TESTIMONIAL:
I ran McAfee VirusScan Pro for years, updated daily, run freguently and aggressively.
On Anandtech Hot Deals forum I heard about a killer deal at CompUSA on Kaspersky Anti-Virus 6.
I bought it today for $59.99 + tax - $60 rebate = $4.64 net cost.
It's 1st scan, Kaspersky detected 2 infections of "Trojan program Trojan-Downloader.Win32.Agent.bay"
Conclusion: Kaspersky > McAfee. I'm a happy customer.
Decided to retain the excellent firewall in the McAfee suite, removed the rest of it.
Untapped inside you !! Really!
I ran McAfee VirusScan Pro for years, updated daily, run freguently and aggressively.
On Anandtech Hot Deals forum I heard about a killer deal at CompUSA on Kaspersky Anti-Virus 6.
I bought it today for $59.99 + tax - $60 rebate = $4.64 net cost.
It's 1st scan, Kaspersky detected 2 infections of "Trojan program Trojan-Downloader.Win32.Agent.bay"
Conclusion: Kaspersky > McAfee. I'm a happy customer.
Decided to retain the excellent firewall in the McAfee suite, removed the rest of it.
Untapped inside you !! Really!
Link 404'ed...
McAffee is proably just misinterpreting the data.
Want to know what fortune 500 companes get with their uber expensive hardware firewall s and IDS's? A highly paid network engineer to interpret what they are doing...
We had 30K entries in our IDS, only to find out that it's a misconfigure VPN client....took our Cisco security guy about 3 minutes to decide that looking at our IDS. Our IDS is great, but it's no substitue for a real person who can think.
Not that I think you need that for your house, but I am saying that Cisco, arguably the best network gear around, can't get it right, and they tell you to hire an expert. What makes you think that the $30 program you got from a 3rd tier AV company is going to do better?
oh, and the absolute best S/W firewall I have ever used is iptables, and the best I've barely touched, but works better (from what I have seen) is pf
nweaver:
The ones you like don't appear to run on Windows. Thank you.
Do you have a recommendation for one that runs on Windows?
The ones you like don't appear to run on Windows. Thank you.
shortylickens
No Lifer
- Jul 15, 2003
- 80,287
- 17,078
- 136
For me, Symantec Corporate. Works well and uses up a bare minimum of resources. (Same with the anti-virus.)
Norton is a freaking hog. I like them back in 2000 and maybe 2001 but they started to get more bloated and less useful every year.
Norton is a freaking hog. I like them back in 2000 and maybe 2001 but they started to get more bloated and less useful every year.
Great post and I agree with everything that you've said.
How exactly did you come to that conclusion? If I were in your shoes I would disable the routing capabilities in the Westell since their web interface is chaotic. You can then run port 1 to a Linksys WRT54GL (or equivalent) WAN input and configure it for your home LAN. Software firewalls are a false sense of security and most people get in the habit or allowing all connections anyhow. While I may mention them in my guide I point out more cons than pros. Just my .02 cents is all......
43st
Diamond Member
- Nov 7, 2001
- 3,197
- 0
- 0
Thanks for the link! I've been using Sygate for ages and didn't know it was gone. I installed Kerio last night (I used it several years ago also) and saw two processes using nearly 20,000 K of memory. I think Sygate used 8-9,000 K.
Has anyone done and memory usage tests on any of these listed? I know it's not really a big deal on 2 Gig machines but it's still nice to use efficient code when given the choice.
Thread's like this make me miss my Smoothwall that I had to part out to fix other PCs. If you have an old PC laying around it's a good way to put it to use. Technically I guess it's a hardware & software firewall. 
Outpost Firewall is the best i've used after trying Sygate, Zone Alarm, Kerio, and countless others.
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Keep in mind that if there are any other computers on "your side" of the router besides yours, then a software firewall will help protect your computer from the others if one of them gets subverted.
scott, if you still use FireFox 1.5.0.7 then it's time to patch. Also, can you provide a link to your router's product page?
why would you use a third party firewall over windows firewall if they both do the same thing? which is what you guys have told me when i asked a few times.
Lemon law
Lifer
- Nov 6, 2005
- 20,984
- 3
- 0
Short answer Heen05---the windows SP2 firewall is one way--monitoring what is going in only--and any decent software firewall monitors incoming---and outgoing---and will be more configerable to boot.
In MHO---the only good thing to say about the microsoft SP2 firewall is that its better than nothing.
Since one can use one and only one software firewall at a time---choose wisely.
In MHO---the only good thing to say about the microsoft SP2 firewall is that its better than nothing.
Since one can use one and only one software firewall at a time---choose wisely.
except....
once your box is owned, it doesn't matter if you have the SP2 firewall or some expensive one...as it can bypass everything. SP2 firewall works great, as it blocks 99% of the worms and crap out there. It doesn't stop apps from phoning home, but I don't have the problem, as I use only open source stuff, and it's all nice enough to either ask or not do it.
nope, I don't use windows (much) anymore. When I have a windows box, I just use the stock MS firewall (some servers/machines at work).
You might look at getting a good linux machine and running ipcop, smoothwall, or monowall on it as your router. Those are pretty good, and very reliable (imho). I run smoothwall for a small ISP that has ~60 subs on the system, and works pretty good for most things. We don't have to reboot it, we can block stuff that clogs the system (p2p), and it's reliable (never had a slowdown/issue related to it yet). Before I came in and setup smoothwall for him, he was running a WRT that required a reboot about every other day.
Lemon law
Lifer
- Nov 6, 2005
- 20,984
- 3
- 0
To Heen05,
I used to think I was pretty well off with my old sygate 5.5 free one---but I found--on both my computer
and my wife's computer that I was neglecting things---because you have to keep the firewall updated as software adds---and a test at shields up showed both firewalls flunking---got my wife's sygate fixed and have not yet had time to work on mine----but that free comodo firewall is something I will look at.
Software firewalls are work to configure---so its a pain vs. gain thing----and that comodo one is supposed to be hard to set up---but they have a support forum--and sygate was small and easy for me---and very network friendly.
I won't bad mouth zone alarm---but many say its way too bloated.
But my advice to all is to find a firewall you are happy with---rather than flitting about and wasting alot of time learning to configure a bunch of them----and above all keep testing them at a place like shields up to make sure they have not stopped covering your current configeration.
I used to think I was pretty well off with my old sygate 5.5 free one---but I found--on both my computer
and my wife's computer that I was neglecting things---because you have to keep the firewall updated as software adds---and a test at shields up showed both firewalls flunking---got my wife's sygate fixed and have not yet had time to work on mine----but that free comodo firewall is something I will look at.
Software firewalls are work to configure---so its a pain vs. gain thing----and that comodo one is supposed to be hard to set up---but they have a support forum--and sygate was small and easy for me---and very network friendly.
I won't bad mouth zone alarm---but many say its way too bloated.
But my advice to all is to find a firewall you are happy with---rather than flitting about and wasting alot of time learning to configure a bunch of them----and above all keep testing them at a place like shields up to make sure they have not stopped covering your current configeration.
BurnItDwn
Lifer
- Oct 10, 1999
- 26,160
- 1,634
- 126
I like iptables, though I've started to play around a bit with pf.
I think pf is by design, ever so slightly more secure and stable, however, both are excellent IMO.
So, that being said, pf is the best software firewall.
As far as the software to run on a Windows box to offer an additional layer of protection, I run Jetico.
Also, to KoolDrew, while you clearly do have a point, not everything that can possibly compromise the computer will be able to disable the firewall, etc. It's certainly not a magical cure-all, but it does provide at least a marginal level of protection above and beyond the Microsoft firewall.
I think pf is by design, ever so slightly more secure and stable, however, both are excellent IMO.
So, that being said, pf is the best software firewall.
As far as the software to run on a Windows box to offer an additional layer of protection, I run Jetico.
Also, to KoolDrew, while you clearly do have a point, not everything that can possibly compromise the computer will be able to disable the firewall, etc. It's certainly not a magical cure-all, but it does provide at least a marginal level of protection above and beyond the Microsoft firewall.
sheilds up and "stealthing" and pretty much all of GRC is crap nowdays..."oh, I can't ping you, so you must not be there...oh wait, -P0"
so why is it important if it monitors whats going out? you usually get viruses/infections from things coming in, is this something that just protects other people?
I believe part of it is protection towards other computers. If the worm can't go outbound its stuck in your machine I guess. I believe its also useful for simply preventing unauthorized applications from using the internet if you don't want them to (for potential security reasons) or for all the pirates out there, stop applications from "phoning home".
KLin
Lifer
- Feb 29, 2000
- 29,543
- 156
- 106
It is in the sense that a router using NAT will not forward incoming requests to a host on the private network automatically. It has to be configured (using port forwarding to a specific IP address) in order for the router to pass incoming requests to a PC.
JEDIYoda
Lifer
- Jul 13, 2005
- 33,986
- 3,320
- 126
All a hacker needs to do is know several things,,,,what brand of hard or softfirewall you are using.....
Ping the ports looking for open ports or accessabler ports.....
If you have a hard firewall and have not chaned the password etc.....which by the way are just basic security matter then even if all the trst you run tell you your compouter is secure..hehehe..trust me when I say you are sadly mistaken!
It has been my experience dealing with servers and networks that both a hard firewall properly configured and a softfirewall are better than one or the other.
A hard firewall is better than having a softfire wall yet if you don`t have a hardfirewall then any firewall is better than one....
Whewn it comes to firewalls the win XP firewall completely sucks eggs!!
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 20K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 12K
-
Discussion Speculation: Zen 4 (EPYC 4 "Genoa", Ryzen 7000, etc.)- Started by Vattila
- Replies: 13K
-
Facebook
Twitter