1. We suffered a brief outage this morning when our host noticed that HTF needed to be moved to a different server due to a hardware failure. That work is now complete. Please post in the feedback area if you have any issues.
    Dismiss Notice

Firewall Software

Discussion in 'Archived Threads 2001-2004' started by Gene Severn, Aug 31, 2001.

  1. Gene Severn

    Gene Severn Stunt Coordinator

    Joined:
    Jun 14, 1999
    Messages:
    77
    Likes Received:
    0
    All,
    I will soon be upgrading my home PC with a cable modem connection. The first issue that comes to mind is security. Can anyone recommend firewall software that will work??? I'm still running Windows '95...if it ain't broke, don't fix it. Thanks in advance.
    Gene
     
  2. Rob Gillespie

    Rob Gillespie Producer

    Joined:
    Aug 17, 1998
    Messages:
    3,632
    Likes Received:
    5
    Gene, hop over to www.zonelabs.com and download a copy of ZoneAlarm. Free, easy to use, configurable and it checks all incoming and outgoing traffic. You can pay the $30 licence for the Pro version if you want, but the free copy works really nicely. Short of paying out a load of money, it's probably the best you'll get.
     
  3. Iain Lambert

    Iain Lambert Screenwriter

    Joined:
    Jun 7, 1999
    Messages:
    1,345
    Likes Received:
    0
    I'll second Rob's recommendation for Zone Alarm (in fact its usually me recommending it first). Once you've done so, you might want to head over to Steve Gibson's GRC site where he has tools like Shields Up that will check to see just how vulnerable you are to attack. Even on a 56k modem I see regular attacks logged against my machine, and a friend with cable modem manages to log silly numbers of attacks, mainly against his NetBIOS (Windows sharing) and HTTP ports.
    Zone Alarm is almost childishly simple to set up; you just install it and set it running, and then any time a new program on your machine wants to use the net a dialogue box pops up asking you if from now on you want to let it access automatically, ask each time or deny it always. Any port not explicitly opened by a server program just plain doesn't exist as far as the outside world goes.
    (edit- fixed the url)
    [Edited last by Iain Lambert on August 31, 2001 at 09:54 AM]
     
  4. Bill Catherall

    Bill Catherall Screenwriter

    Joined:
    Aug 1, 1997
    Messages:
    1,560
    Likes Received:
    0
    I've heard reports that Zone Alarm is difficult to uninstall if you later want to remove it to install something else. Any truth to this?
    ------------------
    Bill [​IMG]
    [​IMG]
     
  5. Rob Gillespie

    Rob Gillespie Producer

    Joined:
    Aug 17, 1998
    Messages:
    3,632
    Likes Received:
    5
    I haven't heard that myself Bill. What was the cause of the problems? I've never deinstalled ZA (never had cause to).
    There are two parts to ZA. There is the application itself and the TrueVector process which runs underneath.
    ------------------
    [​IMG]
    "One does not simply walk into Mordor."
    Rob's Place
     
  6. Bill Catherall

    Bill Catherall Screenwriter

    Joined:
    Aug 1, 1997
    Messages:
    1,560
    Likes Received:
    0
    I can't remember the details of what I read. Basically, the guy was trying to install a purchased firewall and was having problems uninstalling Zone Alarm. After uninstall it continued to create errors with the new software. Somebody then confirmed that Zone Alarm had uninstall problems. Since it was just the one incident and one confirmation, I took it with a grain of salt. Everybody still swears by Zone Alarm, but I still have that one incident in the back of my mind haunting me. I guess if I do run into a potential problem like that then I can just clean out the computer and start over. Not likely to happen, but I don't really mind doing it.
    One even bigger concern I have is how the warnings manifest themselves. When someone is scanning your ports, is it just logged in a text file or does a message box pop up? The reason I ask is because my cable modem network is still infected with the Code Red Worm. The cable modem activity lights are constantly blinking even though there's no activity on my end. Even when the computer is turned off. So I'm wondering if it will really hamper my use if I'm going to be constantly closing warning boxes from being scanned by the worm.
    Also, can the firewall be configured to stop Javascript pop up windows?
    ------------------
    Bill [​IMG]
    [​IMG]
    [Edited last by Bill Catherall on August 31, 2001 at 12:25 PM]
     
  7. Rob Gillespie

    Rob Gillespie Producer

    Joined:
    Aug 17, 1998
    Messages:
    3,632
    Likes Received:
    5
     
  8. Shayne Lebrun

    Shayne Lebrun Screenwriter

    Joined:
    Jun 17, 1999
    Messages:
    1,086
    Likes Received:
    0
    Don't listen to Steve Gibson. He's an idiot. www.grcsucks.com is a good place to check. :)
    As to firewalling, I'd suggest a hardware solution, such as a linksys or SMC. I use the linksys 4 port, myself, which does NAT, portforwarding and firewalling.
     
  9. todbnla

    todbnla Screenwriter

    Joined:
    Oct 17, 1999
    Messages:
    1,514
    Likes Received:
    0
    Location:
    39466
    Real Name:
    Todd
    Another happy user of Zone Alarm here too [​IMG]
    I dont consider any of my data important enought to spend money on hardware beacause I keep all important files on zip discs. This program works fine for me.
    ------------------
    Regards,
    Todd

    My HT
     
  10. Vince Maskeeper

    Vince Maskeeper Producer

    Joined:
    Jan 18, 1999
    Messages:
    6,499
    Likes Received:
    0
    Guys,
    I have 2 questions:
    1) I am running roadrunner and Win98 internet connection sharing on my network. I have one PC working as a "router" essentially, routing internet access to sub-IPs via the ICS system built into windows.
    The main machine is the only directly connected to roadrunner, and it contains no info or files other than a copy of win 98 (it really works as a dedicated router doing nothing else).
    Do I still need firewall protection? I've read mixed reviews on if people could access sub-IP machines within the network from the main machine.
    2) If I do need a firewall of some sort, so I need to run it on the client machines or on the one connected to the net, or both? I'd love to try out zone alarm, or even buy the pro version- but I don't know if it should run on the router in my config, or on the individual machines, or maybe both... and whats more I'm not sure if I need it in the first place.
    I've tried to be scanned from my machine on sites like Shield Up and Hacker Whacker, but my IP comes up as invalid becuase it is a LAN IP from within the network; both then give me a blurb saying I'm probably not venurable to attack...
    -Vince
    ------------------
    http://www.musicianassist.com
    AIM: VinceMaskeeper
    Interested in moving into FRONT PROJECTION with huge 6-10 foot widescreen? Buy my whole HDTV-ready CRT based front projection system delivered, cheap! Click here
    [Edited last by Vince Maskeeper on August 31, 2001 at 06:15 PM]
     
  11. Bill Catherall

    Bill Catherall Screenwriter

    Joined:
    Aug 1, 1997
    Messages:
    1,560
    Likes Received:
    0
    Well, I just set up ZoneAlarm. Yes, that was easy. Thanks everyone.
    ------------------
    Bill [​IMG]
    [​IMG]
     
  12. Rob FM

    Rob FM Second Unit

    Joined:
    Jan 15, 2001
    Messages:
    471
    Likes Received:
    0
    Real Name:
    R
    .
     
  13. Dominik Droscher

    Dominik Droscher Supporting Actor

    Joined:
    Sep 11, 2000
    Messages:
    531
    Likes Received:
    0
    Another vote for Tiny Personal Firewall. It may not be easier than Zone Alarm but it is a lot more configurable. It is also free for non-commercial use (no ads).
    ------------------
    -Dominik Dröscher ICQ: 25318265
    "Quis custodiet ipsos custodes."
     
  14. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0
    Until a few days ago I would have suggested Sygate Personal Firewall. It walks all over Zonealarm (the free version at least) and even Tiny Firewall when it comes to configurability etc. Unfortunately, it doesn't seem to be working quite right for me when playing online games. It induced choppy traffic and problems when I tried to run Counterstrike. It is however better in all other respects (IMHO obviously) and when I have time I will look into getting it to work right for me. Available free for personal use from http://www.sygate.com http://www.tinysoftware.com
    Either will do the job, I'm sure.
    As for stopping Javascripts, popups and ads I would suggest Webwasher, at http://www.webwasher.com
    ------------------
    /Kimmo
     
  15. Shayne Lebrun

    Shayne Lebrun Screenwriter

    Joined:
    Jun 17, 1999
    Messages:
    1,086
    Likes Received:
    0
    Vince,
    I'm assuming by 'sub-IP' you mean a private IP range; 10.x.x.x, 192.168.x.x, 172.16.0.x and so on. If so, no, somebody cannot access an internal machine directly, but if they root your router, they can then use it to gain access to your internal network.
     

Share This Page