Is Personal Firewall really enough?

Discussion in 'other firewalls' started by testsoso, Jan 21, 2008.

Thread Status:
Not open for further replies.
  1. testsoso

    testsoso Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    137
    Or Do we need something like Snort, to truly protect the PC?
    If so, is there any free and easy to use solutions? Snort isn't that easy for windows.
     
  2. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Snort has signatures for network 'attacks'. Symantec endpoint protection also has it (probably updated version of the old sygate firewall). I'm sure there are others with built in IDS signatures.
     
  3. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    As far as I know, Snort is used mostly for detection, rather than protection.
     
  4. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Do you have any reason to think that a firewall may not be enough, or are you just playing the ever-so-popular security paranoia game?
     
  5. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    AFAIK, Kerio 4 has a NIDS module.
    You can configure Snort to drop/stop traffic which is deemed abnormal.
    A classic IDS is next to useless in a home PC (IMO). OTOH, Snort running in your gateway may be useful to stop a great portion of the "Internet noise" (IP scanning, network probes, OS scanning and the like) besides a SPI firewall. Also, Snort has signatures for application-specific vulnerabilities and it may block traffic originated from a infected machine in your LAN.
     
  6. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Snort is an IDS not a firewall... was never designed to protect a "PC" it is meant to control and track access to network end points and for traffic analysis.

    I would use SmoothWall Express www.smoothwall.org instead as it is a full blown firewall and it's free (must build it yourself though). Requires an old pc but it's way more powerful than any firewall/switch combo type devices...
     
  7. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,123
    Location:
    USA
    Regarding Smoothwall I'd be interested to hear more about how it's more powerful then the firewall in a home router. I have a spare PC and would consider dedicating it to run smoothwall.
     
  8. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    For starter it usually ends up being in a box with a processor more powerful than 200Mhz... and it has more features... vpn and many others usually not found in most devices...

    It's built on linux with minimal services (no unnecessary services) meaning you are less likely to be hacked successfully. It is entirely web enabled so all you need is a web browser to manage it. It works on 2 or more nics and It doesn't suffer the same limitations as a router/firewall/switch device as it is a dedicated firewall (No switch) all power available on host pc is entirely available to it. You can also use it to partition small LAN's into managed segments and so on...

    As a filter it is feature rich and it is easily tweakable. And above all it's Free...
     
  9. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    While browsing, I was alerted to a similar project called comixwall. It is a firewall with a webinterface built on openbsd. Relatively new project though. Hope it turns out well.
     
  10. herbalist

    herbalist Guest

    I'm running Smoothwall Express 2.0 on an old Gateway P5 with 32MB RAM and a 133MHZ processor. Haven't tried 3.0 yet, so I can't say if it will run on hardware as underpowered as this. The total cost for converting the old PC was 2 network cards and a crossover cable, about $50. Once you get past the initial setup, the Smoothwall PC doesn't need a monitor, mouse, or keyboard attached.

    Smoothwall 2.0 has been rock stable for me. The last time it was restarted was 78 days ago, and that was a power failure. Even on the underpowered hardware I'm using, there's no performance loss with 864/160 DSL. Eventually, I want to add a PCI ADSL modem to it and get rid of the vendor supplied modem entirely. Easily the best $50 I've spent on a computer.
    Rick
     
  11. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Another similar product I forgot... Might be even better all things considering what it actually offers is Untangle Security Gateway....
    from http://www.untangle.com/

    The best open source projects, integrated and made easier for spam blocking, web filtering, remote access and more

    * Commercial-grade open source alternative to SonicWALL and WatchGuard
    * 14 integrated apps - use one or all of them
    * Runs on off-the-shelf hardware

    It's Free!

    The picture on the link below describe Free vs Pro features:
    http://www.untangle.com/images/open_vs_professional_table.png
     
    Last edited: Jan 23, 2008
  12. toasale

    toasale Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    86
    Location:
    Alabama
    NO! If you troll, you'll pay a toll; therefore get a hardware firewall (many routers include same) and two-way software.

    :D :)
     
Loading...
Thread Status:
Not open for further replies.