Hardware Firewall best??

Discussion in 'other firewalls' started by budfox, Nov 2, 2005.

Thread Status:
Not open for further replies.
  1. 439q8w

    439q8w Guest

    I use a cheap D-link router and I have 59 process running including Outpost firewall. I have a GB of quality ram. My system is far from slow.
     
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,014
    You could say the same thing about using an AV. Are you running without an AV too?
     
  3. budfox

    budfox Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    103
    We all, its been months now. Still running the Fortigate 60, Ghost security(app/reg), and safensecure. My system has had zero crashes, and I have zero addware/ greyware/ trojans/ viruses, ect.

    Before when I ran things like Outpost, I would have to reimage my drive once a month. MOnths later no problem without a software firewall/ AV.

    I know everyone on this board thinks you need outbound protection...I think I have showed you dont. All programs like outpost do is clog your system.

    I will be software firewall free in 2006. INbound protection ....say it....Inbound protection....Process control....breatheeeeeee....
     
  4. Arup

    Arup Guest

    Budfox,

    I ran for a year with CHX, no probs, only inbound and maybe just outbound with AH, now I have a router so no CHX but P2P is forcing me to look into the CHX way again, router just can't handle all the connecitons unless I buy an expensive D Link game fuel or Zyxel 500.
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Speak for yourself ;) - I have run Outpost for 4 years and never had a problem requiring a system restore, even with beta builds.

    As for the security benefits of outbound traffic filtering, I have summarised them here - application execution control can be a substitute if you fully trust the software you run, but a warning about program X attempting an IRC connection to an address in Eastern Europe is still likely to be a far better warning of malware activity than one about process modification for most people. Running two sets of process protection software plus registry protection greatly reduces the chance of any malware install but this is also an option better suited to users familiar with Windows internals (in particular, the significance of certain registry keys or process manipulation attempts).

    Since you have mentioned it, it is worth noting that SafeNSec has specific requirements - notably those of annual renewal and online activation (with a limit on the number of installs before you have to apply for a new key from Star Force) so the monetary cost is unfavourable in the long term. Similar programs like Online Armor (this also requires online activation), Process Guard, AppDefend and SSM do not require annual renewal so those should be worth considering by others choosing to follow this route.
     
    Last edited: Dec 21, 2005
  6. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Apologies for disturbing you further, ;) but if you are running Ghost Security's AppDefend, then that indeed does include a software firewall (albeit a simple one) since it can allow or block network access.
     
  7. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Not to mention network activity monitoring through SafenSecure version 2.0 level as well...

    Blue
     
  8. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    Is it so easy to leave CHX for a simple hardware thing?

    Regards
    joter
     
  9. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,772
    Location:
    New Mexico, USA
    I can see where BudFox is coming from. I have an antivirus, Spybot S&D that I run every couple of days, and am trialing the latest McAfee Desktop Firewall on my system. I use ccleaner to clean cookies and other junk each night. That's it.

    In 10 yrs on the Internet, I've had about a dozen attempts by nasties to get into my system. All those were in the days, years ago, when I prowled Warez sites. In the past few years, my antivirus has found nothing - and I'm addicted to changing antivirus almost as often as firewalls, so my computer has had 4 different antivirus in the past 4 months. None has found anything.

    I think computer security is important. I also think common sense surfing habits are 75% of that security. If you go where the bugs are, they'll find you. I'll continue to play with firewalls, antivirus software, and other security related software as well, but my main security defense is going to be that thing between my two ears.
     
  10. Arup

    Arup Guest

    :rolleyes:

    Not at all Joter, very difficult, once you have used CHX, its kinda hard to contemplate life without it.
     
  11. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    That is the ideal position to be in - if anti-virus/trojan/spyware scanners are detecting anything other than false positives, then it means your security had a breach in it. If you are familiar enough with how your system behaves, and have a tightly-configured setup then you could rely just on firewall/process control software and dispense with the scanners, but this option is not for everyone.
     
  12. budfox

    budfox Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    103
    PAranoid....thought i was speaking for myself. You have got into me about "attitute" on this board...Again just trying to spread the word that IN MY OPINION outbound protection is completely overrated and not necesary in a safe system.

    You must not be doing well in the market!
     
  13. auriell

    auriell Registered Member

    Joined:
    Feb 9, 2005
    Posts:
    105
    Location:
    Warsaw, Poland
    439q8w ---> As far as this is good for you it's ok. I found my system running much lighter and faster (booting and operating) when disabling a lot of services I don't need. Currently I have 16 processes running on my machine, including Miranda (IM), NOD32 (AV) and OP. Some Windows services can be potentially dangerous. You say your system is far from being slow, well, but for sure it is far from being fast.
     
  14. controler

    controler Guest

    It is an old wives tale that router-gatways don't block outgoing.

    I know for a fact.... some do block on certian ports. :D


    controler
     
  15. budfox

    budfox Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    103
    Well everyone...its been months now...many new exploits (sonyrootkit, XP metafile, ect.) and i am still clean using only outbound protection.

    I will NEVER go back to a software firewall/ AV ever!!! A hardware firewall in my opinion is best.

    Hey Paraniod, what do you do for a living besides post on this site? Do you work for the ocmpany that produces outpost firewall?
     
  16. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    If you have no arguments, just feed suspicions.
    nothing more to say, budfox.

    Regards
    joter
     
  17. Brinn

    Brinn Registered Member

    Joined:
    Aug 5, 2004
    Posts:
    181
    Location:
    Canada
    It's not a firewall's job to protect you from those particular exploits you mentioned.
     
  18. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hi BudFox .
    You need to understand that you are fighting a losing battle in here . I completely understand your points and they are well taken . ANYONE with a good knowledge of computer security can attest to what you are trying to convey . Everyone else wants to argue because their opinion is different from the facts you present . sad but , that is how it works . very few seem to understand the difference . Because someone believes in something , does not make it right . You , however , are speaking factually . let it go . they will argue you into the ground . For me . I do not follow your " guide " of securing my computer . That does not make me tell you that you are mistaken . You are indeed correct . I just choose to use a little more " stuff " than you . lol .
    Now go play , be safe , and worry no more about the ones that do not understand . Some do . Some do not . Oh well . Such is life :cool:
     
  19. Brinn

    Brinn Registered Member

    Joined:
    Aug 5, 2004
    Posts:
    181
    Location:
    Canada
    No, I think it's just a normal response to his chest thumping. I'm also running with only inbound filtering (albeit software) and process control and I also find his tone annoying.
     
  20. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hi Brinn .
    Sorry . I understand . I see your point as well . I was just letting him know I completely understand and for him to just let it go . I really had no comment on the tone . I see where you are coming from . Now I will let it go . :cool:
     
  21. MikeyB

    MikeyB Guest

    I'm not so much worried about whether a hardware firewall is better than a software firewall, but whether a software firewall provides any more security than Minesweeper. I came across this opinion http://samspade.org/d/firewalls.html and now I'm wondering if its time to (panic) buy an NAT router ?
     
  22. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    heres two previous topics on it, if ud like a nice read:

    https://www.wilderssecurity.com/showthread.php?t=87546
    https://www.wilderssecurity.com/showthread.php?t=3467

    IMHO, there is no perfect security but if u configure ur software firewall correctly then ull do fine. i dont see any reason to be discouraged from using them. however itd help u to learn about securing ur system and knowing legitimate files from malware because the best security is knowlege and safe web habits.
     
  23. MikeyB

    MikeyB Guest

    Thanks for the links WSFuser! It was as they say a healthy read. I'd no idea that page had acquired such notoriety during its many, many, many years on the web. It did occur to me that it would be front page news if it were true.
     
  24. Datagg

    Datagg Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    17
    Paranoid ive seen you before sir..... Your one of the main Beta testers at agnitum forums arent you? I love reading your posts there.

    I love outpost man, love it dearly. Im so waiting for a 64 bit version to come out. I feel so out in the cold without a firewall.

    Peace..
     
  25. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    ROFLMAO. All I had to say to that was it's "5" not "3". xP

    Oh and "P|-|34R |\/|Y |\|33D 4 B33R."

    It truly bored me to read this thread, because I thought I would get something out of it. I did not see that happening. Anyone in the world is smart enough to keep their computer clean. If you really want to have useless competition, 2 years on my current computer computer, that ran NIS [completely outdated btw. I was way too lazy to buy subscriptions to new signatures.] 2 years on AVG [also outdated definitions because I couldn't get the damned thing to update], no firewall, didn't know what a trojan was, HIPS?? New word in my dictionary. Inbound filtering? Oh, you mean that Windows firewall I turned off because it was getting in the way of my gaming? Oh, and no reformatting ever [yes, a copy of Windows XP that ran stable for 5 years without a format. Impossible? I think not.], exploring the world of cracking via Internet explorer. Scanned my system a few months back. Found about 2-3 "spy cookies". It all depends on you. If you get exploited, sucks to be you my friend. If you do, then poor luck my friend. It's not inevitable, but it's all a gamble. Some of us just like gambling with better odds. So we actually protect our computers. If you feel you don't, good for you. No one here will force you to get firewalls back on your system. We just try to offer some experienced advice. Enjoy if you want. Leave if you don't.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.