ITShield firewall, a wonderful firewall

Discussion in 'other firewalls' started by Jason, May 30, 2003.

Thread Status:
Not open for further replies.
  1. Jason

    Jason Guest

    ITShield Networks Inc. (http://www.itshield.com) released a wonderful firewall. It is very easy to install and manage, and generates a descriptive log. ITShield firewall is totally different from the Stateful Inspection firewalls, such as IPCHAINS/IPTABLES and CheckPoint.

    ITShield Firewall, a transparent firewall, contains the advantages of all three critical firewall architectures - packet-filtering, Stateful Inspection, and application gateway firewall. By using some advanced technologies, ITShield Firewall can handle more than 5000 TCP sessions, unlimited UDP sessions, and unlimited IP sessions at application-level in parallel. Because application proxy provides the highest level of security and flexibility, ITShield Firewall handles all the sessions in application-level by default. Furthermore, ITShield Firewall can drop the unwanted requests at packet level. If the high-speed network traffic keeps the firewall very busy, the administrator can enable Stateful Inspection.

    ITShield firewall supports IPSEC VPN and PPTP VPN. They are very easy to set up. It also provides user authentication so that you are still safe to use ftp and telnet to access your internal resources.

    ITShield firewall provides a secure remote administration tool so that you can manage the firewall from the unsecure network - Internet.
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Jason

    Is this something you have used? If so, in what environment: business, home?

    Having taken a quick look at the site, ITShield would appear to be a fairly new product and still in development. "You can use ITShield Firewall V0.92 for free before Jan 1, 2004. Maybe ITShield Firewall will be free for a longer time."

    This product looks to be targeted for business use on a network. In addition to basic firewall it can define users and has application level proxies. The available administration user guide mentions using Websense technology in it's application proxies. Do you know if it is this Websense?

    From the Websense site:
    "Websense Enterprise v5 is the world's leading employee Internet management (EIM) software solution for managing employee use of computing resources, ranging from Internet access to desktop application use. Implemented by more than 18,100 organizations worldwide, and preferred by the Fortune 500, Websense Enterprise delivers a comprehensive software solution that analyzes, manages and reports on employee Internet access, network activity, software application use and bandwidth utilization."

    It does not appear to be something for the average home user, but anyone interested in a enterprise/network solution might want to take a look at it.

    Regards,

    CrazyM
     
  3. Patrice

    Patrice Registered Member

    Joined:
    Apr 15, 2003
    Posts:
    571
    Location:
    Antarctica
    Don't know, perhaps I'm wrong, but this sounds like an advertisement to me... :doubt:

    Regards,

    Patrice
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Perhaps, we will see if Jason comes back to discuss it's merits further.

    Regards,

    CrazyM
     
  5. Frank

    Frank Guest

    At home I am using ITShield firewall which connects to Internet via cable. Yes, the installation procedure and fwadmin do not support me to configure one of NICs to use DHCP. But I configured it to use DHCP manually, and it works fine.

    From the firewall log file, I noticed that my W2k machines tried to connect to 66.78.45.73/6667/TCP every 30 seconds. I used proxy_irc to handle the traffic. proxy_irc complained. Finally, I blocked it, and my PC still worked fine.

    Could someone tell me why my W2k connects to 66.78.45.73/6667/TCP constantly?
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Frank

    I have never used ITShield, but a couple of questions re your issue:

    Could this be the proxy_irc portion of ITShield trying to establish a connection to enable it to monitor that type of traffic on your system?

    If not, do you know the application that was trying to make the connection?
    If the firewall does not provide this information try using a port mapper:
    Port Explorer
    Vision
    Active Ports

    Regards,

    CrazyM
     
  7. Wox

    Wox Registered Member

    Joined:
    Jun 30, 2003
    Posts:
    9
    It looks like that outgoing connection on your win2k box may be a nasty, as alot of worms and trojans especially try to connect to an IRC server to communicate with the author. Port 6667 is IRC.

    Try scanning with :
    http://housecall.trendmicro.com

    And if that doesn't find anything/work out right :

    http://www.pandasoftware.com Find 'ActiveScan'.
     
  8. Jason

    Jason Guest

    ITShield Firewall V1.0 is released. The following enhancements have been introduced since Version 0.92:
    1. The firewall allows some buggy HTTP POST request. Certain buggy HTTP/1.0 client implementations generate extra CRLF's after a POST request, and certain HTTP servers require it.

    2. The firewall supports broadcast so that dhcp server can run on the firewall. With the built-in dhcpd, you do not need to define subnets for unnecessary interfaces.
     
Loading...
Thread Status:
Not open for further replies.