Firewall Suvery & Suggestions

[[AK]Hylander]

I was just curious which software firewall products people use. I've used several and currently use Sygate Personal Firewall Pro on my 2nd PC, and an old version of Zone Alarm Pro 3.0 on my primary PC.

[[AK]Abaddon]

I hate having firewall software sucking up resources from my gaming. So I rely on my router to keep the bad guys out.

[[AK]Squidly]

Router here.

[[AK]The Beast]

Router in conjunction with the integrated WinXP software firewall. We do currently run BlackIce on some of our servers at work, but we're actually moving everything behind a hardware firewall in the next two weeks.

[[AK]Hylander]

I have a static IP and run a router with NAT as well, but I still run a software firewall. A router running NAT is 'good enough' for probably 95% of the script kiddie hackers, but "IF" one of your machines behind the router gets infected, you're other machines are vulnerable without either a hardware firewall or a software firewall on the machine.

I've seen the aftermath of systems compromised behind NAT routers without any other protection, it isn't pretty which is why I choose the extra protection.

NAT Router
Software Firewall
Anti-Virus
Anti-Spyware

This is even more important if you connect to a VPN that does not have a hardware firewall (which it obviously should), a WiFI network, or use port forwarding or DMZ (please don't!) for a home server, etc. I run a private/personnel FTP server from home using Secure FTP and have a wap.

Ab... if your software firewall is taking enough cycles and resources from your PC to effect your gaming in any noticeable manner.. you either are gaming on a Pentium 2 with 128 megs of ram or have something wrong with your PC / software install.
You could also always set the process priority on low for the app.

Just my .02, but I'm a security hound (but not close to being an expert).

[Katanas Blade]

Although I used to work for zonelabs tech support and learned a few things from 'em, I currently only use my router firewall.

If you want to do some moderate testing of your security setup check out GRC's Shields up site, tests the more common security holes..

Now if only I knew how to spoof or stealth my ip without having to go through a proxy, or useing linux.

[[AK]Hardnok]

I use the router, zonealarm and xp firewall except when in game

[[AK]Clay]

Router.

I do scan at least weekly for viruses and spyware, but that's about it for security.

[The Wraith]

I haven't used nor needed to use any anti-virus on my personal computer in over 7 years. Don't download and install crap, keep systems patched so crap that floats in embedded to emails don't bit you, and there isn't a problem. My perimeter device is nothing more than a Cisco 2621. It has the IOS Firewall featureset but I'm not so much as even using NAT on that platform. No CBAB or even an ACL is deployed. It serves as merely the point of presence. Downstream from the 2621 is a Cisco 506 PIX Firewall. This platform serves as my hardened perimeter.

I'm not currently, but have used Cisco's Security Agent as my host-based IDS/firewall. Integrated into the CiscoWorks VMS Security Management bundle to manage and report on events is nice but way overkill in a home environment. Presently, I run no personal firewall and no anti-virus because I simply don't need it.

Now if only I knew how to spoof or stealth my ip without having to go through a proxy, or useing linux.

Doesn't matter. Looks like you've read too many buzz words without actually understanding what they mean. Spoofing source IP addresses is only usefull if you're intent is to denial of service your victim. If you were to spoof your source IP address, it wouldn't be a usable TCP/IP connection for you. Without a valid source address, your packets would not return back to you. Without a full duplex, statefull connection, you can throw TCP out the window. UDP application would "work", but you still wouldn't ever receive the responses...your 'victim' would.

Spoofing is for DoS, not for "hiding on the Internet".

[Katanas Blade]

Doesn't matter. Looks like you've read too many buzz words without actually understanding what they mean. Spoofing source IP addresses is only usefull if you're intent is to denial of service your victim. If you were to spoof your source IP address, it wouldn't be a usable TCP/IP connection for you. Without a valid source address, your packets would not return back to you. Without a full duplex, statefull connection, you can throw TCP out the window. UDP application would "work", but you still wouldn't ever receive the responses...your 'victim' would.

Pfft, I want it spoofed for anything other then what I directly connect to myself, as in I want to have the option of authorizing my ip to connect to, say verified urls/ftps/game servers, and any other non verified incoming connections would be routed to the spoofed ip.

[The Wraith]

Pfft, I want it spoofed for anything other then what I directly connect to myself, as in I want to have the option of authorizing my ip to connect to, say verified urls/ftps/game servers, and any other non verified incoming connections would be routed to the spoofed ip.

That's not what spoofing is. That's called NAT'ing. Only allow your "verified" remote hosts to NAT to your internal IP address, all others can be blackholed. Generally, you let everything NAT but there is no technical reason you couldn't selectively NAT based on source. Regardless, you could NAT all and firewall all IPs with a "deny any any" logic, which would accomplish the same end result. What you're not actually interested in is IP spoofing.

[Bassiswild]

I have not used any hardware Firewalls. I have tried Blackice but I was not to fond of it. I currently use Norton and Zone Alarm. Another program I had tried was McAfee Guard Dog Firewall that program was a big pain.