What is the best type of firewall for file-sharing?

Discussion in 'other firewalls' started by Avec, Dec 19, 2005.

Thread Status:
Not open for further replies.
  1. Avec

    Avec Guest

    Hi, I was wondering what would be a good firewall for using bitorrent?
     
  2. Arup

    Arup Guest

    Are you behind a router? You need the lightest running firewall, preferably inbond only if you intend to do heavy torrenting with over 500 tcp connections open.
     
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Just forget ZoneAlarm and its deivates. Other than this one should work just fine.
     
  4. Hyperion

    Hyperion Registered Member

    Joined:
    Sep 29, 2003
    Posts:
    302
    Sygate 5.5.2710 or Kerio 2.They both allow max speeds and don't crash.
     
  5. NoHolyGrail

    NoHolyGrail Registered Member

    Joined:
    Nov 14, 2005
    Posts:
    46
    Does using P2P require any sort of protection other than exercising care with the files you download?
     
  6. Avec

    Avec Guest

    Hi,

    I have used ZoneAlarm and Sygate but never for file sharing! McAfee and Norton seem ok as far as I can tell, i have also used older versions of Anti-Hacker not very good in my limited experience, A
     
  7. Arup

    Arup Guest

    Peer Guardian with Anti P2P filter would give you a level of protection from the prying eyes of MPAA and RIAA to an extent, also keep other nasty IP's out.
     
  8. POS

    POS Guest

    Why not ZA for P2P?
     
  9. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    It crashes with the amount of TCP connections needed for P2P. Or at least it consume too much memory and/or interferes with data transmissions that will either lose the connection or lock up the system.
     
  10. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    Most of the problems have been fixed especially in version 6.1. I'll quote the related fixes

    http://download.zonelabs.com/bin/free/information/zap/releaseHistory.html#6.1.737.000

    # Fixed - High vsmon CPU usage
    # Fixed - System stability issues
    # Fixed - Various other bug fixes
     
  11. Arup

    Arup Guest

    P2P is bane of all firewalls and routers, only good light inbound ones like CHX can survive 500+ connections without breaking sweat, or you have to get a Linux box with firewall. For hardware routers, only the top of the line D-Link Game Fuel series or Zyxel 500 with ability to handle 16000 connections can do justice to P2P and online gaming.
     
  12. isnogood

    isnogood Registered Member

    Joined:
    Sep 22, 2004
    Posts:
    83
    Location:
    France
    For hardware, you may also check Trendnet TEW-611BRP, cheaper than D-Link and Zyxel. It has the same Atheros Wifi chip, but not the same routing (wired) hardware. Nevertheless, it announces support of 4000 parallel NAT sessions, which should be sufficient for P2P.

    isnogood
     
  13. Avec

    Avec Guest

  14. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    A router works best. If you don't have one, CHX-1 does a nice job as it will not bog down with hundreds of connections.
     
  15. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    is LnS good for p2p? cuz thats what i have now
     
  16. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
  17. .....

    ..... Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    312
    If you have no problems with P2P and it its fine ;) . I found it ok aslong as SPI wasn't enabled.
     
  18. Hyperion

    Hyperion Registered Member

    Joined:
    Sep 29, 2003
    Posts:
    302
    I agree.It still fails the UDP test.But at least now it is usable.But you do lose some speed.
     
  19. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    If you still have high usage, you should contact ZL's tech support so that they see where the problem lies for computers with your type of setup. Many people complained on the ZA forums about high usage when using P2P programs for version 5.5 but I haven't seen any since version 6.0 and 6.1 was released.
     
  20. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    I agree that ZA still blocks some UDP connections but I know its not all because DHT for my BT programs still works fine meaning that not not all UDP connections are blocked. I am not sure if ZL is aware of the issue but you can certainly help report it to them.
     
  21. charincol

    charincol Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    113
    For my router, I have an old box running a *BSD firewall that will handle up to 10000 connections only because it's just a 400 mhz cpu. (I understand a 1Ghz cpu would allow it to handle around 25000 connections) The most I've had it at is 6000+ connections.

    LNS works very well as long as SPI is turned off. It can also be used to return your incoming ports back to stealth automatically when you close your P2P apps. If you use a router, you have to have port forwarding enabled to get good speeds and these are considered security risks. However, your only real security risk would be any flaws your P2P apps might have.

    I have been able to max out my speeds for days nonstop using this. So far, I haven't had any nasties from heavy P2P with this combo. (Knock on wood!)
     
  22. aurgathor

    aurgathor Registered Member

    Joined:
    Jan 3, 2006
    Posts:
    2
    Location:
    Bothell, WA
    I use Freesco on an old Pentium box. It can be run from a floppy and it is capable of 16,000+ connections. I've been up to the 7000 - 8000 range running a couple of servers, and it works very well for me.
     
  23. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    I use Tiny and I'v e tried loads of FW's before Tiny. Tiny is the only one where I don't have to change ports or whatever. It just uses the port that i put in my program. Found that great!
     
  24. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    Could you explain why you think this?
    I'm using Zone Alarm free (latest) and it works perfectly well with Bitornado.
     
  25. Joliet Jake

    Joliet Jake Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    911
    Location:
    Scotland
    eMule isn't bittorrent
    .
     
Loading...
Thread Status:
Not open for further replies.