-
October 21st, 2003, 10:19 PM
#1
Registered User
Firewall? Firewall!
I'm just wondering how many people here use firewalls? And if so which ones they would use. I imagine everyone in a business has one running at some level. But, do you think average users should have a firewall such as Zone Alarm (or whatever) installed on their computer?
Personally I don't think average users should bother with software firewalls. I usually tell people, if they really want a firewall to forego the software and buy a hardware router or something with one built in.
But for computer builders/techs, do you put one on outgoing computers or what?
"We must always fear the wicked. But there is another kind of evil that we must fear the most, and that is the indifference of good men." -- Monsignor; The Boondock Saints.
-
October 21st, 2003, 11:43 PM
#2
Registered User
I think zone alarm can be too much for the average user. You don't want them calling you all the time asking "should I let x application access the internet?" My advise, good antivirus on the box, keep it up to date and get an router/nat/switch if you're on broadband. If it's a dialup just use the firewall feature built into xp.
Deliver me from Swedish furniture!
-
October 22nd, 2003, 04:02 AM
#3
Driver Terrier
If they are on broadband, a firewall is a must - it is better to learn how to use a firewall than reinstalling everything after a script kiddie used them as a free ftp - or worse getting their connection removed because they unwittingly took part in a DDOS attack or have been used as a spam emailer.....
Kerio is nice and easy and free
Zone alarm also.
Dialup users - do not really need a firewall as for the most part they are not online long enough to be useful and their connection is too slow.
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
October 22nd, 2003, 05:42 AM
#4
Registered User
I think zonealarm is great for the home user. You just have to take a little time to educate them. I think it is an advantage over a hardware firewall that ZA asks you what to let access the internet.
Definately needed for DSL type connections, as far as dialup goes, up until Blaster made it's rounds I would agree with NooNoo, but since then it seems like on dialup at least the XP firewall.
"And just when I thought today couldn't get anymore poo-like." -Outcoded
-
October 22nd, 2003, 06:32 AM
#5
Registered User
I was building up a laptop last weekend and - I kid you not - 10 minutes after I gor DSL configured a virus found its way in (worm).
So aside from AV, I put in Kerio and leave a shortcut to the manual on the desktop on all my builds now.
Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so. -Douglas Adams
-
October 22nd, 2003, 07:16 AM
#6
Registered User
I usually put free version of Sygate on system builds, unless th ecustomer wants something else.
-
October 22nd, 2003, 07:32 AM
#7
Tech-To-Tech Mod
I have a smoothwall router/firewall right after my cable modem. I reccomend the same for any client I have with broadband. a router / firewall right behind the cable modem before the client computer(s) It doesn't have to be smoothwall any linksys, dlink, or comparable broadband router functions just fine. they pretty much surf the web as normal. they don't have to answer questions about allowing X application to access the internet. they can add more computers to share the internet at any time.
a small dlink router saved my parents and more importantly me (from having to fix it) from the msblast virus even though they weren't patched. My smoothwall box also kept the worm out (I was patched) there was a ton of activity in my snort IDS logs that couple of weeks
Nonsense prevails, modesty fails
Grace and virtue turn into stupidity - E. Costello
-
October 22nd, 2003, 10:30 AM
#8
Registered User
For my network at home, I took an old MediaGX machine and installed Freesco as a router/firewall, and it has functioned flawlessly for over two years now. Just a headless box under the desk. For info go to:
http://www.freesco.org
For end users with any kind of Broadband, I encourage them to get a Linksys or D-Link router as soon as possible, or if they buy a laptop, one with wireless capability, as well as heavy duty encryption.
If this isn't feasible for any reason, I encourage them to get Zone Alarm, or I let them pay me to download it for them if I am onsite. Further, I ALWAYS make sure that their AV program is set to update whenever they are online, and I ALWAYS configure it to DELETE any virus it finds. That eliminates a whole lot of after-hours phone calls (Sole Proprietor), and prevents a great deal of issues.
PS: It took a long time for me to pony up the dues for this site. First post, blah, blah LOL
-
October 22nd, 2003, 12:42 PM
#9
Registered User
I use ZoneAlarm (free) at home and have found that once access is configured for the applications I run frequently, it doesn't require much user input. Usually I just run the programs most likely to require internet access right after installation and configure them all at once.
I think going without anything is asking for trouble if you have broadband. If you think average users are not at risk, take a look at the log zonealarm creates. I find dozens of attempts to connect per hour. Also take a look at the Shields Up test page at grc.com.
-
October 22nd, 2003, 02:11 PM
#10
Registered User
Wow, thanks for all the replies. Good arguements that are making me reconsider. Is there a software firewall that allows whatever you do OUT on any port, but no incoming connections (other than what you just sent out)? like the hardware firewalls do? I've used Zone Alarm in the past and found it to be just too many questions about everything. I didn't use it long enough to find out if it does what I need... any suggestions? Basically I just want something software that's quiet, as far as the user is concerned they barely know it exists...
"We must always fear the wicked. But there is another kind of evil that we must fear the most, and that is the indifference of good men." -- Monsignor; The Boondock Saints.
-
October 22nd, 2003, 02:19 PM
#11
Chat Operator
I was using ISA server for my firewall/NAT for the longest while, recently upgraded to a router, work beautifully (VPN issue's still need to be worked on).
If your on broadband, a firewall is a must, even if it's just the built in firewall that is included with XP. I think zone alarm is wonderfull *IF* you take an hour or two to learn it. It all starts with the user and educated them, after that, things are simple.
<Ferrit> Take 1 live chicken, cut the head off, dance around doing the hokey pokey and chanting: GO AWAY BAD VIRUS, GO AWAY BAD VIRUS
-----------------------
Windows 7 Pro x64
Asus P5QL Deluxe
Intel Q6600
nVidia 8800 GTS 320
6 gigs of Ram
2x60 gig OCZ Vertex SSD (raid 0)
WD Black 750 gig
Antec Tri power 750 Watt PSU
Lots of fans
-
October 22nd, 2003, 02:33 PM
#12
personally I still use one on dial-up. i know a lot of you don't believe them necessary but with more and more virus' coming out that spead via ways other than e-mail ( direct ip connections etc.. ) I like having it up. Still get lots of blocked accesses to my computer, but I also like knowing when something is trying to access the net FROM my computer ....
Don't hate me because I'm a US citizen!
-
October 22nd, 2003, 03:10 PM
#13
Registered User
tekboy made a great point. Wireless security is a huge problem. You can drive around atlanta with net stumbler all day long.
Deliver me from Swedish furniture!
-
October 22nd, 2003, 04:05 PM
#14
Registered User
Originally Posted by silencio
tekboy made a great point. Wireless security is a huge problem. You can drive around atlanta with net stumbler all day long.
Whoo hoo! A compatriot! Next step is to get kismet running solid with gps
"I feel like one of those mass murderers on death row. I never understood how the hell they got more chicks than I did. Now I know. They sold crap on eBay." -- Anonymous ebayer
"I figured out what's wrong with life: it's other people." -- Dilbert
-
October 22nd, 2003, 05:01 PM
#15
Registered User
Originally Posted by arch0nmyc0n
Is there a software firewall that allows whatever you do OUT on any port, but no incoming connections (other than what you just sent out)? like the hardware firewalls do? I've used Zone Alarm in the past and found it to be just too many questions about everything. I didn't use it long enough to find out if it does what I need... any suggestions? Basically I just want something software that's quiet, as far as the user is concerned they barely know it exists...
As Hudsonsmith is saying once you install it if you run the programs that need to access the internet you can tell it to "Allow this program to access the internet" and "Don't ask me this again" so it won't keep bugging you. And you can turn off notification for incoming connections so it won't bug you about those.
Then the user is left knowing what's going out the door which is better for you and them in my book. It is the RESPONSIBLE approach.
Say this out loud one time, "That PC Repair Guy installed a firewall on my system and HE configured it. I didn't know there was a trojan horse on my PC serving up webpages designed to steal credit card numbers Mr. FBI Man, that's why I'm suing him for every cent he's got"
oops I'm sorry was that a little pessimistic, or as I pronounce it 'realistic'
"And just when I thought today couldn't get anymore poo-like." -Outcoded
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks