List of Free Firewalls

Discussion in 'other firewalls' started by AJohn, Dec 7, 2004.

Thread Status:
Not open for further replies.
  1. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
  2. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    You sound like Bill Gates

    This is a free firewall thread, lets keep it that way :D
     
    Last edited: Dec 11, 2004
  3. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    lol - but this is true - "free firewalls" are the subject. Let's keep to those as far as this thread is concerned!
     
  4. Jazzie1

    Jazzie1 Registered Member

    Joined:
    Dec 5, 2003
    Posts:
    174
    Hi all!
    Thanx Ajohn for posting this! The documentation is mainly for 8signs firewall, but could be adapted and used with CHX-I, Check Point, Pix firewall and a few others... Here is a link to where both my examples and readme documentation are!!

    SSC

    CU
    Jazzie
     
  5. synapse

    synapse Registered Member

    Joined:
    Oct 31, 2004
    Posts:
    50
    i mean i didnt crack it lol, i just got a serial from my brother who has bought it, is that still illegal?
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    If you're brother put it on his machine, and you're using his serial to put it on your machine, then that's most likely illegal, yep...

    Wrong place for this discussion too.. as previously mentioned...
     
  7. synapse

    synapse Registered Member

    Joined:
    Oct 31, 2004
    Posts:
    50
    .............. how is that illegal when i am using a bought version?
     
  8. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    [size=-2]When you purchase something it is per X amount of users. It must be a good thing that your bro purchased the 2 Users - $92.40 license.[/size]
    End of the crack/warez/script kiddie discusion.

    Does anyone have any comments/suggestions on the free firewalls I have posted? I would be glad to see ones that I missed being posted here.
     
  9. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Added new Network IDS -Pure Secure:

    http://www.demarc.com/products/puresecure/personal/

    Commercial product that's free for personal use, highly recommend this to anyone who likes having a pretty GUI for snort... i got it working with IIS in about 5 min. It is web-based and runs as a service... If anything, check out the url above.
     
    Last edited: Dec 10, 2004
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    I know nothing about snort. Is this something that will work somehow in conjunction with CHX-I?
     
  11. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Snort is an open source Intrustion Detection System (www.snort.org)
    Although Snort is great, it is only able to detect intrusions, but with the help of a program called SnortSam (www.snortsam.net) you can also stop them. SnortSam has just recently been able to be used with CHX-I and 8Signs. Jazzie has a great how-to on setting up snort/snortsam/8signs and there would be little change to make it work with CHX-I.
     
  12. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Thanks again.. I'll check it out..
     
  13. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Last edited: Dec 11, 2004
  14. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    AJohn,

    Just curious. Do we really need to an IDS if we are

    i) not running a server and/ or
    ii) behind a router.

    Thanks for the list although I am mighty tired of learning to set up new firewalls. Takes a lot of figuring out sometimes.
     
  15. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    That depends on you :)

    I choose to use an IDS because it is nice to have as a backup. I am behind a router and have my firewall(s) running along with it. I suppose you really do not 'need' one, but why not? I always think of ways to have maximum security with little effort and having an IDS as a backup is good when you are playing online games that you are not so sure about. I have been configuring Snort to work with SnortSam and tell CHX-I to block intrusions so really my IDS will be an IPS as well :D
     
  16. synapse

    synapse Registered Member

    Joined:
    Oct 31, 2004
    Posts:
    50
    k sorry ajohn that i was out of line and out of topic,

    back on topic: (talking about the free version) is zonealarm good for IDS?
     
  17. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    It has been years since I have used Zone Alarm, but from what I can gather from there website, ZAP is not a true IDS. Sygate however does have a built in IDS but it is not configurable and you for the most part cannot even see the rules. I doubt home users really 'need' an Intrustion Detection System for the most part, I am just paranoid.
     
  18. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    AJohn, I was just looking around here trying to figure out how CHX-I runs. I don't see any service installed, and nothing in my startup stuff, so how does it work? I just see some kind of "hook" in my system event viewer that says "Started OK", and a few files in Program Files (*.msc). Interesting... I've never seen anything like this before. I'm running Win2k here..
     
  19. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    You should see "CHX-I Remote Management Server Service" under Control Panel\Administrative Tools\Services

    By default CHX-I should have put an icon on your desktop that allows you to configure it. If you already know that and are asking exactly how it runs you should check this out: http://www.idrci.net/products/spf/spfqt.html

    Basically CHX-I runs as a service and uses the Microsoft Management Console (MMC).

    I have never used Win2K, only used CHX-I on WinXP.

    Sidenote for anyone running Snort on a single desktop with a Wireless Network Interface Card like the LinkSys WMP54G: you may not be able to run your NIC under promiscuous mode and can resolve this by running snort with the added command -p

    Took me a while to figure this out when I installed Snort on the PC I am on now ;\
     
  20. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    Ok, I see the Remote Mgmt Server Service in Services. It's on Manual. I guess it uses MMC and that's what I was after. I don't know much about MMC, but that's probably what does it. Thanks...
     
  21. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    You can also configure the Service from the CHX-I Management Console under Service Status, how do you like CHX-I so far? It is the most complete and lightest packet filter I have ever used. Have you found the Interface Properties of your Network Card yet? If you want to have full stealth then I believe you need to enable TCP, UDP, ICMP statefull options and probably also Deny all incoming fragmented packets and maybe even Deny all TCP packets containing CWR, ECE flags. I have them all enabled and have full stealth results from GRC and others, but I have not tested it with other options.
     
  22. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    So far I love it. It's the best firewall/packet filter I've seen too. I have the Interface Properties all set up and I get full stealth on grc also. I have not set the Deny fragmented packets yet though. I understand that CHX-I does a good analysis of incoming fragments, so I figured it wasn't necessary. I might enable the Deny TPC CWR/ECE flags though.

    I was just playing with some registry settings to try to change the UDP stateful timeout value. I was trying to see if I could get CHX-I to stop accepting incoming late DNS packets from my DNS servers. When late ones come in, I then see an outbound ICMP type 3, code 3 (port unreachable) going outbound back to the DNS servers and I wanted to see if I could get it to stop that. So far, the only firewall that sucessfully stops these late incoming DNS packets is Jetico. I see no outbound type 3 with Jetico. I can only assume that it's something to do with the stateful UDP timeout.
     
  23. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    A good place to ask questions about stuff like above would be the CHX-I thread over at SSC: http://www.fluxgfx.com/ssc/forumdisplay.php?f=23

    Stefan, a CHX-I developer along with other CHX-I users go there and you might have a good responce. I dont have problems with outbound type 3 so I dont think I can help.

    Here is a SS of Demarc PureSecure detecting some things while running the GRC port scan (probably would have picked up more, but I had CHX-I on):
     

    Attached Files:

    • y0.JPG
      y0.JPG
      File size:
      100 KB
      Views:
      1,423
    Last edited: Dec 12, 2004
  24. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,988
    PureSecure looks interesting.. :)

    As far as that ICMP Type 3 stuff goes, it's not really a problem, just a curiosity.. There's no security threat from my DNS servers, so it's nothing to worry about. It happens with most firewalls and is quite common. At any rate, I"ve set everything back to the defaults and all is well...
     
  25. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Did I mention PureSecure can monitor files for changes as well?
    It also can automatically update your snort definitions and much more :D
     
    Last edited: Dec 12, 2004
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.