Firewall to use with NOD32?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hello folks,

What would be the best low-resource but comprehensive FW to use with
NOD32? I believe NOD's site recommends Outpost. I know different
people have their prefs, but I've been looking at "Look 'n Stop" or
"Outpost" or some other. Thanks for your input!

Re: Firewall to use with NOD32?

On Sun, 30 Apr 2006 21:39:44 GMT newswatcher wrote:

Quoted text here. Click to load it
I like ZoneAlarm free, <http://tinyurl.com/kzq .  It uses 2,760K memory and
zero CPU cycles in the monitoring mode.
--
Ernie B.

Communication:  The art of moving an idea from one mind to another,
hopefully without distortion.

Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it

A packet filtering FW router that can stop outbound. The router doesn't
use any resources, since it's a standalone device that doesn't run with
the O/S. A host based packet filter such as Outpost or others are not
FW(s) as they don't separate two networks. The network it's protecting
from usually that Internet and the network it's protecting the LAN.

Duane :)


Re: Firewall to use with NOD32?

So specifically what would be a "packet filtering FW router" app?
I'm just investigating so I don't know all the terms.

Thanks! Duane

On Sun, 30 Apr 2006 22:33:17 GMT, Duane Arnold

Quoted text here. Click to load it


Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it


For example, I have a Check Point 500W UTM. It sits between my modem and
my computers. It's highly configurable and protects my systems from
unauthorized intrusions.

Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it

It's a NAT router in your case. You should get one that's ICSA certified
that has a syslog that you can use something like Wallwatcher (free) or
Kwiw Syslog Daemon (free) so you can watch traffic. It should be able to
stop outbound traffic from a machine by setting packet filtering rules
for inbound or outbound traffic, if you find a dubious remote IP being
contacted you can stop the traffic to the remote Internet/IP.

http://www.homenethelp.com/web/explain/about-NAT.asp

Netgear makes a ICSA certified packet filtering FW router, which you can
get for under $100 or less than that with rebate.

If you want to know more about FW(s) host based or appliances -- not
personal FW(s) or personal packet filters, then here you go.

http://www.firewall-software.com/firewall_faqs/what_is_a_firewall.html
http://www.more.net/technical/netserv/tcpip/firewalls /

Duane :)


Re: Firewall to use with NOD32?

I might mention I'm not on broadband, dialup (yes, I know,
archaic...)...

On Sun, 30 Apr 2006 22:33:17 GMT, Duane Arnold

Quoted text here. Click to load it


Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it

Dial-up NAT routers are rare. In your case, someone will have to
recommend a PFW/machine level packet filter solution to you. I am forced
to use one on this XP laptop while on the road as  I am using on dial-up
right now. But I cannot recommend a PFW/machine level packet filter
solution to you -- none.

Sorry!

Duane :)

Re: Firewall to use with NOD32?

On Mon, 01 May 2006 01:53:19 GMT, Duane Arnold

Quoted text here. Click to load it

So ALL the FW apps out there are useless? Outpost, Kerio, ZoneAlarm,
i.e. ALL app based machine-based programs are defenseless and cannot
be used by PC users.

I am confused, sorry...

Quoted text here. Click to load it


Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it

let's set the record straight - duane pretty much refuses to call
anything a firewall unless it's an external hardware appliance (and
sometimes even then he's resistant)... those programs you reference are
not what he's talking about when he refers to routers (which are
hardware appliances) but rather they're what he's talking about when he
refers to PFW...

he can't recommend a (P)ersonal (F)ire(W)all to you because he isn't
familiar enough with them...

personally, i like kerio, although with your lack familiarity with the
subject you may wish to use zonealarm (it's often referred to as the AOL
of personal firewalls)... i don't think there's anything wrong with
starting with an easier program and working your way up if/when you need
something more...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Firewall to use with NOD32?

Thanks for your advice, kurt. Appreciate it. I'm just a single PC
person, no network, and wanting a PFW.

wrote:

Quoted text here. Click to load it


Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it

Well lets do set the record straight. I know a great deal about PFW's or
machine level packet filters running on the MS platform, as I have tried
them all at one point or another as they can easily be circumvented and
defeated, because it runs with the O/S. And because most users of the MS
O/S cannot even secure the NT based O/S, then that makes PFW(s) suspect
as they run with them too.

It's just that I don't recommend PFW(s) to anyone as I don't consider
them FW(s). I do consider them for the most part as software running  a
lot of junk trying to protect you from *you*.

They can and do get taken out by malware. I saw that just the other day
  in 24hours as malware hit the machine and took out the little PFW and
the AV and any online AV the OP tried to run, which I helped the poster
recover and save his machine as he was on the path to wiping out the NT
based machine.

I do recommend a host based network FW solution that uses two Network
Interface Cards one that faces the Internet connected to the modem and
one that's facing the LAN, with the O/S being secured.

Yes, my first choice would be to use a router as they are stand alone
devices and some routers. However, some routers are not FW solutions and
anyone with any FW expertise will tell you that it's plain and simple.
And if you can afford to get one, then I would recommend a FW appliance.

Neither one on the solutions run with the O/S and therefore, they cannot
be taken out like a PFW that runs with the O/S, which most home users
don't even know how to secure the NT based O/S.

What I will recommend for you to do with a machine that's running a PFW
and has a direct connection to the Internet is secure the NT based O/S
as much as possible, like removing MS File and Print Sharing off the
dialup interface and other such things on the NT based O/S and secure
the O/S.

http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

What I will recommend that you do is supplement the PFW solution on the
machine with IPSec that can be used to supplement and protect the
machine in case the PFW solution is taken out. However, the XP Home
edition doesn't have the GUI like XP Pro or Win 2K but you can control
IPsec from the command line on XP Home.

I like IPsec very much and use it to supplement the PFW on this laptop I
am using on the dial-up connection right now.

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm
http://support.microsoft.com/kb/813878

I just love it when someone will try to make some kind of comment on
others as to what they think someone knows or doesn't know, which only
happens in lunatic and troll heaven 24hours and this NG that *clowns*
usually out of Europe run around trying to make comments about others,
when they don't know.  ;-)

Duane :)

Quoted text here. Click to load it

:
Quoted text here. Click to load it

Re: Firewall to use with NOD32?

Thanks, Duane. I do appreciate your time, advice, and links.
Best....

On Mon, 01 May 2006 12:51:17 GMT, Duane Arnold

Quoted text here. Click to load it


Re: Firewall to use with NOD32?

newswatcher wrote:
Quoted text here. Click to load it

You're welcomed and go to where you're supposed to go which is to the
O/S and secure it and don't depend upon the PFW solution like some kind
of crutch, with a direct connection to the Internet.

If you can, you should supplement the PFW with IPsec, which I
implemented the AnalogX policy rules and made my adjustments to it. You
should be able to do the same on XP Home by implementing the IPsec SP2
tools, which I don't have to do as I use the IPsec GUI on XP Pro.

Here is another link for you. You should look around on the machine with
the tools in the link and see what is happening for yourself from time
to time and don't depend upon that PFW to tell you what is happening
like a crutch that can be easily circumvented and defeated.

Other than that and if you can, you should put the machine behind the
protection of cheap NAT router, which you can be supplemented with a
host based packet filter like ZA, IPsec or others that can stop inbound
or outbound to/from the machine.

Again, IPsec is only a supplemental solution.

Long

http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html

Short

http://tinyurl.com/klw1

The buck stops at the O/S and not some PFW or AV solution.

BTW, I use NOD32 on all my Windows NT based machines. ;-)

Duane :)

Re: Firewall to use with NOD32?

kurt wismer wrote:
Quoted text here. Click to load it

I had some respect for you but you have blown up the bridge again and
now you are trash again.

Duane :(

Re: Firewall to use with NOD32?

Duane Arnold > wrote:
Quoted text here. Click to load it
[snip]
Quoted text here. Click to load it

that wasn't my intention, duane... you said you couldn't recommend one,
that someone else would have to recommend one and that the only reason
you use one now is because you're forced to...

if you're ok with someone else recommending a pwf to him but can't do so
yourself, to me that "can't" sounds like "unable" not "unwilling"...
--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Firewall to use with NOD32?

kurt wismer wrote:
Quoted text here. Click to load it

It was not that I can't do anything or unable to do anything. But
rather, I don't respect them anymore and I have moved past the PFW stage.

However, when forced to use one because I have no other choice like on
this dial-up, which I am not buying a router for that as I am on the
move, or connecting to a LAN that's not my home network LAN, then I will
use one.

Other than that, I have no use for a PFW solution and I won't recommend
one of them to anyone.

Maybe, this was a mis-understanding and you're not trash. ;-)

Duane :)

Re: Firewall to use with NOD32?

On Mon, 01 May 2006 03:10:00 GMT, newswatcher

Quoted text here. Click to load it

For your purpose,  I suggest the free version of Sygate:

http://www.simtel.net/product.download.mirrors.php?id=53687

You should not find anything confusing or complicated about using it
in your situation. You will have no rules to set. It's a simple matter
to check "Allow" when your legit internet apps are invoked, and that's
it. Sygate has a terrific traffic log, which you might find
educational as well as useful.

Art
http://home.epix.net/~artnpeg


Re: Firewall to use with NOD32?



Quoted text here. Click to load it

Not useless, but they aren't really firewalls because they don't sit
"between" two networks thus compartmentalizing them. They have
the feature set of some firewalls (sans firewalling) which can still be
useful to you for controlling traffic such as control of what applications
you want to allow to access the internet.

Quoted text here. Click to load it

The PFW can't see traffic that isn't already on the machine and thus cannot hope
to prevent that traffic from reaching the machine. It's like having an armed
guard
to prevent intruders from entering your home - stationed in the upstairs
bathroom.

Quoted text here. Click to load it

You think you're confused now, wait until the PFW you end up with
starts alerting you to the presence of internet noise attacks. :))



Re: Firewall to use with NOD32?

edgewalker wrote:
Quoted text here. Click to load it

I like that part about the guard in the bathroom. And the guard is on
the tolit reading the news paper too. LOL

Duane :)

Site Timeline