Results 1 to 20 of 20

Thread: What Works Best

  1. #1
    Regular Member W_I_Z_K_I_D's Avatar
    Join Date
    Jun 2001
    Location
    !!!Your Computer-You Just Dont Know It YeT!!!
    Posts
    363

    Question What Works Best

    Hi Guys And Girls...W_I_Z_K_I_D Here.!
    ZoneAlarm Pro & Sygate Personal Firewall Pro (AS WE KNOW) ...are
    Great Firewalls , And anti Intrusion programs, but i was wondering...
    I Run *Sygate Personal Firewall Pro* and *zoneallarm Pro* both at the same time.
    Is this doubling my protection from hackers..
    or do the 2 Firewalls conflict in some way.meaning they dont work together.
    I was allso curious to see if any other Speedguider's run 2 firewalls
    or anti intrusion Programs...suth as blackice...sygate...norton or zoneallarm at the same time.
    .If anyone was to tell me that there is no conflict
    between these 2 firewalls..(ZoneAllarm Pro,SygateFirewallPro)..then use them
    both at the same time i will...((Double Protection..what a plus))...but then
    if users tell me not to run them both at the same time..
    then what would you say to run
    ((ZoneAllarmPro))((SygatePersonalPro))or((Blackice))
    !!!What Man Can Make
    Man Can Brake!!!

    Windows XP ( Service Pack 2 )
    Pentium 4 (3) GHz
    2.00 GB of RAM

    ** Zone Allarm Pro
    ** AVG Anti Virus
    ** Cookie Wall
    ** Pop Up Stopper
    ** Spy Bot
    ** Spy Ware Blasster
    ** Add Aware se Pro
    ** Ccleaner
    ** Clean Up
    ** Port Bloacker
    ** Tweek UI WIn XP
    ** Port Scanner


    Dialup 56k
    DialUp-Syd.IPrimus....56k(Motorola internal Modem)

  2. #2
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    Running 2 software firewalls is a waste of time, resources, energy, etc etc.

    The solution is to really learn how to use the ONE good firewall you want to have. And configure it as you want. You will then be secured and confident about it.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  3. #3
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,940
    Agree...running both at the same time...A) waste of system resources, B) like antivirus programs...many don't like to co-exist with another...and may interfere with each other.

    Personally, I prefer a hardware solution over software firewall...namely a good NAT router.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  4. #4
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    Originally posted by TonyT
    Running 2 software firewalls is a waste of time, resources, energy, etc etc.

    The solution is to really learn how to use the ONE good firewall you want to have. And configure it as you want. You will then be secured and confident about it.


    If you want the best protection buy a router with a NAT firewall & use a software firewall as well. I would recommend Outpost or Sygate.


  5. #5
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    If you want the best protection buy a router with a NAT firewall & use a software firewall as well. I would recommend Outpost or Sygate.
    No need for a softwall if have a hardware firewall.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  6. #6
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    Originally posted by TonyT
    No need for a softwall if have a hardware firewall.
    Wait a minute now..... this is coming from a guy who preaches internet security? OK so what if you get a trojan and it's sending out information about you? How would you know?

    Besides NOTHING is full proof, not even a NAT firewall.


  7. #7
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    Wait a minute now..... this is coming from a guy who preaches internet security? OK so what if you get a trojan and it's sending out information about you? How would you know?
    Well, you CAN'T get a trojan if the firewall is handling incoming traffic and you have email security configured. The only way to get a trojan is by (1) executing it's install or (2) doing unsafe actions like opening unscanned downloads or shared files or media.

    All I'm saying is that if one uses common sense one cannot get a virus or trojan. Common sense dictates that one scan all downloads and one not open certain types of shared files or attachments such as exe, pif, scr, js, activeX, doc etc. Now a work network is a bit more laxed where the file server is maintained by admins who set security policies and certain shared files are a must.

    And, yes, a really good cracker running unix/linux can get past the mainstream router firewalls if he wants to, and even any available softwall as well, but he is not targeting the home user, he is targeting bigger fish.

    But running just a hardware nat firewall is plenty and running a softwall with it is useless, unless one is incompetent to a degree, or if one lacks the necessary skill to secure the computer, or if the computer has multiple user accounts with varying levels of competence, e.g. a child who click everything that flashes.

    My puropose here is not to argue. This forum is primarily for help, assistance and education. Education is geared toward making your computer runs the best it can while maintaining it's integrety and security. This is achieved by optimizing the system so it runs faster and includes some study of security basics and further study of networking and components. This forum IS a place of study.

    When one learns TCP\IP basics, and one learns how trojans and viruses propogate, and one learns the basics of networking, one will eventually realize how secure his system is. Now not everybody will learn this stuff, and surely not everyone even wants to learn about it, and for those it may be necessary to use several firewalls. (because they lack the confidence in what they are doing on the computer) Confidence and competence come from study and learning.

    Obviously, by the questions posed by the person who started this thread, he wants to learn more about firewalls and security. He should read the stick threads at the top of the security forum page to continue his education, and in 6 months he will be posting questions like "why does my linksys router show as having the Ident port closed in the GRC port scan and how do I get stealth port scan results across the boards?"
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  8. #8
    Advanced Member fredra's Avatar
    Join Date
    Mar 2000
    Location
    Nepean, On, Canada
    Posts
    847

    WOW!!!!

    Oh my.....our buddy TonyT is on a roll
    A man with a watch knows what time it is. A man with two watches is never sure.

  9. #9
    A+, S+, M+, C+, CySA+ Shinobi's Avatar
    Join Date
    Jan 2001
    Location
    South Carolina
    Posts
    4,436
    Blog Entries
    1
    Everyone has brought up some good points
    about software firewalls, and security....

    Some more things to think about...

    The more "layers" of security you have, the better off you'll be.

    Software firewalls are nice if you have some server ports that are open on your Nat Router....
    You can enable the software firewall, like Sygate, from your taskbar to seal up that port if you don't want people to access that server at certain times.... you can do this faster and easier then going into your router, switching port forwarding... ect...

    If Microsoft had there "software firewall" set to default enabled, for Windows XP, MSBlaster woun'nt have been as wide spread, as it is now, IMHO

    My Happy 2 cents.
    L8ter ,
    Shinobi
    _______________________________________________
    Vendor neutral certified in IT Project Management, IT Security, Cisco Networking, Cisco Security, Wide Area Networks, IPv6, IT Hardware, Unix, Linux, and Windows server administration

  10. #10
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    Oh my.....our buddy TonyT is on a roll
    don't know what it is, but lately I have been feeling a bit antagonistic...

    ...well, I do know what it is...hehe...and will try to be a bit more friendly...ah...the frustrations of installing and re-installing XPPro. switching hard drives around (mast & slave)...and on son's system trying to get the Star Wars game to play good with the display drivers.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  11. #11
    R.I.P. 2016-11-23 Croc's Avatar
    Join Date
    Jan 2001
    Location
    Up top East side Downunder
    Posts
    7,819
    That's all fine Shinobi but multiple software firewalls on a system cause conflict problems except where a router is used. The only traffic the software firewall will see is outgoing.
    If you want to use a software firewall for intrusion control, simply use the one that comes with XP. It does the job with little or no need to play with it.
    If you want to know what's going out to the internet then use one software firewall. Regardless of the theories on layering, the simple fact is that once a firewall (single) is up and running it stops or warns the user of the activity. The problem with these is that there are many settings to play with and many get lost in the setting them up.

    In the case of AV programs, the same applies IMHO. Layering is fine but having two competing with oneanother for the same slice of pie means only one will be able to grab it .
    That experience comes from running AVG with InnoculateIt PE. AVG always grabbed it first because AVG loaded earlier in the bootup.

    Croc.

  12. #12
    A+, S+, M+, C+, CySA+ Shinobi's Avatar
    Join Date
    Jan 2001
    Location
    South Carolina
    Posts
    4,436
    Blog Entries
    1
    Croc:
    multiple software firewalls on a system cause conflict problems except where a router is used
    Yep, I agree with you there, I only have Sygate running, and my happy Nat router.


    Croc:
    In the case of AV programs, the same applies IMHO. Layering is fine but having two competing with one another for the same slice of pie means only one will be able to grab it .
    Well, I agree with that also... I've been running AVG 6 and NAV 2003 for a year now. Allways update both programs, Sometimes AVG finds virri faster then NAV, but your right, only one program gets to the "pie" first.
    _______________________________________________
    Vendor neutral certified in IT Project Management, IT Security, Cisco Networking, Cisco Security, Wide Area Networks, IPv6, IT Hardware, Unix, Linux, and Windows server administration

  13. #13
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    The more "layers" of security you have, the better off you'll be.
    additionally:

    The above doesn't really utilize layers. When a tech speaks of layers, it is referring to the layers of the network and www itself.

    From the top at the Domain layer all the way down to the application layer. A router's nat would be a layer 'above' the application layer and a gateway would be a layer above the nat. And a DNS server is above that, and so on and so on. Below the application layer is the tcp\ip layer and below that is the os itself.

    It doesn't hurt to have multiple sofwalls IF only one is running at a time and configs are remembered.saved for reference later on. For instance, I used to have win98 on a partition with BID running on it. Sometimes I'd put the box in the router's DMZ so I could fool around hacking and testing security of friends' systems. To do this, one needs to be in the DMZ, but I also need to be secure so I ran BID only to thwart any unwanted incoming packets.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  14. #14
    SG Enthusiast
    Join Date
    Jan 2001
    Location
    DC
    Posts
    4,717
    The above doesn't really utilize layers. When a tech speaks of layers, it is referring to the layers of the network and www itself.
    Yep - maybe if you had a network layer (like NAT) *AND* an application layer (like a proxy) fw running you could call it layering. But using two firewalls in the same way, filtering the same things, on the same host is a waste.
    anything is possible - nothing is free


    Quote Originally Posted by Blisster
    It *would* be brokeback bay if I in fact went and hung out with Skye and co (did I mention he is teh hotness?)

  15. #15
    Security Specialist greEd's Avatar
    Join Date
    May 2001
    Location
    Maryland
    Posts
    807
    Originally posted by TonyT
    additionally:

    When a tech speaks of layers, it is referring to the layers of the network and www itself.

    I'm confused by this statement, are you saying there aren't layers of security? Comparing the 7 layer model to that of a security layer model is a VERY broad comparison.

    Not trying to argue just want some clarification to the statement.
    "I'm doing a (free) operating system (just a hobby, won't be big and professional...) for AT clones... It's not portable and it probably [won't ever] support anything other than AT hard disks, as thats all I have :-(." --Posted on Usenet August 1991 by Linus Trovalds
    http://www.computerglitch.net
    curiosity builds security | dd if=/dev/zero of=/dev/hda bs=512 count=100
    EOF

  16. #16
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    Comparing the 7 layer model to that of a security layer model is a VERY broad comparison.
    Yes, it is very broad.
    I should have been more clear but failed to put into words what I was trying to accomplish.

    The idea of two softwalls on one systems running at same time is not really 2 security layers, but two programs on the same layer. The idea of layered security implies separate 'zones' of security located at the various places where security can be used, e.g. the router, the gateway, the server, the client, resulting in a sort of 'filtered' funnel which traffic flows through. Traffic being monitored and regulated by those tools used to do so at each layer. It just so happens that the '7 layer model' if superimposed upon the 'security layer' can be seen to coincide at some places if viewed from some perspectives.

    Apologies for any confusions...
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  17. #17
    Security Specialist greEd's Avatar
    Join Date
    May 2001
    Location
    Maryland
    Posts
    807
    Originally posted by TonyT
    Yes, it is very broad.
    I should have been more clear but failed to put into words what I was trying to accomplish.

    The idea of two softwalls on one systems running at same time is not really 2 security layers, but two programs on the same layer. The idea of layered security implies separate 'zones' of security located at the various places where security can be used, e.g. the router, the gateway, the server, the client, resulting in a sort of 'filtered' funnel which traffic flows through. Traffic being monitored and regulated by those tools used to do so at each layer. It just so happens that the '7 layer model' if superimposed upon the 'security layer' can be seen to coincide at some places if viewed from some perspectives.

    Apologies for any confusions...
    Very well put. Thanks Tony!
    "I'm doing a (free) operating system (just a hobby, won't be big and professional...) for AT clones... It's not portable and it probably [won't ever] support anything other than AT hard disks, as thats all I have :-(." --Posted on Usenet August 1991 by Linus Trovalds
    http://www.computerglitch.net
    curiosity builds security | dd if=/dev/zero of=/dev/hda bs=512 count=100
    EOF

  18. #18
    Advanced Member fredra's Avatar
    Join Date
    Mar 2000
    Location
    Nepean, On, Canada
    Posts
    847
    Ahhhhhhh......
    I knew my buds would end up agreeing...
    A man with a watch knows what time it is. A man with two watches is never sure.

  19. #19
    Security Specialist greEd's Avatar
    Join Date
    May 2001
    Location
    Maryland
    Posts
    807
    Originally posted by fredra
    Ahhhhhhh......
    I knew my buds would end up agreeing...
    "I'm doing a (free) operating system (just a hobby, won't be big and professional...) for AT clones... It's not portable and it probably [won't ever] support anything other than AT hard disks, as thats all I have :-(." --Posted on Usenet August 1991 by Linus Trovalds
    http://www.computerglitch.net
    curiosity builds security | dd if=/dev/zero of=/dev/hda bs=512 count=100
    EOF

  20. #20
    SG Enthusiast FunK's Avatar
    Join Date
    Aug 2000
    Posts
    2,721
    EDIT: N/M
    Last edited by FunK; 01-13-04 at 01:44 AM.
    Simply run adaware, spybot, ZoneAlarm, HijackThis, AVG, update windows daily, have a router, don't open e-mail, turn off action scripting, don't use P2P networks, don't violate EULAs, and wear a condom to get Windows secured.

    People say Linux is alot of work!

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •