Hello everybody. I am using ZoneAlarm Pro 5.5 right now and i haven't try other firewall software before. After study in wilders, I know that there are 2 types of firewall : i) Application-based ii) Rules-based and i also learn that ZoneAlarm is application-based but rules-based firewall is better and complicated. However, if i want to learn about how to setup a rules-based firewall. **Where can i get the information and knowledges 1) Kerio 2) Sygate 3) Look 'n' stop 4) Tiny 5) Outpost 6) Norton Personal firewall Can anyone tell me that which one is the rules-based firewall ? So i can choose to learn. Thank you. **I am a novice, have to start from basic**
Most rules-based firewalls will have a default configuration that you can start with (some will create one as part of their installation procedure). Most such configurations will allow more than may be necessary though, just to cover everybody's usage patterns (e.g. if you use Firefox/Opera for web browsing, the default setup will almost surely allow Internet Explorer access also, even though you may not need it). So spending time tailoring this default is always a good idea. For Look'n'Stop, there is a separate forum here which should offer more information (look for Phant0m's ruleset). For Kerio 2.15, check out BlitzenZeus' BZ Kerio 2x Default Replacement Update thread (scroll to the bottom for the latest updates) - I do not think there is an equivalent for the current Kerio 4.x however. For Outpost, there is a separate forum with a Secure Configuration Guide but this is really for advanced users. Beginners should start with the Outpost Help, the manuals available from Agnitum's Download Page and the Web-Hiker's Guide (this covers the older Outpost 1.0, but most of it applies to the current 2.x also). Tiny also has a separate forum but unlike almost every other forum, you have to register first just to read it. Tiny includes Windows process and file control as well as network filtering - this makes it a more powerful security product (the other firewalls need to be supplemented with software like Process Guard or System Safety Monitor) but this makes it far more complex to configure - it is not a recommended option for new users. Creating your own ruleset does mean balancing security with convenience - so the "ideal" setup will vary from person to person. If you take the time to read and experiment, you should end up with the best configuration for your purposes.
Thanks ronjor and Paranoid2000 for your detailed instruction(sorry to let you type so many words ). I will go to check out and if i have any question, i may come back . Thank you.
Only 4 things to add after P2K got there first [grumble] 1. Experiment! Test all your configs. Keep everything backed up before trying new firewalls or config packs... but don't be afraid to experiment [just remain calm and follow basic safety rules] 2. Search! Search this and other forums, use google for general searches, search the blogs and search Geocities. You'll find AMAZING crap on the web.... 2-5% of it is ACTUALLY pretty useful! 3. Tech material! Find books/whitepapers/Articles ANYTHING remotely related to security... reading is a habit I wown't break... I swear it. 4. Fight! Ask around on forums, and don't be afraid to fight for YOUR right to ASK QUESTIONS!! About your list.... here's some personal opinion on each. 1) Kerio - One of the easier AND more technical firewalls... flaws found in v4, v2 seems old and not THAT great [tho' BZ will disagree...Pros always do] 2) Sygate - Easy to use, but has a couple of "bugs", so to speak [outpost forum is bes t to check "Loopback" vulnerability out] 3) Look 'n' stop - Easy to use. Powerful. Light. UI is kinda chilish, but what the heck. Is nice. 4) Tiny - AMAZING. slightly heavy. AMAZING. Hard to configure [indeed, hard to understand]. Stay away till you're fairly comfortable with Network AND PC safety. 5) Outpost - Beautiful. Haven't used in a long time, but reviewws are AMAZING. 6) Norton Personal firewall - Heavy. Expensive. Slow. Completely crazy... creates rule by itself... allows MS Word to accept connections form NET!!!... HAHA.. pretty huge flaw there... that I saw in NIS 2003... dumped it. Can't say about 2005. If you are confused about ANYTHING at all... remember #4 above Good Luck.
Thanks no13 for your introduction. Since look 'n' stop doesn't provide free version, i may pick kerio or outpost. All of you are nice guy. Regards.
Southcat, If you are only considering free products, then Kerio is likely to be a better choice than Outpost (whose free version is seriously dated). Kerio Free only lacks the content filtering of the Pro version and this can be dealt with by using a standalone filter like WebWasher Classic (easy to use, free for personal use) or Proxomitron (far more powerful, but more complex also, completely free).
I haven't heard WebWasher before but it seems good. Proxomitron is a great program that I cannot miss. Thank you.
Southcat, you list all the rule making firewalls except ZA Pro. Like Sygate, it combines application control with rule making options. Perhaps you should look at your own firewall. It is the free version that is app based only. Regards - Charles