[bobbinbrisco]

does anybody know of a good free firewall software that can run on Win2k?

or is a firewall unneccessary?

[Brian Frank]

Well, if you use an always-on connection (DSL, cable) it's something you really should get. If you have dial-up, it's not something that's really necessary.
Zone Alarm is my recommendation.

[Uykucu]

It is not necessary on my opinion.
If you are W2k, disable the guest account and remove file and printer sharing binding on your connection TCP IP.

If you are really paranoid you can actually define which ports to be open or blocked on you leisure.
Firewall SW especially "AMATOUR" ones like zone alarm etc. does not relly protect you it gives you a toy to play with.
Symantec corporate and the Lucent ones are good.
I have heard good about the Cisco Although I have not tryed/tested it myself

[PsychoSword]

Quote:

It is not necessary on my opinion.
If you are W2k, disable the guest account and remove file and printer sharing binding on your connection TCP IP.

If you are really paranoid you can actually define which ports to be open or blocked on you leisure.
Firewall SW especially "AMATOUR" ones like zone alarm etc. does not relly protect you it gives you a toy to play with.
Symantec corporate and the Lucent ones are good.
I have heard good about the Cisco Although I have not tryed/tested it myself

I use Zonealarm myself and I really like it, but your not the first person I've heard that isn't impressed with Zonealarm. But, it does block all your ports when you're in high security mode and restricts program's access to the internet so I don't understand why alot of network people don't think it's very good. Maybe I don't need it since I use W2K and have my guest account disabled?

[clutch]

ZoneAlarm and Black Ice Defender are decent little firewalls. I believe they allow for both inbound and outbound reporting (who's knocking at your door) and port control. I guess they could be considered "amateur" level packages, but they do work well for small networks. They are much better than the "built-in firewalls" that some consumer level routers claim to have. Those are, in fact, NAT (Network Address Translation) devices and just by virtue of design have the side effect of obscuring your systems behind one IP. I have heard that Norton has a decent software package, but I do know that Checkpoint puts out top-shelf packages for commercial level protection, and Cisco has nice units (like the PIX 520 that I work with) that are hardware devices with proprietary software running them.

[Uykucu]

Well said clutch!
i would really recommend the Symantec and Lucent packages. Symantec even let's you try it (trial).
I have never come across checkpoint but heard nothing but good about it. I have no need for a new one but I will keep it in mind in the future.

ZoneAlarm BlackIce etc. does not impress me much since they are usually quite easy to fool or crash. And anyway the real security threat nowadays is the Microsoft itself.
Just look at the IIS.
Some seurity expert said it has more holes than swiss cheese.

For home computing there is not much threat since the number of people who can really get in are very limited despite what every 15-17 yrs old who can install windows or connect 2 compute4rs claim

So It is not the quality of protection rather unnecessity in my opinion.

[Ekstreme]

If you have an old box lying around, give SmoothWall a go. Runs on 'I think' a 486 or above and is dead easy to use and install. It is a distro on Linux, but don't let that throw you off, it's actually quite good. Totally controlled through a browser on any of the clients machines in the network. I've only been using it for a few weeks, but haven't had any probs as yet. But like I said, you need another box to run it off, so might not be very convenient for you.

SmoothWall

[clutch]

Wow, that is pretty cool. Thanks for the link!

[DosFreak]

Guys. You don't have to know *anything* to get into anyone's box. Heck there are guides and programs now that tell you what to do to get into someone's box. One program off the top of my head can list all of your local admin accounts and categorizes the different things that are open and it's FREEWARE!

If someone's angry at you. In 1 HOUR using www.google.com they can have everything they need to screw you over. It's that simple.

[Uykucu]

Totally right dos freak but you should also know this stuff does not actually hack
They exploit security hole's on MS software or Linux or whatever. And even they can list the adminsitrative users etc. there is not much they can do.
If you are really paranoid you can also disable the remote acces on Local security Policy snap in. So no matter what password nobody can do anything.

So as a result if you have to have remote access and such Firewall helps (web servers etc) but Microsoft messes it up anyway.
For home computing It is not needed in my opinion just slows down the machine and wastes memory and also costs money.
But I am gonna have a look at that smoothwall.

BTW what do you use Dosfreak?

[Bursar]

ZoneAlarm is actually one of the most secure firewalls (for it's price point).

It generates a unique code everytime an application trys to access the net. If the code doesn't match up, the app is denied.

If you have a little torjan program, the easiest way to fool the firewall into letting it out it to have the torjan file called something like 'ftp.com' If the firewall has already allowed access to that app, a number of firewalls will let this pretender out to do its thing.

ZoneAlarm won't. It knows that this program is only pretending to be the ftp.com app and will block it.

For a quick test of how vulnerable (or otherwise) your PC is, visit http://grc.com and run the Shields Up and Port Probe tests.

[GTwannabe]

I run both Zonealarm and BlackIce

Zonealarm catches any outbound stuff and blocks most of the incoming, but Black Ice has caught a few that got past ZA though.

[Uykucu]

Yes bursar but this is only with the recent patches. I do remember trying Zone alarm and being able to fool it with msie.exe file name and using simple http instead of more secured UDP.
Just to show an arrogant customer of mine how much he was protected.
Now u can not do anything from http, except maybe downloading an active X you prepared earlier

At the end of the day they look cool and give you something to talk about with your mates over a burger (if you are really sad )And they definetly have cool interface designs.

Use it, do not use it. it is up to you...

[HELLBRINGER]

That a good idea but I dont know if having 2 firewalls will work.

BlackIce is known to have a lot of security holes. And from what I can think of logically, if BlackIce has access to your system, and has security holes that a hacker knows about. Whats to say the hacker cant hack BlackICE and get into yer system while Zone Alarm didnt even see it cause it though BlackICE was taking care of it.

Is this possible? Just a theory of mine. If this works way better, then I'll install BlackICE too cause I bought that POS a while back and liked it but got hacked a few times so I said screw it.

[GTwannabe]

With both progies running, ZoneAlarm shields BlackIce from most of the attacks/probes. BlackIce has picked up a few though.

[HELLBRINGER]

yeah... But I think there might be a way around all that and still hack your system with out either of them knowing...

[Kieran]

I personally use Zonealarm, mainly coz it catches outbound traffic, There is a way you can test your firewall whatever it is.
Go to www.grc.com there you can test your firewall for intrusion security via the web using his 'shields up' test . This Gibson guy wrote optout , to test for spyware and has since written lots of other security related testing programs, many of which are freeware. He seems to be the man regarding internet security
You can download a copy of one of his programs called leaktest, which tests outbound protection of your firewall
rgeards
Kieran