Ahh, alright. Well I got Comodo Firewall and Antivirus a moment ago and installed it. Guess it doesn't hurt to have extra protection, lol.
My Webcomic: www.fknsrscmx.com
My Myspace Music page: www.myspace.com/ryokenryagnaroth
My Last.fm page: http://www.last.fm/music/Ryoken+Ryagnaroth
My deviantART page: www.ryoken-ryagnaroth.deviantart.com
My Weblog: gremlinbutts.blogspot.com/
I have a Juniper Networks Netscreen firewall vpn. Not sure of the exact model, it was a freebie I got a while back for attending a tech conference. Actually I won it in a raffle drawing. Gotta love those conferences. Not that I think of it I have not even looked at that thing since I installed it. Maybe it is time to investigate it's functions a little more. When I have time I will check it out.
No power at my house right now so I can not even log into it. We had a wicked storm pass through here yesterday. 12" of rain in less than 24 hours and 70mph gusts took down a lot of trees and power poles. I have the top of a power pole sitting in the middle of my street right now so I can not even get home. Estimated time of power restoration? Sometime before Friday... Had to come into work today so I could get my TBCS fix...
"...Dumb all over, A little ugly on the side... "...Frank Zappa...
Well it didn't say anything about the antivirus being a trial, it was just this other tech support sort of thing or something that wasn't free after 30 days.
My Webcomic: www.fknsrscmx.com
My Myspace Music page: www.myspace.com/ryokenryagnaroth
My Last.fm page: http://www.last.fm/music/Ryoken+Ryagnaroth
My deviantART page: www.ryoken-ryagnaroth.deviantart.com
My Weblog: gremlinbutts.blogspot.com/
When looking at the results, make sure you remember that this is only a test of their firewall capabilities, and most of the well-known products are AV that happen to have a firewall/etc thrown in; it's not their real intended purpose, and so personally I don't really find the results that surprising.
BTW, xRyokenx, the free version of Avira doesn't include their firewall, so this has no bearing on that version whatsoever. (free Avira is my person preference for AV too, btw)
Actually, yes, it can. This is especially true with AV software, since a lot of newer (last 5-7 years) products hook themselves deep into the OS so that they can actually detect and kill stuff. If you have two pieces of software trying to do that, they'll often kill the other, and you end up with no protection.
As for hardware vs software hardware, it is correct that 'hardware' firewalls are just software running on dedicated hardware; most 'hardware firewalls' are just an embedded system running a stripped-down version of Linux or BSD, plus proprietary software. The reason that hardware devices provide better protection is that a) they protect the entire network, and b) they deal with the traffic at the protocol layer instead of the application layer (what software firewalls usually do). Additionally, software (or client) firewalls run on top of the OS, so they can be compromised relatively easily if the OS is compromised.
I'll go ahead and get rid of Comodo's AV then.
My Webcomic: www.fknsrscmx.com
My Myspace Music page: www.myspace.com/ryokenryagnaroth
My Last.fm page: http://www.last.fm/music/Ryoken+Ryagnaroth
My deviantART page: www.ryoken-ryagnaroth.deviantart.com
My Weblog: gremlinbutts.blogspot.com/
I think the title of the thread makes the first bit plain "Check out your firewall".
Norton Internet Security Suite and McAfee Security Suite are both well established all-round protection suites that have had firewalling for years - and been advertised as such. I don't count them as AV and not having firewalling as a primary purpose and neither do they.
These two results in particular were very interesting and shockingly poor. Especially when compared with Kaspersky Internet Security Suite. The three are in similar market positions in terms of longevity and fame.
Kaspersky would seem to be the only rounded product of the three. Not only that but it also has a lighter foorprint on the O/S than either of the other two.
Norton has been a known machine killer for years in terms of performance hit and Mcafee sadly caught up on that score pretty much. That their firewalling is so leaky makes one wonder whether they have overcomplicated their builds or missed some basic tricks - or a bit of both since their confirmed status as bloatware implies the first.
I was also surprised to see Zonealarm do so poorly although I don't recommend it any longer particularly, preferring Comodo for those who want a free firewall.
The other product that shocked me was Threatfire - a lot of people tout this and the very low rate of success in these tests means I will be pointing this research out to the people I know who are relying on it.
To imply that products advertising themselves with all round capabilities they do not have should be given a break, in essence, because firewalling "is not their real intended purpose" is a bit misleading really. If it says it's a fish and it looks like a fish and smells like a fish ..... but turns out to be crabsticks, there's no excuse.
The third solution between an purchased hardware firewall and a software f/w on the local machine is to build a dedicated box yourself.
If you do this using IPCOP or one of the similar Linux based distros and configure it correctly with the right plug ins you get as good as an off the shelf box:
- stripped down and hardened Linux OS as the base O/S
- firewalling built into the Kernel not sitting on top
- a full range of higher end capabilities - VPN, QOS, anti-DOS, Packet filtering, web proxy, AV at the firewall (with Clam)
- prototcol layer and application layer control
- protects the whole network
Given that IPCOP can run off a PIII with low ram and a 10G hard drive and the software is GPL you are looking at a homebrew hardware firewall with the capabilities of dedicated machines costing into the thousands of dollars but costing zero ... or at a fraction of the price (if you don't have some of that hardware laying around like most of us).
The OP in this article linked above had this to say:
andI know that I need the following features to work:
Like any good internet junkie I turned to Google. I did a quick search for firewall routers and came up with an assorted list of possible replacements. From DLink to Linksys to Symantec – everyone seemed to be in the market. Only problem was each would take days to get and the cheapest would run the company just over $300. To put that into perspective the most expensive of ones with the features I needed was $6,800.
- Traffic Routing
- DHCP
- VPN
So I modified my search to include open source projects. Right away I got a number of Linux alternatives. High on the list was one that was a little familiar – I remember reading an article about this great little firewall called IPCop.
Now let me just get out of the way how easy this thing was to get up and running. The solution took under an hour to get entirely setup, as apposed to the over 8 hours I spent on the SonicWall – and over that on the old Symantec I had before that. Here’s how it went:
- Download the ISO (CD Image) of IPCop 1.4.1
- Burn it to a CD
- Pull old PC out of trash (Celeron 400 w/128 MB Ram and 4 GB hard drive)
- Take out an old PC add a 10/100 NIC card (so there would be two instead of one)
- Put IPCop CD in old PC
- Turn on computer
- IPCop config loads
- Configure IPCop
- Firewall Working
- Configure all access rules.
- Finished
OK – so I have a working firewall with all of the features I want. They have pretty good documentation, but the real gold is in the ease of which everything was configured. Had I purchase a firewall that had the same features – it would have run me about $3,800. So far I have spent $1.00 on the CDR. Lets talk about what the software does.It is a Linux based operating system, but it is not meant to be a general-purpose system. The firewall design attempts to eliminate as many features from the system as possible. The central idea is that the more code that runs on the firewall, the more places there are that are vulnerable to attacks.
- A secure, stable and highly configurable Linux based firewall
- Easy administration through the built in web server
- Lots of great reports, logs and graphs
- A DHCP client that allows IPCop to, optionally, obtain its IP address from your ISP
- A DHCP server that can help configure machines on your internal network
- A caching DNS proxy, to help speed up Domain Name queries
- A web caching proxy, to speed up web access
- An intrusion detection system to detect external attacks on your network
- The ability to partition your network into a GREEN, safe, network protected from the Internet, a BLUE network for your wireless LAN and a DMZ or ORANGE network containing publicly accessible servers, partially protected from the Internet
- A VPN facility that allows you to connect your internal network to another network across the Internet, forming a single logical network or to securely connect PCs on your BLUE, wireless, network to the wired GREEN network
- Traffic shaping capabilities to give highest priority to interactive services such as ssh and telnet, high priority to web browsing, and lower priority to bulk services such as FTP.
- Improved VPN support with x509 certificates.
- Built from the ground up with ProPolice to prevent stack smashing attacks in all applications.
- A choice of four kernel configurations, allowing you to choose an optimum configuration for your circumstances.
- An appendix of this manual discusses running IPCop from a flash disk.
It would be interesting to see devices based on IPCOP and other such Linux based distro's tested against out of the box solutions if anyone can dig anything up. The real down dirty coders and network people commenting were seemingly of the view that to pay for a Network device is a sin when the GPL based ones are so damn good.All I have to say is spread the word and try this out. Not only was it really really easy to set up, but these guys have the best firewall I have ever used. This would be an excellent firewall for any small to medium sized business. We highly recommend it.
CB
There is no real difference in the 2 releases. They both use IPchains, so it just boils down to which web based interface you prefer. I have used both, and they both work fine. Personally I think that Smoothwall has a slightly nicer interface. You could also just load up any linux distro and accomplish the same thing from the command line if you are familiar with the packages and commands.
Another one to look into is M0n0Wall which has a BSD backend. Some feel that with it being rooted in BSD its more secure then any linux firewall. I have used it as well, and it works fine.
Basically you have the gist of it with the difference between a hardware and software firewall, and yes a hardware firewall is basically a dedicated device running software. With a software firewall loaded on a machine connected to the internet, the machine still receives the packets before the software is able to reject them. So technically they are still interacting with the OS, and thus pose a potential threat. With a hardware firewall the packets are rejected at the firewall. They never have a chance to make it into the network and on to your machine, so there is an extra level of protection. It also provides this extra protection for your whole network, and not just one machine at a time.