Seeking No HIPS FW that is IPv6-capable

Discussion in 'other firewalls' started by bellgamin, Jul 6, 2011.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. Heimdall

    Heimdall Registered Member

    Joined:
    Jul 29, 2009
    Posts:
    185
    Iptables is a kernel module, so the answer, I'm afraid, is no.


    Unfortunately, there's a dearth of free ipv6 capable firewalls on the market, especially those without the added featurecreep, and of those that are available, the implementation usually leaves a lot to be desired.

    For XP, even though you have issues with the company, CIS (Comodo) has a reasonable ipv6 implementation and you can disable/not install the bits you don't want. The only problem with the CIS ipv6 implementation is the ICMPv6 filtering. Right now, it's broken, so you either filter all icmpv6 out or you let it all in. However, that's not as bad as it sounds, as ipv6 has a much greater reliance on icmp than ipv4.

    Last time I looked a Zone alarm, basically ipv6 support was on or off, but you couldn't do much with it configuration wise, maybe that's changed.

    Outpost free has a fairly good ipv6 implementation and most of the unwanted items can be disabled. But the installer package is 90+MB...
     
    Heimdall, Jul 6, 2011
    #26
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    This looks interesting, however, not much development for some time now. Although it does appear that development continues as of recently:

    http://wipfw.sourceforge.net/index.html
     
    Kerodo, Jul 6, 2011
    #27
  3. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK

    Yes, as linked to by Kerodo above, but the last time I checked, it would only filter IPV4.


    - Stem
     
    Stem, Jul 7, 2011
    #28
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    Yes, that's what I noticed too. Perhaps they're working on IPv6 now, but one would have to ask to be sure...
     
    Kerodo, Jul 7, 2011
    #29
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That does look interesting. If they get IPv6 implemented properly, it looks like something I could use, at least on one OS. IP tables look like they'll be a learning experience of their own for someone who has been used to firewalls like Kerio.
     
    noone_particular, Jul 9, 2011
    #30
  6. wat0114

    wat0114 Guest

    Ultimately, Sir bellgamin, your present best bet is to invest in Windows 7 and use the inimitable Windows firewall with advanced security :)
     
    wat0114, Jul 10, 2011
    #31
  7. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    Fancy features on firewalls. Do we need them? Firewalls must be configured as minimally as possible, to minimize risks. And if risks do not
    exist, why run a firewall?
    I mean just think the following things when you set up your security

    All programs are buggy
    Large programs are even buggier than their size would indicate.
    Exposed machines should run as few programs as possible; the ones that are run
    should be as small as possible.
    reject everything, unless you have explicitly made the choice—and accepted the risk—to permit it.
     
    Spooony, Jul 10, 2011
    #32
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...