Ron Schenone

Firewall – What Should I Use?

Posted by on Dec 6, 2006 | 6 Comments

There are two different firewalls available for consumer use. A hardware firewall and a software firewall.

Hardware firewalls
Hardware firewalls are important because they provide a strong degree of protection from most forms of attack coming from the outside world. A typical hardware firewall may be a broadband router, which is easy to configure and can protect all computers on the local network when they connect to the Internet.

Software firewalls
When you first set up a software firewall, you can specify which applications are allowed to communicate over the Internet from that PC. Programs that aren’t explicitly allowed to do so are either blocked or else the user is prompted for confirmation before the traffic is allowed to pass. In another words, the software must be trained by the user to allow or disallow traffic.

Which is best?
For those using a broadband connection, I would recommend using both. This allows a layer of protection and you can have the best of both worlds, hardware and software protections. And there are several free firewalls available, including the firewall that comes with Windows XP and Windows Vista. Just remember that the Windows XP firewall only blocks incoming traffic, whereas Windows Vista blocks traffic incoming and outgoing.

And here are several good FREE software firewalls linked below:

Zone Alarm free edition can be found here.

Comodo free firewall from here.

Sygate free edition is still available here.

And which do I personally use? I have both a hardware firewall via a DLink router and I also use the built-in firewall for XP and Vista.

[tags]firewall, hardware, software, windows, xp, vista, DLink[/tags]

  • Esra

    Greetings Ron,
    I recently discovered that my Outpost firewall showed my ports to be 90% UNstealthed. It was suggested to me the “Shields Up” online tester and others, are reading my D-Link Router firewall which I also run.
    When I turned off the router (hardware) firewall, the same test yielded FULLY STEALTHED. So this poses a question. If my software firewall is hiding my PC , what is the use of that if my router (hardware) firewall is making my PC totally visable. Does anyone know this occurs? What is the right thing to do, particularly as you suggest above, to use both?
    Regards
    Esra

  • http://wp3.lockergnome.com/nexus/blade/ Ron Schenone

    Hello Ersa,
    The built in firewall that comes with the DLink is to filter out IP addresses not ports. Disable the DLink firewall. Than run the Shields Up tests again.

    To confirm that all is working OK, try turning off Outpost and run the test again. Make sure you turn Outpost back on after the test is completed.

    Let me know the test results.

    Ron

  • Esra

    Greetings Ron,
    I tried what you suggested. Outpost ON DLink ON, Outpost OFF DLink ON = same result, most ports closed not stealthed, some stealthed.
    Then tried Outpost ON, DLink OFF = all but 3 ports stealthed (don’t know if that means they are also closed). One was open 53, 2 were closed 20,21.
    The DLink Router 504T firewall protection options are as follows:
    DoS Protection, SYN Flooding checking, ICMP Redirection checking,
    Port Scan attacks, FIN/URG/PSH attack, Xmas Tree attack, Null Scan attack,
    SYN/RST attack, SYN/FIN attack.
    Service Filtering from External Network, Ping, FTP, DNS, IKE, RIP, DHCP and ICMP from LAN.
    It seems to concur with what you said.
    So should I just turn off the DLink firewall and run Outpost?
    Esra

  • http://wp3.lockergnome.com/nexus/blade/ Ron Schenone

    Hello again Esra,

    Two things. First I downloaded the manual for the DLink 504T and saw what you are talking about in the firewall setting options. It would seen to me that with DOS and Port Scan both enabled, the router should stand on its own and block ALL ports as either stealth or closed when you run Shields Up. That is IMHO.

    Second a software firewall I consider as a secondary line of defense in the rare instance something may break thru the router firewall. Software firewalls are also recommended for those who may not be using a router.

    With this in mind, and since it appears your router is not blocking all ports, I would call DLink tech support and see what they recommend at
    1-877-453-5465.

    Let me know what you find out.

    If you still are having problems or concerns let me know.

    If I were able to sit down at your system I would be able to find out which combo of settings between your router and software firewall would work the best. But since that is not possible, it makes it difficult to remedy using this comment section or by email. This is why I recommend calling DLink.

    Regards, Ron

  • Esra

    Ron,
    Thanks, I will try to follow up on your advice. Your thoughts are appreciated.
    Cheers and Good Health
    Esra

  • Sachin

    Terminator The Sarah Connor Chronicles Is the best show ever and I miss it!!!!