The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024

Latest message you have seen: RE: Re: Nerdy ADSL info required/more gushing for XP


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Firewalls?


  • To: <ukha_d@xxxxxxx>
  • Subject: RE: Firewalls?
  • From: "Brian G. Reynolds" <brian.g.reynolds@xxxxxxx>
  • Date: Sun, 23 Sep 2001 22:07:18 +0100
  • Delivered-to: mailing list ukha_d@xxxxxxx
  • Mailing-list: list ukha_d@xxxxxxx; contact ukha_d-owner@xxxxxxx
  • Reply-to: ukha_d@xxxxxxx

Interesting read Mark, good reading.

B.

> -----Original Message-----
> From: Mark Hetherington (egroups)
> [mailto:mark.egroups@xxxxxxx]
> Sent: 23 September 2001 21:47
> To: ukha_d@xxxxxxx
> Subject: RE: [ukha_d] Firewalls?
>
>
> It has been a while since I actually did the investigation (a
> little over 12
> months) but fom what I have heard from some people not much is likely
to
> have been changed.
>
> I first began seriously looking at firewall software for my home PC
while
> using the BT Internet Freephone number and then later Surftime sue to
the
> increased online time and increasing number of attacks. I tried
various
> options as detailed below:
>
> Black Ice Defender
> Quite poor. Alarm triggers for non events. A DCC chat in IRC would
triger
> multiple alarms. Blocks some trojans but many security holes. No
stealth
> capabilities. Log files difficult to parse and require an add on
> package. No
> application specific rulesets.
>
> LockDown 2000
> A more comprehensive solution that was less prone to false alarms. A
neat
> inbuilt utitily to track offending IP addresses back to their source
and
> automatically generate complaints. Limited stealth capabilities. Poort
> Trojan protection. Does not protect completely so I originally
> used this in
> conjunction with BlackIce Defender. Lockdown was a good way to detect
BID
> false alarms. No application specific rulesets.
>
> Zone Alarm
> Limited stealth capabilities. Lack of configurability. Not extremenly
> compehrensive protection. Preferable to either BID or LD2K but syill
had a
> number of false alarms. I belove later versions addressed some or all
of
> these but reports I have seen from people online seem to indicate
there is
> still a problem with false alarms.
>
> AtGuard
> Finally one that came up to scratch. Very configurable with full rule
sets
> and stealth. False alarms are practically zero once the rulesets are
> created. Built in log viewing and a number of handy statistics.
> Just before
> Symantec bought the technology, there was a full release of this
product
> that was originally targetted to existing customers as a final upgrade
but
> all copy security and registration removed so it soon propgated
> the net. The
> company eventually allowed it to be treated as abandonware without any
> support or updates. I ran this for a long time but a few things I was
> missing were filled in by the soon to come NIS which I originally
> looked at
> purely because of the AtGuard hiding inside.
>
> Norton Internet Security 2001 (possibly 2K also)
> AtGuard repackaged with a few bells and whistles thrown in including
newer
> AtGuard features which never made it into AtGuard releases before the
buy
> out of technology. I recently moved from AtGuard to NIS2001 for
> the updates.
> The interface is not as efficient as the AtGuard one, but with my
AtGuard
> version refusing to run under newer incarnations of Windows, the only
real
> upgrade path without doing a new investigation. Definitely
> recommended with
> my only gripe being the interface. Some of the original AtGuard
functions
> are quite well hidden but once you find them you are back to the
original
> AtGuard interface. This is inconsistent with the front end that was
bolted
> on. Well worth the trial download and once you are used to it,
> registering.
> It is a shame that they did not release a cut down version for
> free without
> some of the extras that are not always useful but still gets my vote
over
> the others. Suitable as a firewall for a network but only
> configurable from
> the host.
>
> Linux
> Assuming you want to put a machine between you and the net or move to
the
> OS, Linux offers a cheap (as in free) way to setup a firewall. It is
the
> most complex of solutions since a default linux install is not
> particularly
> secure. Some knowledge of the OS and a lot of reading to work out
what's
> what is required to create a suitable firewall machine although newer
> distributions have tried to create an easier interface to do this. Not
> recommended unless you know the OS or have a patient friend to
> teach one or
> a trustworthy one to go in and set up for you. You would also need to
move
> the DUN connection to Linux and install IP Masquearding and Port
> Forwarding
> to perform an ICS type sharing of the connection. It is suitable as a
> firewall for a network. Could be configured from the host PC or
through a
> suitably secured telnet SSH1/2 shell to the host from a client.
>
>
> A hardware firewall is obviously the better bet in more secure
> environments,
> but IME the NIS and previous AtGuard have been more thna enough for my
> needs. Zone Alarm gets many recommendations but my personal
> experience leads
> me to not concur with this recommendation. Out of those I have used
and
> tried, NIS is my winner. There were some others I tried briefly but
they
> either failed to install or had run time problems so I have ignored
them
> here.
>
> HTH
>
> Mark.
>
>
>
> For more information: http://www.automatedhome.co.uk
> Post message: ukha_d@xxxxxxx
> Subscribe:  ukha_d-subscribe@xxxxxxx
> Unsubscribe:  ukha_d-unsubscribe@xxxxxxx
> List owner:  ukha_d-owner@xxxxxxx
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>
>



Home | Main Index | Thread Index

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.