I have read that software firewall are not so good for blocking hackers is this true? wat is good for blocking hackers only hardware firewalls? and if yes suggest a good router with a built in hardware firewall pls coz i want a network in my house i have read that routers have hardwarefirewalls built in. but is this the only good thing for blocking hackers
I personally don't see any problems with having a good software firewall, if you configure it properly and they are a lot cheaper than hardware.. I run ZoneALarm free and I haven't had any problems at all. my 2 cents...
it's not the only good thing Chaos, but I believe in the fact that a router is always for the better regarding incoming traffic backed up with a good software firewall offcourse...always backed up with software app control and outbound protection. A router isn't doing anything in regards to outbound...now take LnS with Router would make perfect setup imho (inbound+outbound) + something good for app control like pg/prevx and your good to go if setup is ok
a Router will disguise your IP address with different addresses making it harder for hackers to find you to attack you.
Pretty broad questions... What do you mean by hackers/hacking? If it is just blocking unsolicited inbound traffic, then a properly configured firewall will do this, as would a router. Providing you are forwarding no ports or running open services on the Internet. If you are talking about being compromised by virus/trojan/malware that has been run by a user on the host system, then that is another matter. Regards, CrazyM
if u can maintain the ports with software firewall their shouldent be a problem. i use kerio 2.1.5 a really old firewall...it works very well... regards AxiS
Try using Antispy Firewall against the hacker. freeware: http://www.antivirus-program.com/antivirus_program/antispy/
mine doesn't control outboung only blocks ping...I wish it did control outbound even if it's limited... bye
About that anti-virus program, is that compatible with zonealarm? and other security software Zonealarm Kaspersky Trojan hunter script defender spybot search and destroy spyguard spyblaster microsoft anti spyware adware se personal tds-3 wormguard ewido port explorer prevx Would it be compatible actually with this set up? It sounds like a good thing to have.
TPF2005-Pro will offer good control of everything if you have the time and patience to set it up correctly. It is an extremly difficult firewall to set up though. You can control.... File access Registry access Com objects Services....and more You will learn alot about your computer if you decide to use it. (and you can really screw up your computer in the process lol) Michael
quick note about Tiny, you get used to it very quickly and after three days you pretty much get a hold of it. make a backup before you begin...can save you a lot of headaches and wait with the windows security till you get control of your controlpanel... Tiny is a very nice Firewall and should solve a lot of problems but you just got to set it up right yeah ...
I fully agree Infinity, Ive been using tiny for a couple of years. I just wanted to warn that its alot more involved than some firewalls. Michael
Tiny is easily THE most involved and confusing firewall of them all. However, it does seem to work pretty well out of the box, which is a small wonder.
exactly lol just put your network in dangerous zone and make your backup...after three days you know what you're doing and go back to default settings...then restart with the knowledge you have and read WTerrel's excellent guide on Tiny2005 Enjoy it or hate it, I guess...
http://www.tinysoftware.com/forum/showthread.php?threadid=2288 I think you need to register but If everyone is ok with it I'll post the complete write-up
Third Part That's it and all the rest is user specified and up to you basicaly...it works well and very well written. take care Andy
Yep, this approach is sure to work well, but let me add a few comments to this. 1) Network part of Tiny may be configured as any other firewall - take your beloved Kerio rules to Tiny, they will work as well. You can just make separate rules for different application groups if you want. This is the easiest part and some may even stop there. 2) Wterrell basically divide his apps between win_os group (which he trusts) and other apps. The same with services. I would tend to make Trusted, Normal and Untrusted groups without distinction between windows or installed progs. There'are many OS components which I won't trust at all. 3) This is Top-down approach which is sure, but rather time consuming. In the meantime, it would tend to give you a lot of very annoying pop-ups every time, and it's prone to errors, as you create and modify a lot of rules. At the end it is difficult to have a global view of them. Personnaly, I just limit my trusted group to the very minimum but this group is allowed a lot. I avoid making rules on a single application basis. By default, any new application goes to a Normal group, which has already quite limited privileges. Spawning is allowed only between enrolled apps, and a group with lower privileges may only spawn progs with higher privileges in its own (parent) security context (even if it is obliged to ask for it). This avoids privilege escalation for any program I don't know well. On the contrary, spawning from higher to equal or lower group is permitted automaticaly in the default (child) security context. Permit rules are always specific and High priority. Blocking rules are more global and low priority. At the bottom there's always a rule to block everything. Using this approach I am able to configure Tiny in several days. It is certainly less strict and secure approach, but still very satisfying. It is always possible to tighten some rules after that, but it's really not so hard to make Tiny working quickly. Even out of the box it offers you at least as good security as any other firewall. In everyday work I forget about Tiny, I have no pop-ups at all, and when installing a new prog, it is sufficient to put it to a proper group, that's all. just another 2c for what it's worth ... isnogood
Thanx isnogood, it has to be tighten more to fully use the firewall...kinda like processguard...you can tighten it down a serious bit afterwards Take care
Of course, Infinity. This is just an approach which is not so time consuming and ready to go quickly. I use it now actually, trialling the new Tiny 2005. However, to take full advantage of what's offered, you are supposed to go further, which I do. You surely will need to tweak also system privileges, set appropriate guards and so on. But I have a feeling that even at this basic level, it offers a quite decent security. isnogood
