Easy to use firewall

Discussion in 'other firewalls' started by linksshadow, Jun 17, 2005.

Thread Status:
Not open for further replies.
  1. linksshadow

    linksshadow Guest

    Ok so here is my dilema. I have built a nearly $6000 dollar computer, completely state of the art, for my mom and I want to keep it as safe from problems as possible while still being very user friendly and as little up keep as possible. She isn't the most knowledgeable about what kind of access to grant applications and the like and I'd really rather her not have to worry about it while still having the protection of a firewall. So what I need is a firewall that requires as little user involvement (after the initial setup) as possible even when installing new applications. I am willing to sacrifice security for simplicity in this case as I'm behind a router with a firewall and stealth capabilities built in. Any suggestions as to a firewall for this instance would be greatly appreciated.
     
  2. akor

    akor Registered Member

    Joined:
    Jun 4, 2005
    Posts:
    7
  3. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus

    i dont think that u need a software firewall
     
  4. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    If you don't want user intervention, then there is no need for a software firewall since you have a hardware router.

    But if you want an easy to use firewall then ZoneAlarm is maybe the easiest to use firewall.
     
  5. Redblaster

    Redblaster Registered Member

    Joined:
    Jun 17, 2005
    Posts:
    5
    ZoneAlarm is one of the best - it stops connections leaving your PC if something like spyware does get in - this won't be stopped by most router/firewalls.
    You need:
    - a good antivirus like NOD32.
    - a good s/w firewall like ZoneAlarm.
    - anti-spyware s/w like spybot S&D (free) or adaware.
    - best to be behind a hardware firewall router like yours so most operating system exploits don't work.

    Scan yourself with the "Sheilds Up" links at www.grc.com to see how secure you are!
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    ZoneAlarm FREE or Look 'n' Stop. I have used ZoneAlarm FREE for over 10 years and recently swapped to LnS. With little user interaction being required LnS wins hands down.

    Cheers :D
     
  7. Arup

    Arup Guest

    My vote goes for Zone Alarm, nothing beats its simplicity and it is the least complex to use for first timer.
     
  8. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Zone Alarm is easy to use and is the firewall I am currently using. I have had both McAfee & Zone Alarm.
     
  9. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
    I have to say ZoneAlarm also. Just set `n`forget.
     
  10. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    I'm sorry, but I slightly disagree with the "no software firewall needed" comment.

    This is of course more a matter of opinion that anything else, but let me illustrate.

    With a hardware firewall you are basically protected against worms attacking the computer from outside the firewall (i.e. self-propagating viral apps that spread through open ports).

    That's it.

    If the system is infected by a user-downloadable trojan or virus that wants to spread itself, the hardware firewall will give absolutely no added protection to the system (against downloading of additional viral components) or to other systems (spreading of the viral code).

    For the system to operate with the basic internet apps, the hw firewall must open basic ports for smtp, pop, imap, http, etc. Trojans and virii can be downloaded through these, if the user is not careful (and happens to be unlucky).

    With these ports open and the hardware firewall having absolutely no idea, which program is using the ports to access the network, there is very little protection once the system is infected.

    This can be of course problamatic for people who are not very advanced users and "just click on stuff" whether those are malicious web links, downloads or e-mail attachments.

    Of course, against those risks anti-virus and anti-trojen programs should be used at any rate.

    But if the system becomes infected regardless of AT/AV, the risk factors associated with that compromised system AND towards other systems can be potentially reduced, with a software firewall.

    A software firewall will do a couple of things no hardware firewall, anti-trojan or anti-virus program can do (once the system is compromised).

    - deny network access completely for unknown apps
    - deny specific network access for known apps
    - deny launching of separate processes to act as download conduits for viral programs

    As a results, a software firewall (if capable and properly configured), can prevent a viral piece of software from:

    - downloading new viral components to the system (new keyloggers, servers, new attacks, etc)
    - spreading itself to trusted LAN or to other computers on WAN
    - making the computer act as a zombie in a Distributed Denial of Service type attacks

    Of course, a software firewall is again NOT a guarantee that these things will not happen, but it will lessen the security risk.

    And the loss is of course, added user complication.

    HOWEVER, and this is a big however (imho), if the user in question uses ONLY known and predefined applications to access Internet, then it's relatively easy to add a software application firewall that just works.

    It just works in the background and prevents all except the predefined applications from accessing the internet (and only through predefined protocols).

    I have set up my moms computer to be able to access:

    - windows update
    - antivirus updates
    - mail (via Mozilla)
    - web via Moz

    She does not need ftp, nntp, sntp, etc.

    So, everything else (afair) is disallowed.

    Works for her.

    If she wants to lean how to use IM, it's not a big deal for me to go over and punch one more rule to the software firewall to allow for specific IM traffic.

    That's my two cents worth.
     
Loading...
Thread Status:
Not open for further replies.