Author Topic: What firewall? (Read 1244 times)

DES · « **on:** November 18, 2001, 10:18:00 AM »

What is an AH friendly firewall? I was running zonealarm but I couldn't give AH permision to connect with the most recent update. Had to keep rebooting and the blind Y didn't work. I have Tiny's personal running now but the thing keeps dropping me to the desktop asking permision for conect when I get port probe's, usaully at the most inopertune times.
DES

capt. apathy · « **Reply #1 on:** November 18, 2001, 01:04:00 PM »

i haven't had or heard of any problems with 'black ice'

DES · « **Reply #2 on:** November 18, 2001, 06:56:00 PM »

Wanted to follow up, I've dowloaded Zonealarm Pro trial version and that seems to work great. I guess you get what you pay for

I guess I'll be buying the pro version instead of running the free one.
DES

214thCavalier · « **Reply #3 on:** November 18, 2001, 08:31:00 PM »

ZA Pro is much better than the freebie option, you have much more control on how it handles programs.
Blackice ? last i heard it was a poor exscuse for a firewall.
http://grc.com/lt/leaktest.htm

capt. apathy · « **Reply #4 on:** November 18, 2001, 09:54:00 PM »

[ 11-18-2001: Message edited by: capt. apathy ]

Goner · « **Reply #5 on:** November 19, 2001, 06:12:00 AM »

Blackice ? last i heard it was a poor exscuse for a firewall.
http://grc.com/lt/leaktest.htm

LOL, grc.com is not execatly the right pace to hear unbiased opinion on BlackICE ...

i'm using BlackICE and it's great ... IMHO of course.

Goner

[ 11-19-2001: Message edited by: Goner ]

mrsid2 · « **Reply #6 on:** November 19, 2001, 09:11:00 AM »

Goner: BlackIce doesn't control the outgoing data from your computer so it won't protect you from potential backdoors. That's it's biggest downside.

What goes for Tiny Personal Firewall, I've been using it for months now and I'm very pleased with it. I don't get port scan pop-ups probably because I've set netbios off and all printer etc. shares off. If you enable only the necessary data your computer should be more or less invisible to the net. There's also an option to report access attempt to closed ports, you should probably close that if the messages bother you.

Goner · « **Reply #7 on:** November 19, 2001, 09:23:00 AM »

Goner: BlackIce doesn't control the outgoing data from your computer so it won't protect you from potential backdoors. That's it's biggest downside.

i know it doesn't ; that's why they call BID 'intrusion detection software', not 'firewall'

i am more worried about what tries to come _in_ over the 'Net than what's going _out_ and IMHO BlackICE does a better job at that than ZA & TPF.
for the outgoing stuff i have a virus checker and AdAware ...

Goner

mrsid2 · « **Reply #8 on:** November 19, 2001, 09:44:00 AM »

Well, I used to run BlackIce and Norton FW at the same time.. And when the firewall was enabled, BlackIce didn't report any intrusion attempts. Why? Because the attackers no longer saw my computer on the net.

I still think Tiny PF controls the net traffic efficiently enough in one simple package. It tells me if some software tries to contact something without me knowing (i.e. because of a built-in backdoor) and lets me block the traffic in two clicks.

BlackIce is perfect if you want to feel paranoid with all the hackers knocking down your door.. But that's only because it intentionally leaves you visible to the attackers, selling itself remarkably since now you see a huge amount of attack reports coming.

Just my observation - you're entitled to your opinnion of course.

<S> whatever works for ya, good enough for me.

Goner · « **Reply #9 on:** November 19, 2001, 09:51:00 AM »

But that's only because it intentionally leaves you visible to the attackers,

?? that's funny ...
because all the port-checker sites on the net (incl. grc.com) tell me after all their checking, that my PC is invisible to them ...

only thing that i see on BID are the probes that the script-kiddies let loose on whole IP-ranges.
seeing probes doesn't mean im not invisible.

Goner

mrsid2 · « **Reply #10 on:** November 19, 2001, 10:00:00 AM »

Well for whatever the reason, BlackIce stoped detecting any attempts after I enabled the Norton. It became quiet enough that I finally decided to uninstall it for being useless.

Cut'n paste from grc.com:
'Eleven Months after the release of our first, simple, but effective and popular (1,876,669 downloads) LeakTest firewall testing utility, BlackICE Defender (BID) continues to "leak" — as defined by LeakTest. But a recent update to BID (version 2.9cai) was hiding this fact from its users by effectively cheating the LeakTest.

Rather than enhancing BlackICE Defender by adding the sort of application-level controls that are available even from many completely free personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent LeakTest's intended operation by adding specific awareness to BID of LeakTest's remote testing IP. '

I've read from many sources BID is not a viable choice for a single-solution FW. I have no reason to question them.

[ 11-19-2001: Message edited by: Mr RiplEy ]

K West · « **Reply #11 on:** November 19, 2001, 10:28:00 AM »

I don't use a Firewall and I'm pretty much
closed up tight on my home PC. Completely stymies the GDC.org tests

Here's how:

Go to the <B>c:\windows\system</B> directory (where c:\windows is the=
Windows directory)

Find the file named vnbt.386
Rename the file to vnbt.bak
Reboot the system

This will disable NetBIOS over TCP/IP support, which is the root of the
problem in the first place. The other parts of the NetBIOS subsystem are
left intact, which means that local area networks of which the computer
is a member of will continue to function, provided TCP/IP is not being
used for file sharing. An additional benefit to this procedure is that
no error messages are produced about unloadable registry modules. In the
event that problems are experienced, simply rename the file back to
vnbt.386

-Westy

[ 11-19-2001: Message edited by: O'Westy ]

mrsid2 · « **Reply #12 on:** November 19, 2001, 11:15:00 AM »

I wish it was that simple westy, but it's not

214thCavalier · « **Reply #13 on:** November 19, 2001, 02:41:00 PM »

Well if you guys feel so safe and happy about having no control over outward bound communications, i guess theres no point advising you to check up on spyware programs.
Commonly built into all those freeware programs available on numerous sites.
There is no limit to the amount of your personal info they could phone home with.
Personally i prefer to have direct control and stop dead any and all attempts at getting info i prefer kept private, and yes that does include my browsing history etc.
But just in case you never considerd it go here http://www.lavasoftusa.com/aaw.html#a3
and see what if anything it finds.

[ 11-19-2001: Message edited by: 214thCavalier ]

Goner · « **Reply #14 on:** November 19, 2001, 02:45:00 PM »

Quote

Originally posted by 214thCavalier:
Well if you guys feel so safe and happy about having no control over outward bound communications, i guess theres no point advising you to check up on spyware programs.

did you read my post ?!
i specifically mentioned that i'm using AdAware ... <sigh>

Goner