Any suggestions for home PC firewall?
Thanks
Alan
Firewall
Moderator: Scott Danziger
-
Guest
Firewall
I,ve been using Zonealarm,it seems to do the job and the price isn't bad,it's free 
www.zonealarm.com
Laird
www.zonealarm.com
Laird
-
Allen M.
Firewall
Depending upon which mood I'm in when I rebuild one of the computer systems here, I use either Norton or Zone Alarm.
Zone Alarm tightens the screws better than Norton in terms of closing-off ports to invaders, but can be a pain in the neck during the times you are seriously bombarded.
Norton's firewall is inexpensive but yes, Zone Alarm is free.
------------------
Allen Moulton from Uechi-ryu Etcetera
Zone Alarm tightens the screws better than Norton in terms of closing-off ports to invaders, but can be a pain in the neck during the times you are seriously bombarded.
Norton's firewall is inexpensive but yes, Zone Alarm is free.
------------------
Allen Moulton from Uechi-ryu Etcetera
-
Arnie Elkins
- Posts: 44
- Joined: Mon Oct 08, 2001 6:01 am
- Location: Richmond, VA, USA
Firewall
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by AlanL:
Any suggestions for home PC firewall?
<HR></BLOCKQUOTE>
Are you referring to a program to be run on a single PC that is also being used as your primary machine? Or are you looking for a standalone solution? There are lots of options either way, but it would help to know which you may prefer.
That being said, my personal preference is a tiny version of Linux known as Freesco. I run it on an old 486 machine, and it sits between my cable modem and my other computers. It allows me to share my cable modem connection among all my machines, in addition to being a firewall and doing network address translation. It is pretty secure, works very well, and it was free. Sure, I had to build the machine for it, but I had parts around that had cost me less than $5. I also learned a good deal about Linux. Being a network guy, it was an interesting project.
For those who are not so interested in rolling their own, devices like the Linksys or D-Link 'cable/dsl routers' are good things for those with high-speed connections to the net. You get the same effect as I have, being able to share the net connection with multiple PCs, but you also get a lot of the work done for you. And you get some measure of support, which you definitely do not get with a homegrown firewall. These devices, of course, cost a great deal more. However, none of these are a good solution for the dialup user, or even many users that have only a single PC.
I am by no means a security expert, but I know people who are. Most of them laugh at the idea of running anything resembling a firewall on the same PC you use to connect to the net. Of course, given that most of us cannot afford 50 grand for a copy of CheckPoint Firewall-1 and a Sun box to run it on, personal firealls can be a good thing. However, before diving in, check out the reviews of personal firewalls at places like www.grc.com. If you pay attention to what you are doing, and get some good advice from people who know what they are doing, you can be relatively secure without a firewall at all. Steve Gibson has a great deal of information on his site(mentioned above) about how to secure your Windows PC without a firewall. He then goes on to review several of the leading personal firewall packages, and tells you the pros and cons of each. There is no perfect security, and no perfect firewall program. Each user must assess their own needs for security and decide what they are willing to pay, or how much work they are willing to do.
My suggestion? Unless you are truly paranoid, check out the info on www.grc.com and secure your PC without a firewall. Unless you run a program with a trojan horse, no one can get in to your machine, because you won't be allowing any remote access. If you can't live without knowing every time a hacker attempts to access your machine, get a personal firewall program. For the truly paranoid, well, they probably aren't reading this, because they would have to connect to the net...
Any suggestions for home PC firewall?
<HR></BLOCKQUOTE>
Are you referring to a program to be run on a single PC that is also being used as your primary machine? Or are you looking for a standalone solution? There are lots of options either way, but it would help to know which you may prefer.
That being said, my personal preference is a tiny version of Linux known as Freesco. I run it on an old 486 machine, and it sits between my cable modem and my other computers. It allows me to share my cable modem connection among all my machines, in addition to being a firewall and doing network address translation. It is pretty secure, works very well, and it was free. Sure, I had to build the machine for it, but I had parts around that had cost me less than $5. I also learned a good deal about Linux. Being a network guy, it was an interesting project.
For those who are not so interested in rolling their own, devices like the Linksys or D-Link 'cable/dsl routers' are good things for those with high-speed connections to the net. You get the same effect as I have, being able to share the net connection with multiple PCs, but you also get a lot of the work done for you. And you get some measure of support, which you definitely do not get with a homegrown firewall. These devices, of course, cost a great deal more. However, none of these are a good solution for the dialup user, or even many users that have only a single PC.
I am by no means a security expert, but I know people who are. Most of them laugh at the idea of running anything resembling a firewall on the same PC you use to connect to the net. Of course, given that most of us cannot afford 50 grand for a copy of CheckPoint Firewall-1 and a Sun box to run it on, personal firealls can be a good thing. However, before diving in, check out the reviews of personal firewalls at places like www.grc.com. If you pay attention to what you are doing, and get some good advice from people who know what they are doing, you can be relatively secure without a firewall at all. Steve Gibson has a great deal of information on his site(mentioned above) about how to secure your Windows PC without a firewall. He then goes on to review several of the leading personal firewall packages, and tells you the pros and cons of each. There is no perfect security, and no perfect firewall program. Each user must assess their own needs for security and decide what they are willing to pay, or how much work they are willing to do.
My suggestion? Unless you are truly paranoid, check out the info on www.grc.com and secure your PC without a firewall. Unless you run a program with a trojan horse, no one can get in to your machine, because you won't be allowing any remote access. If you can't live without knowing every time a hacker attempts to access your machine, get a personal firewall program. For the truly paranoid, well, they probably aren't reading this, because they would have to connect to the net...
Firewall
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Arnie Elkins:
Most of them laugh at the idea of running anything resembling a firewall on the same PC you use to connect to the net.
<HR></BLOCKQUOTE>
I too, am no security expert, but have read about it a bit. From what I've read, ZoneAlarm doesn't really do much. It doesn't, for example block Sub7, the zombie program that is commonly used for those DoS attacks.
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>
My suggestion? Unless you are truly paranoid, check out the info on For the truly paranoid, well, they probably aren't reading this, because they would have to connect to the net...<HR></BLOCKQUOTE>
Heh, unless they're doing it from the library with latex gloves on.
Most of them laugh at the idea of running anything resembling a firewall on the same PC you use to connect to the net.
<HR></BLOCKQUOTE>
I too, am no security expert, but have read about it a bit. From what I've read, ZoneAlarm doesn't really do much. It doesn't, for example block Sub7, the zombie program that is commonly used for those DoS attacks.
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>
My suggestion? Unless you are truly paranoid, check out the info on For the truly paranoid, well, they probably aren't reading this, because they would have to connect to the net...<HR></BLOCKQUOTE>
Heh, unless they're doing it from the library with latex gloves on.
-
Allen M.
Firewall
Subseven, Valk? This fish is a frequent catch.
------------------
Allen Moulton from Uechi-ryu Etcetera
------------------
Allen Moulton from Uechi-ryu Etcetera
-
Arnie Elkins
- Posts: 44
- Joined: Mon Oct 08, 2001 6:01 am
- Location: Richmond, VA, USA
Firewall
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by gmattson:
Arnie:
Please tell me more about connecting two computers to a single dsl line!
Sounds like you are doing it without purchasing a router ($100).
<HR></BLOCKQUOTE>
Mattson sensei, you are quite correct. I am doing it with a $5 PC that I built myself. I use Freesco, which is a version of Linux specially built to act as a router. It is small(fits on a floppy disk), fast enough(my 486/50 can keep up with my 1.5 megabit cable modem connection quite nicely), and free! I have actually built a couple of extra router boxes, which are not in use at the moment. All it takes is a motherboard, cpu(486/50 works fine, less would probably work just as well), memory(you can get away with 6 meg), case w/power, video card, and two network cards. One network card connects to the cable modem(or dsl modem), and the other connects to a hub or switch. Connect your other machines to the same hub or switch, set them to obtain an IP address automatically, and off you go! Not *quite* that simple, of course, but it is pretty easy to do. Essentially I am doing exactly the same thing with my 486 that you would do with a cable/dsl router. For more information about Freesco, you can visit http://www.freesco.com/. It works well for me.
If you have any particular questions, feel free to ask. *WARNING* I am a network engineer by trade, and a computer junkie in my spare time, so I can talk for hours on end about networking! Freesco will work with almost any cable modem or dsl ISP, just like the hardware routers. There are several other small Linux distributions out there to do the same thing, but Freesco seems to be the easiest to set up.
[This message has been edited by Arnie Elkins (edited October 23, 2001).]
[This message has been edited by Arnie Elkins (edited October 23, 2001).]
Arnie:
Please tell me more about connecting two computers to a single dsl line!
Sounds like you are doing it without purchasing a router ($100).
<HR></BLOCKQUOTE>
Mattson sensei, you are quite correct. I am doing it with a $5 PC that I built myself. I use Freesco, which is a version of Linux specially built to act as a router. It is small(fits on a floppy disk), fast enough(my 486/50 can keep up with my 1.5 megabit cable modem connection quite nicely), and free! I have actually built a couple of extra router boxes, which are not in use at the moment. All it takes is a motherboard, cpu(486/50 works fine, less would probably work just as well), memory(you can get away with 6 meg), case w/power, video card, and two network cards. One network card connects to the cable modem(or dsl modem), and the other connects to a hub or switch. Connect your other machines to the same hub or switch, set them to obtain an IP address automatically, and off you go! Not *quite* that simple, of course, but it is pretty easy to do. Essentially I am doing exactly the same thing with my 486 that you would do with a cable/dsl router. For more information about Freesco, you can visit http://www.freesco.com/. It works well for me.
If you have any particular questions, feel free to ask. *WARNING* I am a network engineer by trade, and a computer junkie in my spare time, so I can talk for hours on end about networking!
Freesco will work with almost any cable modem or dsl ISP, just like the hardware routers. There are several other small Linux distributions out there to do the same thing, but Freesco seems to be the easiest to set up.[This message has been edited by Arnie Elkins (edited October 23, 2001).]
[This message has been edited by Arnie Elkins (edited October 23, 2001).]
-
Allen M.
Firewall
I'm all ears, Arnie. Let's get technical about setting up a spare pc as the server/firewall. I've got an extra unused one or two around the house.
------------------
Allen Moulton from Uechi-ryu Etcetera
------------------
Allen Moulton from Uechi-ryu Etcetera
-
Arnie Elkins
- Posts: 44
- Joined: Mon Oct 08, 2001 6:01 am
- Location: Richmond, VA, USA
Firewall
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Allen M.:
I'm all ears, Arnie. Let's get technical about setting up a spare pc as the server/firewall. I've got an extra unused one or two around the house.
<HR></BLOCKQUOTE>
Okay. Here is the beginning, shamelessly copied from the manual for Freesco at www.freesco.com. To set up a cable modem/dsl router, you need 2 network cards, and you do not need a modem. Dialup users can use a modem and one network card, or you can use a modem as a backup to your primary connection. I have not done either of these. Yet. Anyway...
FREESCO is a small (single floppy) distribution of Linux intended to be a replacement for minor models of Cisco routers.
NOTE: FREESCO stands for FREE ciSCO and has nothing common with SCO Unix.
Both, CISCO and FREESCO, have their positive and negative features. The main advantage of FREESCO is its price. Hehehe, you know this word, you like this word, you love this word, what can be sweeter then this word. FREESCO will cost you only your old dust-collecting 386 computer you were going to throw out few years ago. The main disadvantage of FREESCO - it doesn't have dynamic routing feature, it can be only a static router. Somebody can ask - "Why do we need FREESCO project? There is already LRP (Linux Router Project) which is more complex then FREESCO." Well, the answer is - because most people don't need so complex solution as LRP is and because FREESCO has the easiest setup you've ever dreamt of. Just wipe out a dust from your 386 PC, connect it to network and after 10 minutes of setting up (of course including a break for a cup of coffee) your router will be ready.
FREESCO supports up to 3 ethernet cards and up to 2 modems.
Other features of FREESCO are:
Bridge mode
Firewalling and Network Address Translation
DNS Server
DHCP Server
HTTP Server (public and control purpose)
Telnet server (only one connection per time)
Print Server
Remote Access Server (up to 2 modems)
Time Server
So you can build a simple bridge or a simple router or a very complex router/server which includes all these features.
Setup procedure offers few basic configurations. Choose one and tune it by adding or removing features.
1.2 Requirements
CPU - any 386 or better
FPU - not required
RAM - min (with swap) 6 MB, normal (on the edge between swap/no swap) 8 MB, recommended 16 MB
FDD - 1.44 MB
HDD - not required for 8-16 MB RAM system, but recommended (for swap and for future extensions)
Ethernet adapter(s) - 3COM509, 3COM595, 3COM905, Realtek NE2000 compatible, Realtek NE2000 PCI compatible, ISA/PCI NE2000 compatible supported out of box. Many more other adapters supported via additional drivers you have to add manually from supplementary pack (it's easy, just choose appropriate driver and drop it in a:routerdrv directory).
Modem(s). Beware of winmodems, they will not work with FREESCO. If you have old 386/486 computer w/o FIFO'ed COM ports it's recommended to use internal modems as they come with built-in fast FIFO'ed port.
Read this manual at least once.
Some brains
TCP/IP networking knowledge (a must)
Once you have the required components, I really recommend checking out the manual, which does a pretty thorough job of explaining the setup. If you have particular questions, I will be happy to help you out. I have set up a Freesco box to work with two different ISPs, so I have run across some things that you may encounter. However, for someone like you who has a good deal of experience in the PC world already, it should be relatively simple.
Any specific questions so far?
Arnie
I'm all ears, Arnie. Let's get technical about setting up a spare pc as the server/firewall. I've got an extra unused one or two around the house.
<HR></BLOCKQUOTE>
Okay. Here is the beginning, shamelessly copied from the manual for Freesco at www.freesco.com. To set up a cable modem/dsl router, you need 2 network cards, and you do not need a modem. Dialup users can use a modem and one network card, or you can use a modem as a backup to your primary connection. I have not done either of these. Yet. Anyway...
FREESCO is a small (single floppy) distribution of Linux intended to be a replacement for minor models of Cisco routers.
NOTE: FREESCO stands for FREE ciSCO and has nothing common with SCO Unix.
Both, CISCO and FREESCO, have their positive and negative features. The main advantage of FREESCO is its price. Hehehe, you know this word, you like this word, you love this word, what can be sweeter then this word.
FREESCO will cost you only your old dust-collecting 386 computer you were going to throw out few years ago. The main disadvantage of FREESCO - it doesn't have dynamic routing feature, it can be only a static router. Somebody can ask - "Why do we need FREESCO project? There is already LRP (Linux Router Project) which is more complex then FREESCO." Well, the answer is - because most people don't need so complex solution as LRP is and because FREESCO has the easiest setup you've ever dreamt of. Just wipe out a dust from your 386 PC, connect it to network and after 10 minutes of setting up (of course including a break for a cup of coffee) your router will be ready.FREESCO supports up to 3 ethernet cards and up to 2 modems.
Other features of FREESCO are:
Bridge mode
Firewalling and Network Address Translation
DNS Server
DHCP Server
HTTP Server (public and control purpose)
Telnet server (only one connection per time)
Print Server
Remote Access Server (up to 2 modems)
Time Server
So you can build a simple bridge or a simple router or a very complex router/server which includes all these features.
Setup procedure offers few basic configurations. Choose one and tune it by adding or removing features.
1.2 Requirements
CPU - any 386 or better
FPU - not required
RAM - min (with swap) 6 MB, normal (on the edge between swap/no swap) 8 MB, recommended 16 MB
FDD - 1.44 MB
HDD - not required for 8-16 MB RAM system, but recommended (for swap and for future extensions)
Ethernet adapter(s) - 3COM509, 3COM595, 3COM905, Realtek NE2000 compatible, Realtek NE2000 PCI compatible, ISA/PCI NE2000 compatible supported out of box. Many more other adapters supported via additional drivers you have to add manually from supplementary pack (it's easy, just choose appropriate driver and drop it in a:routerdrv directory).
Modem(s). Beware of winmodems, they will not work with FREESCO. If you have old 386/486 computer w/o FIFO'ed COM ports it's recommended to use internal modems as they come with built-in fast FIFO'ed port.
Read this manual at least once.
Some brains
TCP/IP networking knowledge (a must)
Once you have the required components, I really recommend checking out the manual, which does a pretty thorough job of explaining the setup. If you have particular questions, I will be happy to help you out. I have set up a Freesco box to work with two different ISPs, so I have run across some things that you may encounter. However, for someone like you who has a good deal of experience in the PC world already, it should be relatively simple.
Any specific questions so far?
Arnie
-
Allen M.
Firewall
ha ha. "Free SCO!"
This weekend I'll dive into it. I have a bunch of 3COM cards, I'll just have to see if they are the ones.
Thanks.
------------------
Allen Moulton from Uechi-ryu Etcetera
This weekend I'll dive into it. I have a bunch of 3COM cards, I'll just have to see if they are the ones.
Thanks.
------------------
Allen Moulton from Uechi-ryu Etcetera
-
Gene DeMambro
- Posts: 1684
- Joined: Sat Dec 12, 1998 6:01 am
- Location: Weymouth, MA US of A
Firewall
Can we still get the components and internal cards for old, 386/486 based systems?
I'm having a b**ch of a time finding components for my Pentium machine, and it's only four years old!
Arnie, please tell more!
Gene
I'm having a b**ch of a time finding components for my Pentium machine, and it's only four years old!
Arnie, please tell more!
Gene
-
gmattson
- Site Admin
- Posts: 6070
- Joined: Wed Sep 16, 1998 6:01 am
- Location: Lake Mary, Florida
- Contact:
Firewall
I'm almost finished setting up my computer and am anxious to start this project. I know where I can get my hands on an old 486 computer, so. . .
Guess I'll start by downloading that manual.
Thanks Arnie.
------------------
GEM
Guess I'll start by downloading that manual.
Thanks Arnie.
------------------
GEM
-
Arnie Elkins
- Posts: 44
- Joined: Mon Oct 08, 2001 6:01 am
- Location: Richmond, VA, USA
Firewall
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Gene DeMambro:
Can we still get the components and internal cards for old, 386/486 based systems?
I'm having a b**ch of a time finding components for my Pentium machine, and it's only four years old!
Arnie, please tell more!
Gene<HR></BLOCKQUOTE>
Computer shows are wonderful things! I have bought almost all the components I have at computer shows, and since I had a bunch of 486 motherboards around, I was looking for older hardware. And guess what? Older hardware is CHEAP! As in, most of the cards I have bought, video, network, I/O boards, I got from a wonderful guy for $1 each. Sure, I bought 11 network cards, and one was actually bad, but the rest work great! I literally built my router machine for $5, although I admit a friend of mine donated the case. But then again, he got the case for $3, so it wasn't a big sacrifice.
So, what kind of parts are you looking for? I happen to have some Kingston 32MB 72 pin parity SIMMs that I have no use for at the moment, and was thinking of putting them up on eBay. Of course, my thinking has always been that eBay is a great place to *sell* things, but not necessarily to buy things, but you can sometimes find older components at reasonable prices. Anyway, I have lots of old parts lying around, mostly because people lost interest in the old stuff when newer stuff came out. The friend that gave me the case for my router box got started in the PC industry by getting a bunch of older parts on eBay and at computer shows, and building lots of machines to get some hands-on experience. All his kids have their own computers now, and they have no idea their machines are not state-of-the-art. Great idea, IMHO.
Looking for anything in particular?
Can we still get the components and internal cards for old, 386/486 based systems?
I'm having a b**ch of a time finding components for my Pentium machine, and it's only four years old!
Arnie, please tell more!
Gene<HR></BLOCKQUOTE>
Computer shows are wonderful things!
I have bought almost all the components I have at computer shows, and since I had a bunch of 486 motherboards around, I was looking for older hardware. And guess what? Older hardware is CHEAP! As in, most of the cards I have bought, video, network, I/O boards, I got from a wonderful guy for $1 each. Sure, I bought 11 network cards, and one was actually bad, but the rest work great! I literally built my router machine for $5, although I admit a friend of mine donated the case. But then again, he got the case for $3, so it wasn't a big sacrifice.So, what kind of parts are you looking for? I happen to have some Kingston 32MB 72 pin parity SIMMs that I have no use for at the moment, and was thinking of putting them up on eBay. Of course, my thinking has always been that eBay is a great place to *sell* things, but not necessarily to buy things, but you can sometimes find older components at reasonable prices. Anyway, I have lots of old parts lying around, mostly because people lost interest in the old stuff when newer stuff came out. The friend that gave me the case for my router box got started in the PC industry by getting a bunch of older parts on eBay and at computer shows, and building lots of machines to get some hands-on experience. All his kids have their own computers now, and they have no idea their machines are not state-of-the-art. Great idea, IMHO.
Looking for anything in particular?
