Blocking Hackers

Discussion in 'other firewalls' started by chaos16, May 10, 2005.

Thread Status:
Not open for further replies.
  1. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    I have read that software firewall are not so good for blocking hackers is this trueo_O?

    wat is good for blocking hackers only hardware firewallso_O?

    and if yes suggest a good router with a built in hardware firewall pls :D
    coz i want a network in my house i have read that routers have hardwarefirewalls built in.

    but is this the only good thing for blocking hackerso_O
     
  2. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    I personally don't see any problems with having a good software firewall, if you configure it properly and they are a lot cheaper than hardware..

    I run ZoneALarm free and I haven't had any problems at all.

    my 2 cents...
     
  3. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    Take a look at what was posted over at
    https://www.wilderssecurity.com/showthread.php?t=78114&page=2
     
  4. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    it's not the only good thing Chaos, but I believe in the fact that a router is always for the better regarding incoming traffic backed up with a good software firewall offcourse...always backed up with software app control and outbound protection.

    A router isn't doing anything in regards to outbound...now take LnS with Router would make perfect setup imho (inbound+outbound) + something good for app control like pg/prevx and your good to go if setup is ok :D
     
  5. Beefcarver

    Beefcarver Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    263
    Location:
    michigan
    a Router will disguise your IP address with different addresses making it harder for hackers to find you to attack you.
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Pretty broad questions...
    What do you mean by hackers/hacking?

    If it is just blocking unsolicited inbound traffic, then a properly configured firewall will do this, as would a router. Providing you are forwarding no ports or running open services on the Internet.

    If you are talking about being compromised by virus/trojan/malware that has been run by a user on the host system, then that is another matter.

    Regards,

    CrazyM
     
  7. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    That may be the case for some, but not all.

    Regards,

    CrazyM
     
  8. AXIS

    AXIS Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    109
    if u can maintain the ports with software firewall their shouldent be a problem.
    i use kerio 2.1.5 a really old firewall...it works very well...
    regards
    AxiS
     
  9. Down_Under

    Down_Under Registered Member

    Joined:
    Jan 18, 2005
    Posts:
    56
    Location:
    Brisbane,Qld,Australia
  10. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    mine doesn't control outboung :) only blocks ping...I wish it did control outbound even if it's limited...

    bye
     
  11. subzerox

    subzerox Registered Member

    Joined:
    May 5, 2005
    Posts:
    35
    About that anti-virus program, is that compatible with zonealarm? and other security software

    Zonealarm
    Kaspersky
    Trojan hunter
    script defender
    spybot search and destroy
    spyguard
    spyblaster
    microsoft anti spyware
    adware se personal
    tds-3
    wormguard
    ewido
    port explorer
    prevx

    Would it be compatible actually with this set up?

    It sounds like a good thing to have.
     
  12. mlr1m

    mlr1m Registered Member

    Joined:
    Mar 17, 2005
    Posts:
    52
    TPF2005-Pro will offer good control of everything if you have the time and patience to set it up correctly.
    It is an extremly difficult firewall to set up though.
    You can control....
    File access
    Registry access
    Com objects
    Services....and more
    You will learn alot about your computer if you decide to use it.
    (and you can really screw up your computer in the process lol)

    Michael
     
  13. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    quick note about Tiny, you get used to it very quickly and after three days you pretty much get a hold of it. make a backup before you begin...can save you a lot of headaches and wait with the windows security till you get control of your controlpanel...

    Tiny is a very nice Firewall and should solve a lot of problems but you just got to set it up right :) yeah ... ;)
     
  14. mlr1m

    mlr1m Registered Member

    Joined:
    Mar 17, 2005
    Posts:
    52
    I fully agree Infinity,
    Ive been using tiny for a couple of years.
    I just wanted to warn that its alot more involved than some firewalls.

    Michael
     
  15. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,787
    Tiny is easily THE most involved and confusing firewall of them all. However, it does seem to work pretty well out of the box, which is a small wonder. :)
     
  16. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    exactly :) lol just put your network in dangerous zone and make your backup...after three days you know what you're doing and go back to default settings...then restart with the knowledge you have and read WTerrel's excellent guide on Tiny2005 :)

    Enjoy it or hate it, I guess...
     
  17. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater

    Link?
     
  18. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
  19. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    With regards to WTerrel

     
  20. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Second Part

     
  21. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Third Part

    That's it :D and all the rest is user specified and up to you basicaly...it works well and very well written.

    take care

    Andy
     
  22. isnogood

    isnogood Registered Member

    Joined:
    Sep 22, 2004
    Posts:
    83
    Location:
    France
    Yep, this approach is sure to work well, but let me add a few comments to this.

    1) Network part of Tiny may be configured as any other firewall - take
    your beloved Kerio rules to Tiny, they will work as well. You can just make separate
    rules for different application groups if you want. This is the easiest part and some may even stop there.

    2) Wterrell basically divide his apps between win_os group (which he trusts) and other apps. The same with services. I would tend to make Trusted, Normal and Untrusted groups without distinction between windows or installed progs. There'are many OS components which I won't trust at all.

    3) This is Top-down approach which is sure, but rather time consuming. In the meantime, it would tend to give you a lot of very annoying pop-ups every time, and it's prone to errors, as you create and modify a lot of rules. At the end it is difficult to have a global view of them.

    Personnaly, I just limit my trusted group to the very minimum but this group is allowed a lot. I avoid making rules on a single application basis. By default, any new application goes to a Normal group, which has already quite limited privileges.

    Spawning is allowed only between enrolled apps, and a group with lower privileges may only spawn progs with higher privileges in its own (parent) security context (even if it is obliged to ask for it). This avoids privilege escalation for any program I don't know well. On the contrary, spawning from higher to equal or lower group is permitted automaticaly in the default (child) security context.

    Permit rules are always specific and High priority. Blocking rules are more global and low priority. At the bottom there's always a rule to block everything.

    Using this approach I am able to configure Tiny in several days. It is certainly less strict and secure approach, but still very satisfying. It is always possible to tighten some rules after that, but it's really not so hard to make Tiny working quickly. Even out of the box it offers you at least as good security as any other firewall. In everyday work I forget about Tiny, I have no pop-ups at all, and when installing a new prog, it is sufficient to put it to a proper group, that's all.

    just another 2c for what it's worth ...

    isnogood
     
  23. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Thanx isnogood, it has to be tighten more to fully use the firewall...kinda like processguard...you can tighten it down a serious bit afterwards :)

    Take care
     
  24. isnogood

    isnogood Registered Member

    Joined:
    Sep 22, 2004
    Posts:
    83
    Location:
    France
    Of course, Infinity. This is just an approach which is not so time consuming and ready to go quickly. I use it now actually, trialling the new Tiny 2005. However, to take full advantage of what's offered, you are supposed to go further, which I do. You surely will need to tweak also system privileges, set appropriate guards and so on. But I have a feeling that even at this basic level, it offers a quite decent security.

    isnogood
     
Loading...
Thread Status:
Not open for further replies.