to Ed Bott’s Microsoft Challenge–6/29/00

      This question was auto closed due to inactivity

Viewing 33 reply threads