Discussion in 'Software Q&A' started by ashisharya, Mar 28, 2005.
Which will be a good firewall which will protect Broadband connections?
Zone Alarm is good.
ZoneAlarm, Sygate, Kerio, OutPost are some of the Free Good firewalls...
This is already been discussed in the forum please search before posting.........
Well Zone alarm pro (latest one)
Linux iptables + guarddog
i use zone alarm .... dial up though ....
its gud .... givs regular updates ...
PPL here suggested Zone Alarm and I switched over to it from the Norton variant and was pleased !
Go for Zone Alarm....
Configure it carefully and you will be as safe as safe can be !
I wanna ask ppl here using ZA...
I felt ZA made my BSNL ka BBand Connection reallllllllly slow.....
I dont find zone alarm pro slowing my dial up internet to the reallllllly slow that you said .Its very efficient.Yes it has reduced the speed but thats a marginal amount considering the security angle that it provides it worth that 1% decrease in speed.
On my comp its about 1% decrease in speed which is tolerable.
For a broadband connection, I would recommend using a hardware router with in built firewall capabilities (with inbuilt SPI and ability to ward off/defend DoS attacks, etc). There are also dedicated hardware firewalls from major manufacturers that will cost you much more.
However, the normal "routers" from good makes (D-Link, Netgear, SMC) have a lot of features to give you that protection. I have personally seen the Linksys and SMC Barricade routers and they do their job pretty well.
There is a lot of info on hardware routers cum firewalls that you might want to read up
Apart from this, you should run a software firewall on your PC (like Zone Alarm as others have mentioned; I personally prefer Sygate Personal, which I find has a lot of nifty options with configuration).
The followings are good
Norton's personal firewall
including windows Xp buitin firewall
Panda 2005 firewall
Mac Afee's Fire wall as used by my friend.
He says best
Use Zone Alarm. i think its the best !
I tested a few software firewalls with the Leaktest Firewall Tester which can be downloaded by following the link below
I tested the following Firewalls and got the results as described in there.
1. McAfee Personel Firewall (V6 Full version)
It passed the basic Leaktest as it found out that the Leaktest program was trying to communicate with its server grc.com. But when i switched to stealth mode, it let the program make the connection. This vunerability can be exploited by any hacker in his trojans or other such programs.
2. Sygate Personel Firewall (Freeware Version)
Oh man!! I couldn't do a leaktest on this firewall. In spite of the successful installation, the main program crashed when it started. I restarted it but again, when the work started, it crashed again. A security program that crashed cannot be trusted. At least not by me.
3. Premidius Firewall (Freeware Version)
This failed the stealth mode, as McAfee did. It was more problematic though. Its installer and uninstaller are not good at all. When I tried to uninstall the app, it just ....ed me up. I forgot to shut it down before uninstallation and it was not removed completely. I rebooted and the program gave an error that "Drivers are Missing" or something like that. And the program still ran in the system tray. I had to kill the app and the services using task manager, delete the files, remove it from the startup list................ Man that was sick............
4. Windows XP In-Built Firewall
I don't think i need to say anything. It failed all the tests by Leaktest. I don't know what this program is for anyway. It barely gives a warning of programs trying to call out of your computer. Most of the warnings it gives are against other Firewalls. If somebody has not installed any other firewalls and turning the Windows Firewall on, I recommend them to turn it off, at least you will save some system resources.
5. Kerio Personel Firewall (freeware)
It is a great firewall. If you install it in advanced mode, it will give you complete application awareness. It will give you information on which program is trying to access the internet with details. It will also give you info on what programs have changed since you last ran them. This means, if you have granted your browser, say Firefox.exe, to access the internet without asking, and if some trojan replaces the firefox.exe and tries to communicate outside, the firewall will catch it and give you a warning that the program has changed.
It is not necessary to mention that it passed all the Leaktest tests.
But when i click update, it shows an error "An error occured During Update checking. Please try again". I don't know what is the problem. Please help me out on this.
6. ZoneAlarm Security Suite
I tried it on ZA Security Suite. A freeware version of ZA firewall is available but I haven't tried the tests on it. I hope it is also similar.
ZA also passed all the tests and monitors application changes. It is a great firewall too.
It has a problem with updates though. We need to download the whole program (ZA Security Suite is about 16 Mb) in order to update the firewall engine. This is sick.
Frankly, I am surprised the software crashed on you. I have been using Sygate on a number of PCs and for a number of years - trouble free.
To get real good testing for your firewall, I would suggest the venerable site http://www.grc.com and then doing the Shield's up test and Leak test.
Lastly, as I mentioned earlier, for a broadband always-on connection, nothing better than a hardware firewall + a software firewall running on on the desktop/notebook.
Hardware firewall ? dude those things are expensive. And why would I invest in a H/W firewall when I just have broadband connection which is around 600K ? H/W firewalls are typically used by corporations. I think H/W firewall is lil bit of an overkill. SW firewalls will do for the common man.
many ISP's providing broadband(which is actually narrow band) have hardware routers and firewall stuff, so unless the connection is used for large sub networks, this idea is too epensive.
You are right! Hardware firewalls that are used for enterprise level are expensive.
However, what I have mentioned here are routers (with inbuilt firewall capabilities) for the SOHO and home user. There are plenty of routers that are available starting from the ~ 3500/- range onwards that makes very affordable solutions. These routers have inbuilt firewalls (SPI or NAT or sometimes even both).
In fact, the other day I saw this UTStarcom ADSL modem-cum-router from BSNL that you can buy for Rs 2000/-, which IMHO is a very good buy.
The idea was suggesting the "Best Firewall," where a harware solution acts much better, even if it might cost you Rs 2000/-
Yes of course, one can use anything ranging from XP's inbuilt firewall to the free ones from Sygate, Zone Alarm, or even the paid ones from Zone Alarm (Zone Alarm Pro retails for $49.95 online (approx Rs 2079/-).
Separate names with a comma.