NationStates Jolt Archive

Okay my Spanish galleons(a cookie to whoever gets that), I've been using Sygate Personal Firewall ever since that big attack on my computer about a month ago. (For those of you who don't remember the thread, it was a crapload of spyware and viruses.) However, while certainly better than no firewall at all, it has been less than subpar. Most of the time I have to be connected to the internet first before it'll even turn on correctly. If I'm not, it'll just crash. Secondly, it has occasionally let through stuff despite the fact that it is supposed to stop anything unauthorized. Thirdly, I just don't like it that much.

So, what is the best firewall out there, for all my internet crawling purposes?

I can't really say what the best is. But zonealarm works fine for me.

I use the ZoneAlarm Security Suite 6. Works for me, but it is rather unstable at times when booting up ... but fine if it does.

Okay my Spanish galleons(a cookie to whoever gets that)

Teen Girl Squad.

Where's my cookie?

I use the ZoneAlarm Security Suite 6. Works for me, but it is rather unstable at times when booting up ... but fine if it does.
Any other firewall you know of?

Revasser: http://www.supereggplant.com/archives/pink%20cookie.JPG

Any other firewall you know of?

Revasser: http://www.supereggplant.com/archives/pink%20cookie.JPG

That is one sweet cookie.

To answer the question, however, when I use Windows, I use Kero Personal Firewall and have had no problems with it. It's fairly inuitive. The Tiny Personal Firewall is also a very good piece of software:

http://www.kerio.com/
http://www.tinysoftware.com/

uhh....iptables anyone?

uhh....iptables anyone?No thanks, I just ate..

Okay my Spanish galleons(a cookie to whoever gets that), I've been using Sygate Personal Firewall ever since that big attack on my computer about a month ago. (For those of you who don't remember the thread, it was a crapload of spyware and viruses.) However, while certainly better than no firewall at all, it has been less than subpar. Most of the time I have to be connected to the internet first before it'll even turn on correctly. If I'm not, it'll just crash. Secondly, it has occasionally let through stuff despite the fact that it is supposed to stop anything unauthorized. Thirdly, I just don't like it that much.

So, what is the best firewall out there, for all my internet crawling purposes?
Depends ... I actualy used to like sygate but I had some migration to xp issues at first

Personaly if you have a bit of ram I like kerio (formerly tiny) the versions I used to run were pretty feature rich

If you want my recomendation for best enterprize firewall I would have to go for ipfw followed closly by iptables but they are non windows solutions.

Well firstly Symantec took over Sygate, so no more free Sygate firewalls ...

BlackIce (not free)
http://blackice.iss.net/

If you use Windows XP, it has one built-in. OK, it's not best but it's free ...

AVG firewall and anti-virus (not free)
http://www.grisoft.com/doc/197/lng/us/tpl/tpl01

Sunbelt/Kerio (not free, but cheap)
http://www.kerio.com/

Lavasoft Personal Firewall (not free)
http://www.lavasoft.de/

Norton Personal Firefall (commercial crap)
http://www.symantec.com/home_homeoffice/products/overview.jsp?pcid=is&pvid=npf2006

uhh....iptables anyone?
For thoes of us running linux yes but you have to go to different solutions if you are in the actual Unix,Solaris or FreeBSD world

I use ZoneAlarm Pro and have had no problems with it. Never seen it go wonky at start up either and it gets high ratings from just about everyone.

I use the free zonealarm software. Never had any problems so far, but then I'm on a Uni LAN.

Well firstly Symantec took over Sygate, so no more free Sygate firewalls ...

BlackIce (not free)
http://blackice.iss.net/

If you use Windows XP, it has one built-in. OK, it's not best but it's free ...

AVG firewall and anti-virus (not free)
http://www.grisoft.com/doc/197/lng/us/tpl/tpl01

Sunbelt/Kerio (not free, but cheap)
http://www.kerio.com/

Lavasoft Personal Firewall (not free)
http://www.lavasoft.de/
Hmmm kerio went non free did it ... damn I used to like that firewall

AS for the windows firewall ... if you turn on no exceptions and have it prompt you for rule sets it can be downright alright

Its not very feature rich but when in place it does its job alright

Okay, I'm running Windows XP and at the moment can't shell out a dime for any firewall software, so what would be the best FREE firewall? I probably should have pointed that out. My bad.

I use the free zonealarm software. Never had any problems so far, but then I'm on a Uni LAN.
Which tend to be a breading ground

Even at an entrance level entry security you tend to be breading grounds for local viruses (worms blow in a univ) though some of us are able to buy some of the newer self defending network solutions (or like us jurry rig the old stuff to do the same)

Okay, I'm running Windows XP and at the moment can't shell out a dime for any firewall software, so what would be the best FREE firewall? I probably should have pointed that out. My bad.
ZoneAlarm Free probably. Though, yeah, the WinXp one isn't bad as long as you behave yourself.

Which tend to be a breading ground

Even at an entrance level entry security you tend to be breading grounds for local viruses (worms blow in a univ) though some of us are able to buy some of the newer self defending network solutions (or like us jurry rig the old stuff to do the same)
I personally prefered going over and glaring at the idiot who managed to infect the network again.

That seemed to work out well. ;)

Which tend to be a breading ground

Even at an entrance level entry security you tend to be breading grounds for local viruses (worms blow in a univ) though some of us are able to buy some of the newer self defending network solutions (or like us jurry rig the old stuff to do the same)
And some of us just get the free firewall and pray ;) .

Are you talking about a university wide thing here, or that I'm a great big target?

Oh avoid Symantec products ... useless. Got the Symantec Corporate Antivirus at work, but well - doesn't do much of job with really bad viruses.

And some of us just get the free firewall and pray ;) .

Are you talking about a university wide thing here, or that I'm a great big target?
Univ Wide

We are one of the first universities to push defense at the network level (I just sat through 5 hours of cisco vender meetings yesterday)

Basicaly it is like the phisicial virus situation in a dorm ... that many people packed so close to geather ... when one person catches a cold it tends to bounce around really quickly

The defending networks thing is like being able to lock people in their own rooms untill they are better. It slows or stops any virus transmission (This is just one of the things we can do with the new equipment such as the 2960 or the 3560)

On a side note, I've got some things running here--shown on my Sygate applications screen--that I don't recognize. Like this IPv6 Driver thing. Or the LSA Shell(Export Version.) Or SNMP Service. And then there's something called Internet Information Services that I'm all but sure is some kind of spyware, so I've got that blocked. I figured I'd mention these little things here in case you guys knew what they were. (For the record, I'm running a Qwest ActionTec DSL Wireless LAN.)

Oh avoid Symantec products ... useless. Got the Symantec Corporate Antivirus at work, but well - doesn't do much of job with really bad viruses.
Its alright ... they are all about the same really. We distribute SAV here ... its done as good of job as any of the other majors out there.

One company to keep an eye on though is trendmicro ... we have been using their standalone scanner (sysclean) for bad virus removal for awhile ... if their full featured AV is anything like that (pc-cillin is now owned by them) then they got one hell of a product

On a side note, I've got some things running here--shown on my Sygate applications screen--that I don't recognize. Like this IPv6 Driver thing. Or the LSA Shell(Export Version.) And then there's something called Internet Information Services that I'm all but sure is some kind of spyware, so I've got that blocked. I figured I'd mention these little things here in case you guys knew what they were. (For the record, I'm running a Qwest ActionTec DSL Wireless LAN.)
The others are normal

IIS is actualy a web server ... are you running a web server?

The others are normal

IIS is actualy a web server ... are you running a web server?
One of these days, I'd love to hear WHY Windows ships with that thing and why it is turned ON.

One of these days, I'd love to hear WHY Windows ships with that thing and why it is turned ON.
Hmmm my xp pro and home boxes (including the laptop I am on) did not have it default on ... that had to be installed

It shipped with the features there but not truly "Installed"

One of these days, I'd love to hear WHY Windows ships with that thing and why it is turned ON.

In Windows XP, and Windows 2000 workstation - it is not installed. You must be running a Windows 2000 server, or Windows 2003 server or maybe the Small Business Edition of those servers if IIS is running.

The others are normal

IIS is actualy a web server ... are you running a web server?
Not as far as I know. What made me assume it was spyware was this little process running in the backround of my task manager calling itself inetinfo.exe, and whenever I kill it it has two other processes ressurect it no matter what I do. Normal programs don't do that as far as I know. Some other thing called MsMpEng.exe keeps doing the same thing as well. It's part of why I want the best firewall, to keep these--what I think are spyware--programs from accessing the internet, since I used up my Counterspy trial period and no other spyware program has removed them.

So, yeah. =/

Hmmm my xp pro and home boxes (including the laptop I am on) did not have it default on ... that had to be installed

It shipped with the features there but not truly "Installed"
Hmmm... What worm was targeting IIS though? I remember it came out... 2-3 years back and the problem was servers and XP boxes with IIS coming default on.

Not as far as I know. What made me assume it was spyware was this little process running in the backround of my task manager calling itself inetinfo.exe, and whenever I kill it it has two other processes ressurect it no matter what I do. Normal programs don't do that as far as I know. Some other thing called MsMpEng.exe keeps doing the same thing as well. It's part of why I want the best firewall, to keep these--what I think are spyware--programs from accessing the internet, since I used up my Counterspy trial period and no other spyware program has removed them.

So, yeah. =/
Could be something disguising itself as IIS rather then actualy being IIS

In Windows XP, and Windows 2000 workstation - it is not installed. You must be running a Windows 2000 server, or Windows 2003 server or maybe the Small Business Edition of those servers if IIS is running.
Maybe that's what I am remembering for that worm.

Hmmm... What worm was targeting IIS though? I remember it came out... 2-3 years back and the problem was servers and XP boxes with IIS coming default on.
Possible (we deal with so many they blur togeather) though full version of IIS is only on XP Pro ... home has pws

At work, we use a hardware firewall and then a Microsoft ISA Server 2000 firewall to connect to the outside world. The ISA Server is also a web proxy. Works well - but not for the stingy.

Could be something disguising itself as IIS rather then actualy being IIS
It would not surprise me. I think have the professional version of Windows XP on here, in case that helps you decide. I dunno. All I know is that nothing has been affected at all by blocking that.

On a side note, this seems like a great time to mention my time-out bug. See, ever since I started using this DSL modem, I've run into timeouts. I can access a site for a while, then, all of a sudden, for no reason, it times out and I am unable to access anything on it. Sometimes I'm even able to access one domain of a website while denied another. Case in point:GMail versus the Google search engine.

Anyway, nothing I do has solved this problem. Nationstates and this forum appear to be immune to it--along with one or two other random sites, occasionally, including my own website--, and it happens only on my computer, not on the other, where the modem is actually hooked up. (Not that that solves anything: it happens on this computer even if I hook up the modem to it.) It's not the browser: repeated Firefox updates and even occasional runnings of Windows Explorer for some things(I've got something school-wise I literally cannot access in Firefox, to my chagrin) all run into it anyway. So, what is it? For a while I was able to fix the problem--temporarily--by resetting the modem, leading me to think it was some kind of weird cache/data transfer problem with the wireless part of the modem, but lately that hasn't been doing anything for it. Sometimes even when I first connect stuff'll time out on me. It's been incredibly frustrating, because, as I said, it affects literally anything and everything except for a lucky couple of sites. In fact, that link to the TINY Software website was timed out on me till just a moment ago.

So...any ideas?

At work, we use a hardware firewall and then a Microsoft ISA Server 2000 firewall to connect to the outside world. The ISA Server is also a web proxy. Works well - but not for the stingy.
We run a Cisco hardware firewall followed by a packeteer packetshaper before I our 6530 (I believe) on campus. From that point we have VLAN subnets with a firewall sitting on each Subnet

We also are using a new NAK (1500 client per box) solution with self checking compliancy of nodeds (its in monitor mode right now to see what we are going to be blocking the flollowing fall)

Basicaly besides the firewall solution we have a network that sits and scans all student computers making sure they have AV installed ... and up to date if not it shuffles them off to their own VLAN in "Quarintine"

It also checks for typical worm spreading methods and also moves thoes machines into their own VLAN

Check the wireless isn't playing up ... wireless can work then just stop working. It's horribly pedantic at times. To test this, connect the two PCs using a cable and see if they work.

Check the firewall is not in paranoid-skitz mode either.

Univ Wide

We are one of the first universities to push defense at the network level (I just sat through 5 hours of cisco vender meetings yesterday)

Basicaly it is like the phisicial virus situation in a dorm ... that many people packed so close to geather ... when one person catches a cold it tends to bounce around really quickly

The defending networks thing is like being able to lock people in their own rooms untill they are better. It slows or stops any virus transmission (This is just one of the things we can do with the new equipment such as the 2960 or the 3560)
Oh, ok. They did make a big deal about us getting the antivirus running (they give us free McAfee Antivirus) and getting a firewall. They implied that hackers like to use the supercomputers in the physics department. Meh.

Thanks anyway.

Check the wireless isn't playing up ... wireless can work then just stop working. It's horribly pedantic at times. To test this, connect the two PCs using a cable and see if they work.

Check the firewall is not in paranoid-skitz mode either.
Oh, that's definitely not that. See, while some sites time out, I am able to access other sites. It's not like everything shuts down. They'll shut down in stages. Some sites will be inactive, then as those sites are accessible another group will suddenly become inaccessible, etc. etc. And I can access NationStates at all times.

I'm using Lavasoft Personal Firewall. As well as avast! and Ad-Aware/Ad-Watch.

Oh, that's definitely not that. See, while some sites time out, I am able to access other sites. It's not like everything shuts down. They'll shut down in stages. Some sites will be inactive, then as those sites are accessible another group will suddenly become inaccessible, etc. etc. And I can access NationStates at all times.

Sometimes it's the cursed ISP ... sometimes their DNS plays up.

Sometimes it's the cursed ISP ... sometimes their DNS plays up.
Maybe. Except it doesn't affect the other computer connected to the network, as it can be on the site at the same time I am unable to access it. And it's not the websites themselves either: plenty of people are able to access and use them all the time while I can't. I can remember many a time I was suddenly unable to continue an important conversation on a forum and had to respond via AIM using another member to post what I had to say.

See, this is why it's so confusing, because every logical possibility one could think of--at least, one without lots of technical experience, such as myself--does not explain it. It seems utterly random, as if my computer was trying to piss me off.

Interestingly enough, it started happening a wee bit more often when I started using Sygate Firewall, though it could be I'm just trying to find a scapegoat and/or just being more frustrated by the same amount of events.

Maybe. Except it doesn't affect the other computer connected to the network, as it can be on the site at the same time I am unable to access it. And it's not the websites themselves either: plenty of people are able to access and use them all the time while I can't. I can remember many a time I was suddenly unable to continue an important conversation on a forum and had to respond via AIM using another member to post what I had to say.

See, this is why it's so confusing, because every logical possibility one could think of--at least, one without lots of technical experience, such as myself--does not explain it. It seems utterly random, as if my computer was trying to piss me off.

Interestingly enough, it started happening a wee bit more often when I started using Sygate Firewall, though it could be I'm just trying to find a scapegoat and/or just being more frustrated by the same amount of events.

Hard to say without looking at the PC/laptop. Sometimes it's just a bad configuration setting in Windows XP or the firewall.

Well..it DID take a lot of work to get this computer to accept the wireless network in the first place...originally we had a different network in place, as we used Wispertel, a satallite internet service. We've been using the same modem card and wireless recievers originally meant for that modem for the Qwest DSL modem. That could possibly be it: technological incompatability.

Still, I wish there was a way to fix it. It's frustrating me to no end.

Well..it DID take a lot of work to get this computer to accept the wireless network in the first place...originally we had a different network in place, as we used Wispertel, a satallite internet service. We've been using the same modem card and wireless recievers originally meant for that modem for the Qwest DSL modem. That could possibly be it: technological incompatability.

Still, I wish there was a way to fix it. It's frustrating me to no end.

I share your problems. The wireless at our work is very unpredictable - some laptops work beautifully and the new Toshiba laptops don't like it. If they work, it's on and off. Some days no issues, other days have to go reboot the routers.

*hands jeruselem 1... 2... 3... 4 cookies*
:p

*hands jeruselem 1... 2... 3... 4 cookies*
:p

Thank you! Been a while for quad-posting :D

I use my router as a firewall. Far better than all the software I have previously used...

I use my router as a firewall. Far better than all the software I have previously used...
I'd use a hardware firewall, but my parents refuse to do that. They also refuse to use Firefox, and stick to software proven to be subpar, such as Norton Antivirus. ~___~

Be careful with ZoneAlarm and Avira Antivir 7.0 - they don't go together.

As for the firewall - I use Sygate Personal Firewall to see what goes out, incoming is caught with my hardware firewall (hopefully ;))

Be careful with ZoneAlarm and Avira Antivir 7.0 - they don't go together.

As for the firewall - I use Sygate Personal Firewall to see what goes out, incoming is caught with my hardware firewall (hopefully ;))
No Zonealarm. Got it.

Oh, ok. They did make a big deal about us getting the antivirus running (they give us free McAfee Antivirus) and getting a firewall. They implied that hackers like to use the supercomputers in the physics department. Meh.

Thanks anyway.
Yeah we host the servers for D2L (online classes) for the entire state pluss some of wisconsin right now ... we have some impressive machines sitting in one of our buildings

I'd use a hardware firewall, but my parents refuse to do that. They also refuse to use Firefox, and stick to software proven to be subpar, such as Norton Antivirus. ~___~
Yeah but the corporate releases are not bad by symantec