Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] PC Firewall Choices

from [greybrimstone] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] PC Firewall Choices
Date: Tue, 17 Jan 2006 23:31:37 -0500
Personally... I'd choose to use monowall... google it, fast, secure, easy as hell to use...

-Adriel

-----Original Message-----
From: Nick Hyatt <me@n33t.org>
To: 'Nic Werner' <nicwerner@gmail.com>
Cc: full-disclosure@lists.grok.org.uk
Sent: Tue, 17 Jan 2006 18:59:52 -0700
Subject: RE: [Full-disclosure] PC Firewall Choices

Given the choice between one of those selections and a standard Linksys
router / firewall combo, wouldn't it be safer to go with the hardware
firewall? I find the configuration options to be quite a bit more in-depth,
and the hardware firewall doesn't get itself as stuck in the system as say,
ZA does.

Nick Hyatt
me@n33t.org


-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of Nic Werner
Sent: Tuesday, January 17, 2006 4:05 PM
To: Steven
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] PC Firewall Choices

ZoneAlarm - gets in the way, and hard to diagnose problems. You end up
turning it off because it never remembers your settings and you can't trust
it.

Kerio - I liked the best, but the GUI would crash when trying to display all
your packets. This is a known bug. Allows you to create rules, and to see
how they are applied in comparison to the system-generated rules. Definitely
try.

8Signs - Said it had stateful packet inspection, but didn't. I gave up
trying to poke a hole for TFTP.

I haven't tried Tiny, its next on my list. The toughest part about these
firewalls (for me) is determining how/when a packet is filtered.
Does it hit the internal rules first or does it check against yours?
If one time you hit Permit on a pop-up window, can you go into the program
and find rule?


On 1/17/06, Steven <steven@lovebug.org> wrote:
I am looking at supplementing the Windows XP (Pro) SP2 Firewall with
a
third party product on a bunch of Windows machines. I am trying to
determine what product to go with and wanted to solicit some opinions
from this mailing list. The four that I really come across and have
used in some cases are ZoneAlarm, Sygate, Norton, Kerio, and Tiny.
My
understanding is that Norton has actually acquired Sygate and that
the
Sygate Personal Firewall probably wouldn't be the best choice of
these
now. With that in mind I am looking for a product that easy to
setup, 
easy to use, works well, and does not take up too much in terms of
system resources or harddrive space ( I also don't want it to add 20
minutes to the boot process either).

I am not looking for e-mail protection, anitivrus, or any other
non-firewall type services to be included. I do however want it to
be 
able to manage applications and their internet usage.  (i.e. if they
install something new that tries to access the web (trojans included)
they will get a popup telling them something is doing this).

Any suggestions and opinions on the above products and any others
that 
I might not have mentioned are welcomed.

Also -- on top of this if someone knows of software/hardware that can
scan these machines and verify whether or not both the SP2 FW and/or
the 3rd part FW -- and perhaps prevent them network access if they
are 
not running -- please let me know. [I am not sure what security
products have these capabilities]

Thanks

Steven


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



--
- Nic
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Vulnerability/Penetration Testing Tools, greybrimstone
Next by Date:  Re: [Full-disclosure] PC Firewall Choices, greybrimstone
Previous by Thread:  RE: [Full-disclosure] PC Firewall Choices, Very Unprivate
Next by Thread:  Re: [Full-disclosure] PC Firewall Choices, Nancy Kramer
Indexes:  [Date] [Thread] [Top] [All Lists]