Question about internet protection

[Kemal]

Hi everybody,

I've been connected to the internet via cable modem for some time now but I'm beginning to get worried about the risks of attacks on your system by hackers and/or spying programs. I recently read something (I thought it was here in CT-forum) about internet via cable and that users run a higher risk of getting attacks on their system, but unfortunately I haven't succeeded to retrace that information browsing the old topics.

What I did find was some information about a free firewall program called Zonelab but I'm not sure if their free version gives enough protection or whether I should buy an expensive top of the bill firewall? Furthermore there were some reviews that stated that your system was greatly slowed down after installing Zonelab and since I already have a slow machine (p2 400Mhz and 192 MB Ram ) using Windows '98 I am wary of programs reducing my system's performance even more.

So I was wondering if anyone has some experience with this program and if it's any good or can recommend another, better firewall.

Any info would be really appreciated as I know little about this myself.

 

[BlueMonday]

Actually, it's Zonelab's ZoneAlarm. I use the pay version and it's great. The shareware version will perform just as well as the pro version, but pays for itself by having a few imbedded spyware programs. If you get the Pro version it doesn't have any spyware in it.

ZoneAlarm isn't the only option you have for internet security (although it is probably they most widely used). Theres also:

Tiny Personal Firewall
Iolo Sytem Shield
BlackIce Defender (absolute atrocity as far as firewalls are concerned)
Norton Personal Firewall
McAfee Personal Firewall
Neowatch (very good one)
Visnetic Firewall
Conceal PC Firewall (this one is probably the best; it kicks in before your operating system does)

Also check out NeoTrace (from the same company as Neowatch), it isn't designed to protect you from intruders, but it will let you know exactly who did it...which can afford you some interesting options

Oh, and for anyone's info: if you are on cable, or DSL a firewall is a must for you. You would not believe how much unsolicited traffic is moving into and out of your computer beneath your nose. In the two months since my last re-format, ZoneAlarm has stopped 9720 intrusions (753 of which were high-rated alerts).

 

[Pillager]

No-one ever mentions Outpost, which is what I use.

I don't know if it's just not well known, but I really like it. Its good firewall capabilities, it's very flexible, includes pop-up killer, ActiveX, JS, Ad-killing on HTML strings and image size, etc.


I don't know if it is the best, but it's the best I've ever used and by far the most reliable and stable. It's the only one I've tried that hasn't stopped me from certain tasks without compromising my security.

BTW, this is all on a dial-up and I receive attacks pretty often. You MUST get one setup on cable. If you have XP, enable that one, which will give you some protection, but you must have a proper one as well. The XP one only stops attacks from outside (and not all), but not messages sent by your comp. to others.

 

[Kemal]

Originally posted by BlueMonday


Oh, and for anyone's info: if you are on cable, or DSL a firewall is a must for you. You would not believe how much unsolicited traffic is moving into and out of your computer beneath your nose. In the two months since my last re-format, ZoneAlarm has stopped 9720 intrusions (753 of which were high-rated alerts).

BlueMonday, Pillager, thanks for supplying me with this information and a selection of firewall programs. I had no idea one's computer is targeted that much on the Internet. Time to install one ASAP! Haven't decided which one yet but Neotrace sounds interesting...

Again, thanks for the info

 

[oryx]

Kemal,
You can also get a router, which will give you a hardware firewall. Most people with a cable connection run both hardware and software firewalls.

 

[Kemal]

Hi oryx,

Could you please explain what additional protection a hardware firewall gives in comparison with a software firewall? I looked for routers but they seem to be pretty expensive, and unfortunately I do not have unlimited funds to spend . However I do feel it is important to get excellent protection as I also want to be able to do some online shopping etc. safe (buying PTW for example) without 3rd parties spying and I'm online a lot. (With CFC at the top of course as far as time spent is concerned )

 

[Wild Weasel]

Oryx, apologies if I'm butting in on your reply.

Kemal, a 'hardware firewall' means firewall software running on a dedicated platform. Therefore the underlying operating system will be cut down to the bone and only have the features necessary to support the firewall package itself. Additionally, standard ports that are not required within the o/s will be closed to prevent exploitation of the o/s to defeat the firewall - which in theory could happen on a firewall package running on your pc. Beyond that, some filtering functionality can be shifted to firmware to improve throughput.

The downside is that upgrades to the o/s, firmware level or firewall package onboard a dedicated box will typically be a more complex task than a simple software patch to a workstation based f/w.

 

[Pillager]

Not wishing to contradict oryx, but I think that a well-configured software firewall will offer you adequate security, especially as you have limited funds. I stand ready to be corrected, but that's what I've always found.

 

[Kemal]

Ok, I'll probably stick with a software firewall as a router is too expensive for me if it offers little extra protection.

Again, thanks for clarifying this up guys

 

[starlifter]

I use AtGuard's firewall much of the time. I also have BlackICE Defender, 2.5 I think, though I'm not running it now.

I reject all communication with AtGuard, except what I authorize individually. If something does not work, I will disable the firewall and see if that releases the issue. If so, I enable the communication. I use dial up at teh moment, and get hit with about 10 unauthorized attempts per hour.

When I run BlackICE, it takes about 2.1 to 2.4% of my CPU cycles, and I run at 450 MHz.

 

[Perfection]

I feel protected by having a seperate computer for my firewall. With almighty LINUX on it

 

[Padma]

That's fine, Perfection, as long as you have a firewall on the Linux box.

 

[Sanaz]

I have a small LinkSys wireless switch behind my cable modem. This performs NAT (Network Address Translation), which protects my small home network. Not as good as a dedicated FW, but it serves the purpose of both home LAN connectivity and minimal internet protection. Wireless security is another matter altogether, and of course you need AV on all of your workstations if anything is ever downloaded to them. I personally haven't liked the SW firewalls I've tried, but that's simply personal preference. If you have an old server, and are comfortable with Linux, it's a great way to go for both NAT and FW on the cheap.

 

[Lucky]

I can recommend Tiny Personal Firewall, a great small program.
Easy to handle and very hard to break through. Be sure to configure it properly and you will probably have nothing to fear.