How to setup firewall?

Discussion in 'other firewalls' started by southcat, Jan 25, 2005.

Thread Status:
Not open for further replies.
  1. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Hello everybody. :)

    I am using ZoneAlarm Pro 5.5 right now and i haven't try other firewall software before. After study in wilders, I know that there are 2 types of firewall :
    i) Application-based
    ii) Rules-based

    and i also learn that ZoneAlarm is application-based but rules-based firewall is better and complicated. However, if i want to learn about how to setup a rules-based firewall. **Where can i get the information and knowledges o_O

    1) Kerio
    2) Sygate
    3) Look 'n' stop
    4) Tiny
    5) Outpost
    6) Norton Personal firewall

    Can anyone tell me that which one is the rules-based firewall ? So i can choose to learn.

    Thank you. :)


    **I am a novice, have to start from basic**
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
  3. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Most rules-based firewalls will have a default configuration that you can start with (some will create one as part of their installation procedure). Most such configurations will allow more than may be necessary though, just to cover everybody's usage patterns (e.g. if you use Firefox/Opera for web browsing, the default setup will almost surely allow Internet Explorer access also, even though you may not need it). So spending time tailoring this default is always a good idea.

    For Look'n'Stop, there is a separate forum here which should offer more information (look for Phant0m's ruleset). For Kerio 2.15, check out BlitzenZeus' BZ Kerio 2x Default Replacement Update thread (scroll to the bottom for the latest updates) - I do not think there is an equivalent for the current Kerio 4.x however.

    For Outpost, there is a separate forum with a Secure Configuration Guide but this is really for advanced users. Beginners should start with the Outpost Help, the manuals available from Agnitum's Download Page and the Web-Hiker's Guide (this covers the older Outpost 1.0, but most of it applies to the current 2.x also).

    Tiny also has a separate forum but unlike almost every other forum, you have to register first just to read it. Tiny includes Windows process and file control as well as network filtering - this makes it a more powerful security product (the other firewalls need to be supplemented with software like Process Guard or System Safety Monitor) but this makes it far more complex to configure - it is not a recommended option for new users.

    Creating your own ruleset does mean balancing security with convenience - so the "ideal" setup will vary from person to person. If you take the time to read and experiment, you should end up with the best configuration for your purposes.
     
  4. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Thanks ronjor and Paranoid2000 for your detailed instruction(sorry to let you type so many words ;) ). I will go to check out and if i have any question, i may come back :D.

    Thank you. :)
     
  5. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    Only 4 things to add after P2K got there first [grumble]

    1. Experiment! Test all your configs. Keep everything backed up before trying new firewalls or config packs... but don't be afraid to experiment [just remain calm and follow basic safety rules]
    2. Search! Search this and other forums, use google for general searches, search the blogs and search Geocities. You'll find AMAZING crap on the web.... 2-5% of it is ACTUALLY pretty useful!
    3. Tech material! Find books/whitepapers/Articles ANYTHING remotely related to security... reading is a habit I wown't break... I swear it.
    4. Fight! Ask around on forums, and don't be afraid to fight for YOUR right to ASK QUESTIONS!!

    About your list....
    here's some personal opinion on each.
    1) Kerio - One of the easier AND more technical firewalls... flaws found in v4, v2 seems old and not THAT great [tho' BZ will disagree...Pros always do]
    2) Sygate - Easy to use, but has a couple of "bugs", so to speak [outpost forum is bes t to check "Loopback" vulnerability out]
    3) Look 'n' stop - Easy to use. Powerful. Light. UI is kinda chilish, but what the heck. Is nice.
    4) Tiny - AMAZING. slightly heavy. AMAZING. Hard to configure [indeed, hard to understand]. Stay away till you're fairly comfortable with Network AND PC safety.
    5) Outpost - Beautiful. Haven't used in a long time, but reviewws are AMAZING.
    6) Norton Personal firewall - Heavy. Expensive. Slow. Completely crazy... creates rule by itself... allows MS Word to accept connections form NET!!!... HAHA.. pretty huge flaw there... that I saw in NIS 2003... dumped it. Can't say about 2005.

    If you are confused about ANYTHING at all... remember #4 above ;)
    Good Luck.
     
  6. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Thanks no13 for your introduction. :D
    Since look 'n' stop doesn't provide free version, i may pick kerio or outpost.

    All of you are nice guy. :)
    Regards.
     
  7. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Southcat,

    If you are only considering free products, then Kerio is likely to be a better choice than Outpost (whose free version is seriously dated). Kerio Free only lacks the content filtering of the Pro version and this can be dealt with by using a standalone filter like WebWasher Classic (easy to use, free for personal use) or Proxomitron (far more powerful, but more complex also, completely free).
     
  8. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    I haven't heard WebWasher before but it seems good. Proxomitron is a great program that I cannot miss.

    Thank you. :)
     
  9. zcv

    zcv Registered Member

    Joined:
    Dec 11, 2002
    Posts:
    355
    Southcat, you list all the rule making firewalls except ZA Pro. Like Sygate, it combines application control with rule making options. Perhaps you should look at your own firewall. It is the free version that is app based only.

    Regards - Charles
     
    Last edited: Jan 27, 2005
  10. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Hello zcv, thanks for your remind, i will go to check out. :)
     
Loading...
Thread Status:
Not open for further replies.