Shields up!

[old.user4556]

All,

I'm thinking about a firewall for my home network; not sure why all of a sudden now, but with the vast number of security holes that XP has I thought it would be a good move.

Currently, I have two PC's connected to my broadband: my PC is second on the network connected via a cross-over cable to the other PC which is connected to the broadband (also used by my dad as his graphics PC). This PC has XP firewall turned on (i hear the laughing already...) as does mine, but I see the general opinion of XP firewall is that it's.... pish.

Presumably, the best option would be a hardware firewall/router, but i don't want to go down this avenue yet. What's the best software solution (free or commercial) you guys recommend? Zonealarm looks like a good bet. Would I run Zonealarm on just the PC connected to the internet, or on both PC's?

Any advice/hints/tips/suggestions welcome.

G

 

[NetNifty]

I'd run zonealarm on both PCs - if the second PC (not directly connected to the net) gets a virus or something it might try to send out information which you don't want sent - zonealarm on that PC will stop that from happening, only incoming data at most will be filtered by zonealarm on the PC connected directly to broadband.

 

[babs]

Can I ask why you don't want to go down the router/firewall combo if you're prepared to pay for software?

 

[old.user4556]

Can I ask why you don't want to go down the router/firewall combo if you're prepared to pay for software?

Well there is a zonealarm lite that seems like it does the basic job, so that costs nout. A seperate piece of hardware could possibly mean re-wiring the network too which is all nicely integrated into the walls and run along to a different room, so it becomes a fair bit of effort. It's something I may look to doing further down the line, but I wanted to either try a) free/trial software first or b) pay for a decent package that would save me installing new hardware/cables.

G

 

[old.user4556]

Bit of a problem,

When I have Zonealarm installed on both PC's, the PC on the LAN can't access the internet through the gateway PC (which is also running zonealarm). I've tried adding 192.168.0.2 (my PC) to the trusted sites on 192.168.0.1 (the gateway PC) to no avail. I've also tried allowing the Pipex DNS IP to be a trusted IP on the gateway PC still to no avail.

Does anyone have any guidance on setting up multiple PC's using Zonealarm, or how to allow the PC on the LAN to access the external internet via the gateway PC?

Cheers

G

 

[strangely brown]

For my windoze box I use Sygate personal firewall - I think it's quite good, and although it's not quite as user friendly as zonealarm, you can do more with the "standard" free version than you can with Zonealarm's free version.

You can find Sygate personal firewall here:-
http://smb.sygate.com/products/spf_standard.htm

Regs,
SB

 

[Ch3tan]

When I was using ICS with zonealarm, I remember reading that you only needed a firewall on the machine that actually accesses the net, anyother pc's on your network are hidden from the prying eyes on the internet.

 

[sibanac]

When I was using ICS with zonealarm, I remember reading that you only needed a firewall on the machine that actually accesses the net, anyother pc's on your network are hidden from the prying eyes on the internet.

tbh I got a router and ever pc behind it has its own software firewall.
No firewall is 100% secure.
Your router or one of the pc's might get owned by an IE security hole/download of some nasty software/ email virus ... and from that point on your routers firewall isnt going to protect your pc's on the lan.

If you want security, get a bb-router and put software firewalls on all your pc's

 

[Gurnox]

If your router supports NAT, use it unless you have a good reason not to. NAT = Network Address Translation. In simple terms, the router connects to the internet and the machine plugged into it stays relatively isolated.

Routers are not too expensive these days and most will have some sort of hub/switch/wireless capability. So you will also be able to loose the crossover cable setup and make your network a bit nicer. I can't stress enough, purely from a personal viewpoint, how useful they are.

And stick on a decent software firewall just to make sure.

Unless you are insane, make sure that you use a browser other than Internet Explorer. Mozilla Firefox is excellent.

Oh, and keep those system patches and virus definitions up to date!

 

[old.user4556]

Yep, cool, but I know all this about virii and using Firefox (IE is the spawn of the devil) - but what about setting up ZA, anyone know?

G

 

[NetNifty]

quick google search revealed this: http://don.hoover.net/icssettings.html

 

[Whipped]

Of course, if you have a spare, old, PC lying around and some spare network cards then I'd recommend IPCop. I have had my first PC (A P100 with 16 MB of RAM) running this for nearly a year now with no substantial problems. All settings are made from a web browser, so nice and easy and patches are realesed for easy updating.

 

[TdC]

that's what I do (more or less), but I've built my own firewall from an old p166 I had. I'm thinking of upgrading to something like an openbrick which allows openBSD to be installed to a USB memory stick, allowing you to run a firewall with no moving parts. there's an (older) article about it here.

 

[MrBlack]

I'm using a Dell PII350 Desktop as a server/firewall/monitor stand myself; but it's a self-configured Debian box. NAT + Firewall + any other gubbins I choose to put on it.

This, however, probably isn't what you want to hear about. For a purely software solution running on a windows box, I'd recommend Zone Alarm. Much as it can be a pain in the arse to set up with ICS, it seems to do the job. I used it on 98 and 2k for a year and a bit and I don't think I've ever been compromised.

Run it on both PCs? No. There's no point. If the outer one is knobbled, there's nothing stopping both being knobbled. Anti-virus and anti-spyware should be on every PC, but firewalls should only run on the entry points.

The catch 22 situation is downloading this stuff before your PC is fucked over. 20 minutes is the average time it takes for an open, un-patched XP install to be cracked. The only sound solution is to have a different OS between windows and the internet, which invovles extra bits of hardware. Oh. There's also the above mentioned security holes in IE and everything else that can get you regardless.

erm.. I'd jack it all in and buy a farm in North Wales if I were you

 

[tRoG]

For my windoze box I use Sygate personal firewall - I think it's quite good, and although it's not quite as user friendly as zonealarm, you can do more with the "standard" free version than you can with Zonealarm's free version.

You can find Sygate personal firewall here:-
http://smb.sygate.com/products/spf_standard.htm

Regs,
SB

I use the pro version of this. Has served me well.

 

[Sar]

Same here.

Reformatted and installed XP today, and within 5 mins my PC had slowed to a crawl...

So I install SPFPro again, (foolishly had gone online first to d/l updates for XP without it), and lo and behold there's these programs accessing the net without my permission. Bogus IEXPLORE.EXE and EXPLORE32.EXE files in my system32 folder, connecting to remote sites and transmitting shitloads of data...

So I reformat again, and install SPFPro before the modem, and within 2 SECONDS of me connecting to the net, SPFPro had already blocked a critical attack:

Inbound DCE BIND to potentially vulnerable RPC DCOM interface attempt detected

And there's been 163 critical attacks in the past 4 hours. Mostly from the 81.154.xxx.xxx IP range.

Fuck sake.

 

[MrBlack]

It's just a joke, now. There's so much shit you have to do to an XP box before you let it anywhere near a net connection.

Is it just me, or do most of the attacks come from <random dsl address>.t-dialin.net?

I say we ban all Germans from the internet

 

[Sar]

Most of mine are from the BT IP range.

:/

 

[Mazling]

I've been using Kerio Personal Firewall for a while now and it's been great.
Nice if you want a bit more than zonealarm. Though I've used that and it too was great, up until they started integrating Antivirus into and and made it crash me every hour.

 

[Gengi]

I connect through a netgear RP114, so far have had no problems, even with fresh installs of XP. Never had a software firewall till I installed SP2, had the original one turned off. The router is prettty cheap, it was only 60 quid when I bought it a couple of years ago.
Still like most of the other replies this is not what you wanted to hear


later

 

[Panda On Smack]

I have WinRoute running on my 2003 server so both my laptop and desktop are behind that. Recently put XP on my desktop for the first time as i had always used 2k. Seems ok.

Probably some holes somewhere but not had any obvious problems.