Pages: [1] 2
|
|
|
Author
|
Topic: Software firewall... (Read 8439 times)
|
Yegolev
Moderator
Posts: 24440
2/10 WOULD NOT INGEST
|
I used to run ZoneAlarm, which sucked more and more each update, then I tried some other undocumented piece of shit that fucked over my ports. I have decided that maybe it is time to wrap my internet-willy once again, and I am too lazy to assemble a linux rig to do this. Anyone have any suggestions?
|
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
|
|
|
WayAbvPar
|
The commercial ones (NAV, MacAfee) seem to work reasonably well. Some programs don't play nice with one or the other, but you will find that for any software firewall. I use NAV myself.
|
When speaking of the MMOG industry, the glass may be half full, but it's full of urine. HaemishM
Always wear clean underwear because you never know when a Tory Government is going to fuck you.- Ironwood
Libertarians make fun of everyone because they can't see beyond the event horizons of their own assholes Surlyboi
|
|
|
Viin
Terracotta Army
Posts: 6159
|
What's wrong with a router that has a builtin firewall?
|
- Viin
|
|
|
Samwise
Moderator
Posts: 19231
sentient yeast infection
|
You don't necessarily have to assemble a Linux rig to act as a hardware firewall. You can get one a' them little router/firewall gizmos for something like $30 nowadays.
(What Viin said.)
|
|
|
|
Yegolev
Moderator
Posts: 24440
2/10 WOULD NOT INGEST
|
You don't necessarily have to assemble a Linux rig to act as a hardware firewall. You can get one a' them little router/firewall gizmos for something like $30 nowadays.
(What Viin said.)
newegg.com FTW? I don't know anything about networking, despite the fact that I work with a corporate LAN constantly.
|
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
|
|
|
Samwise
Moderator
Posts: 19231
sentient yeast infection
|
Yeah, or even Best Buy. The things are pretty simple... you plug your cable modem into one end and your computer into the other. The firewall sits in the middle and keeps the barbarians from invading. There's generally a web-based interface that lets you configure the firewall to let certain kinds of traffic through if appropriate while blocking all others.
|
|
|
|
Pococurante
Terracotta Army
Posts: 2060
|
D-Link still considered better than Linksys?
|
|
|
|
Yegolev
Moderator
Posts: 24440
2/10 WOULD NOT INGEST
|
You know, I have a little blue Linksys box with five holes in the back that I use to connect lesser computers and my rig to the DSL modem. Wonder if I still have that manual. If it has a web interface or anything configurable, I'll have to smack myself with a blunt object for that one. You guys are a pretty helpful lot.
|
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
|
|
|
Bunk
Contributor
Posts: 5828
Operating Thetan One
|
Plug the little sucker in, open up your browser, and type in 192.168.0.1. In most cases, that will bring up your config screen.
|
"Welcome to the internet, pussy." - VDL "I have retard strength." - Schild
|
|
|
Murgos
Terracotta Army
Posts: 7474
|
Plug the little sucker in, open up your browser, and type in 192.168.0.1. In most cases, that will bring up your config screen.
Chances are the password is 'admin' Shhh, don't tell anyone.
|
"You have all recieved youre last warning. I am in the process of currently tracking all of youre ips and pinging your home adressess. you should not have commencemed a war with me" - Aaron Rayburn
|
|
|
schild
Administrator
Posts: 60345
|
My password is Money, Power or Sex. I never remember.
|
|
|
|
Shockeye
Staff Emeritus
Posts: 6668
Skinny-dippin' in a sea of Lee, I'd propose on bended knee...
|
I use a Belkin router that seems to work pretty well. I used D-Link before that with no problems and a Linksys before that which died from firmware updates. I avoid Linksys now.
|
|
|
|
Pococurante
Terracotta Army
Posts: 2060
|
I get mixed feedback but at one time the D-Link seemed to have the best reports stability. I've always bought Linksys but yeah I recently turned one into a doorstop after a firmware update. I have a wireless ISP now and get weird latency occasionally - no doubt mostly due to the analog transport.
|
|
|
|
Viin
Terracotta Army
Posts: 6159
|
I get mixed feedback but at one time the D-Link seemed to have the best reports stability. I've always bought Linksys but yeah I recently turned one into a doorstop after a firmware update. I have a wireless ISP now and get weird latency occasionally - no doubt mostly due to the analog transport.
Which wireless ISP do you use? Is it local only or one of the more national ones?
|
- Viin
|
|
|
|
Fabricated
Moderator
Posts: 8978
~Living the Dream~
|
|
"The world is populated in the main by people who should not exist." - George Bernard Shaw
|
|
|
Shockeye
Staff Emeritus
Posts: 6668
Skinny-dippin' in a sea of Lee, I'd propose on bended knee...
|
I've heard there's a firewall built-in to XP SP2.
|
|
|
|
Jayce
Terracotta Army
Posts: 2647
Diluted Fool
|
I've heard there's a firewall built-in to XP SP2.
I was going to mention that. It is pretty Zonealarm-ish in the way that it blocks apps from using the internet, but it's either doesn't work as well, or is smarter than Zonealarm. I say this because it never bothered me for the usual suspects (Firefox, IE, telnet, ftp etc) but it did for unexpected apps like the Blizzard bittorrent "thing". I use that, and a D-Link router/firewall, and I don't have any troubles (that I know of). YMMV of course.
|
Witty banter not included.
|
|
|
Trippy
Administrator
Posts: 23627
|
I've heard there's a firewall built-in to XP SP2.
Windows XP comes with firewall software -- you don't need SP2 though the SP2 version does have some enchancements that you can read about here.
|
|
|
|
sidereal
|
Kerio FTW.
Look for kerio-pf-214-en-win.exe
This is the old, free version so it shouldn't be naughty to google it down. I swear by it, even more than the later (many still free) versions.
|
THIS IS THE MOST I HAVE EVERY WANTED TO GET IN TO A BETA
|
|
|
Ookii
Staff Emeritus
Posts: 2676
is actually Trippy
|
|
|
|
|
Yegolev
Moderator
Posts: 24440
2/10 WOULD NOT INGEST
|
I've heard there's a firewall built-in to XP SP2.
STAB
|
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
|
|
|
Yegolev
Moderator
Posts: 24440
2/10 WOULD NOT INGEST
|
Are those towns or vocabulary words?
|
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
|
|
|
|
Alkiera
Terracotta Army
Posts: 1556
The best part of SWG was the easy account cancellation process.
|
I use the firewall in my router as well.
If you have such a thing, the only reason you need a software one on your machine is to prevent outgoing connections(a la zonealarm, where every app that wants to talk to the outside world must be okay'd), or if you feel your roommates/family will be remotely hacking into your PC.
The only possible function zonealarm style outgoing traffic prevention provides is vs. trojan spyware/controlware, where the naughty app logs onto a server somewhere(typically a private IRC channel) and says it's awake, so the script kiddie can go to the channel and command the hoard of machines they've compromised. And really, those aren't as common as you'd think, assuming you aren't an idiot about what you download and execute on your machine, or are just incredibly unlucky.
IMHO, just run something like Spybot S&D or something every few months, or if your system feels odd, and save having to click 'yes, let my web-browser access the internet' 'yes, let my IM program access the internet' 'yes, let my online game access the internet' all the freakin time... especially the games and MMOs, due to patching making the 'always allow' practically worthless.
Alkiera.
|
"[I could] become the world's preeminent MMO class action attorney. I could be the lawyer EVEN AMBULANCE CHASERS LAUGH AT. " --Triforcer
Welcome to the internet. You have the right to remain silent. Anything you say can and will be used as evidence against you in a character assassination on Slashdot.
|
|
|
hectorvictorious
Terracotta Army
Posts: 14
|
What's wrong with a router that has a builtin firewall?
Are there specific routers that have "firewalls?" How is this different from a regular nat router? I've heard the phrase "router with firewall" before and it always seemed puzzlingly redundant. Maybe it has to do with the breadth of config options...forwarding, triggering, etc...
|
|
« Last Edit: June 09, 2005, 02:50:27 PM by hectorvictorious »
|
|
|
|
|
|
Viin
Terracotta Army
Posts: 6159
|
What's wrong with a router that has a builtin firewall?
Are there specific routers that have "firewalls?" How is this different from a regular nat router? I've heard the phrase "router with firewall" before and it always seemed puzzlingly redundant. Maybe it has to do with how the breadth of config options...forwarding, triggering, etc... Routers just route packets, but don't always include firewall software (most home routers do - but the ones you find in data centers most certainly do not). (And home routers are really combo switches+routers, but thats just getting nit-picky). Also, NATing is not a firewall. NATing just translates your internal IPs to the external IP and back. Ie: you request a connection to microsoft.com, and the data comes back on the external IP, the NATing then routes that information to your internal computer because that computer created the connection. Firewalls tend to block all inbound (coming from the Internets) ports except ones you open. Ie: you have an FTP server running on your home computer, so you will want to configure it to allow inbound connections on port 25. But since most people don't run server software on their home computers, all ports *should* be blocked. Note: Peer-to-peer applications like bittorrent require some ports to be open so that others can connect to you. You'd also need to open up the ports that your HalfLife server uses if you wanted people on the internet to be able to connect to it. With NATing, this means you also have to tell your firewall 'if a connection comes in on port 25, send it to computer XYZ'. Since no internal computer started the connection it wouldn't know which one to send it to, so you have to specify. This is called 'port forwarding'. Clear as mud?
|
|
« Last Edit: June 09, 2005, 03:05:46 PM by Viin »
|
|
- Viin
|
|
|
hectorvictorious
Terracotta Army
Posts: 14
|
What's wrong with a router that has a builtin firewall?
Are there specific routers that have "firewalls?" How is this different from a regular nat router? I've heard the phrase "router with firewall" before and it always seemed puzzlingly redundant. Maybe it has to do with how the breadth of config options...forwarding, triggering, etc... Routers just route packets, but don't always include firewall software (most home routers do - but the ones you find in data centers most certainly do not). (And home routers are really combo switches+routers, but thats just getting nit-picky). Also, NATing is not a firewall. NATing just translates your internal IPs to the external IP and back. Ie: you request a connection to microsoft.com, and the data comes back on the external IP, the NATing then routes that information to your internal computer because that computer created the connection. Firewalls tend to block all inbound (coming from the Internets) ports except ones you open. Ie: you have an FTP server running on your home computer, so you will want to configure it to allow inbound connections on port 25. But since most people don't run server software on their home computers, all ports *should* be blocked. Note: Peer-to-peer applications like bittorrent require some ports to be open so that others can connect to you. You'd also need to open up the ports that your HalfLife server uses if you wanted people on the internet to be able to connect to it. With NATing, this means you also have to tell your firewall 'if a connection comes in on port 25, send it to computer XYZ'. Since no internal computer started the connection it wouldn't know which one to send it to, so you have to specify. This is called 'port forwarding'. Clear as mud? I had always assumed that when people refered to a router as a firewall they were referring to NAT, that requested data was transferred through the the requesting PC, and nonrequested data died at the router. When I think about this now, I can see the need for actual firewall software within the router to offer any sort of protetion.
|
|
|
|
Hammond
Terracotta Army
Posts: 637
|
Plug the little sucker in, open up your browser, and type in 192.168.0.1. In most cases, that will bring up your config screen.
Chances are the password is 'admin' Shhh, don't tell anyone. Actually if its linksys its probably 192.168.1.1, Username: admin Password: admin Usually But your dsl modem might be your router to.... If thats the case you will add alot more confusion. Dsl modems in many cases are a router rather than a bridge and in some cases provide built in firewall type applications. Keep in mind any of these are real real simple but for 99.9% of users its more than enough. Confuse you yet? If you really want more information just provid who does your dsl and what kind of modem and I can probably point you in the right direction.
|
|
|
|
Murgos
Terracotta Army
Posts: 7474
|
Yeah, Netgear comes defaulted to 192.168.0.1 and thier default password is usually 'password' though I seem to recall having run into a Netgear that defaulted to 'admin'.
D-Link I think is on 192.168.1.x and I don't recall thier default password but I'm guessing it's also 'admin'.
Lately I've seen linksys equipment that has nothing for the username and the password is 'admin'. YMMV.
Anyway, the important point is that you should change the user name and password to your router. It's even more important if you are using wireless, even if you are using WEP.
|
"You have all recieved youre last warning. I am in the process of currently tracking all of youre ips and pinging your home adressess. you should not have commencemed a war with me" - Aaron Rayburn
|
|
|
Ookii
Staff Emeritus
Posts: 2676
is actually Trippy
|
I had always assumed that when people refered to a router as a firewall they were referring to NAT, that requested data was transferred through the the requesting PC, and nonrequested data died at the router. When I think about this now, I can see the need for actual firewall software within the router to offer any sort of protetion.
The nature of how NAT works dictates that you will be safe from worms and script kiddies who will scan your ip block, for any connection you do not initiate will not be routed unless you specfiy otherwise. It only will work for TCP/IP though, UDP is still open game, but it's much harder to break in with UDP anyway. The only thing you will really gain with a 'router with firewall' is 'stateful packet inspection', the biggest benefit I can see for the home user is they can say 'I have a router with stateful packet inspection', cause it sounds like you know what you're talking about. Just get any router and you'll be fine, if someone really wanted your data they would just steal your computer. Oh and I'd recommend a Linksys WRT54G, as Linksys released the firmware so now all these cool custom hacks are out so you can increase the wireless output 900% or have a true firewall on the router.
|
|
|
|
Pococurante
Terracotta Army
Posts: 2060
|
I supplement my router with a software firewall to prevent trojans/etc from calling back out to the great outdoors. It's just as critical to make sure something doesn't sweep your private data and send it up as it is to make sure you don't get DOS'd.
|
|
|
|
Soukyan
Terracotta Army
Posts: 1995
|
Are those towns or vocabulary words? Yoknapatawpha County, Mississippi ?
|
"Life is no cabaret... we're inviting you anyway." ~ Amanda Palmer"Tree, awesome, numa numa, love triangle, internal combustion engine, mountain, walk, whiskey, peace, pascagoula" ~ Lantyssa"Les vrais paradis sont les paradis qu'on a perdus." ~Marcel Proust
|
|
|
WayAbvPar
|
Are those towns or vocabulary words? Yoknapatawpha County, Mississippi ?It is right across the state line from Meahsexedupmahsistah County, Alabama.
|
When speaking of the MMOG industry, the glass may be half full, but it's full of urine. HaemishM
Always wear clean underwear because you never know when a Tory Government is going to fuck you.- Ironwood
Libertarians make fun of everyone because they can't see beyond the event horizons of their own assholes Surlyboi
|
|
|
|
Pages: [1] 2
|
|
|
|