on wednesday my norton firewall expires im just wondering if anyone can recomend a firewall what works with norton anti virus
:thumbsup: :thumbsup: :thumbsup:

zonelabs is always good as its free.

but i like McAfee Guardian.

if your using norton firewall and norton anti virus, norton again?

ZoneAlarm would be my choice too... most of the pro features are in other utilities... and to be honest I've had nothing but headaches with the norton firewall...

Alternatively, there is Sygate.

Alex

I use the free version of Sygate firewall and Norton Anti-virus. They work together well.

I found Zone Alarm ok but it is a bit trigger happy. Also slowed my connection down, never found out why. I'm currently using AVG for anti-virus and XP with SP2s builting firewall. Plus the firewall in my router. I consider myself moderately safe but not 100%

thanks for the advice ........... ive just downloaded zone alarm its only a temp thing til i get norton 2004 the weird thing is i got norton av and norton firewall at the same time feb 2003 and for some reason the av expires the 22nd of december strange eh lol:P

As mentioned above, ZoneAlarm is the biz.

We have it running on the gatewway PC, with NAT on, and also on each client PC.

The gateway is also running AVG antivirus (mostly for integration with our LAN software).

Each client PC also runs Norton AV.

We have had no problems with regards to performance of the respective machines.

Correct me if I'm wrong but doesn't Zone Alarm still have a number of security blunders?

Originally posted by J-Blaze
Correct me if I'm wrong but doesn't Zone Alarm still have a number of security blunders?
I remember there was something about that... IIRC though you had to get a trojan past the firewall to actually exploit the issue didn't you?

No I think that was an older one Martin, there's one where sending crafted packets can stop the firewall from working.

Also I'm sure there was a number of Buffer Overflow susceptibilities within Zone Alarm.

Originally posted by J-Blaze
No I think that was an older one Martin, there's one where sending crafted packets can stop the firewall from working.

Also I'm sure there was a number of Buffer Overflow susceptibilities within Zone Alarm.
I'll try and check that out later today... if you come across any references to that can you let me know...

Cheers.

Hi peeps,
went looking for software as my comp is ***@**d and was recomended Panda (over norton - by shop where I got computer from) anyone know what its like? and whether it will get rid of riruses already on computer? as well as acting as firewall

Originally posted by frankieboy
Hi peeps,
went looking for software as my comp is ***@**d and was recomended Panda (over norton - by shop where I got computer from) anyone know what its like? and whether it will get rid of riruses already on computer? as well as acting as firewall

Tried this (Panda AV) a couple of years ago, and it failed to offer protection to a degree where I had to re format my HD.

Vowed to never touch this SW again, and haven't!

I put the new ZoneAlarm on & had nothing but problems with it, plus it cannot be removed easily from your pc. When you try to remove it add/remove programmes, you get a error message telling you a file is missing.

I searched google & it seemed loads of people had the same problem. I'd be very wary if you are going to use it.

If you're using XP the SP2 has a decent firewall apparently but I'm no techie so I'll shut up now :D

To uninstall zone alarm when it says there`s a file missing try installing it again over the top of itself then reboot and uninstall it this worked for me, i tried what was then the latest version a couple of months ago and it spat the dummy out fine style but after finally uninstalling it and then going back to the previous version i`ve had no problems at all, if you do plan to reinstall it again afterwards delete the zone labs folder in c:/program files first.

I tried all that but couldn't get rid of it at all. Eventually got rid by deleting everything that contained Zone, Lab or ZA on my pc except for one file that logged all the websites I had been to. I couldn't get rid of that but it stopped all the problems I was having.

zone alarm is by far the best firewall to use and you can update norton or subscribe to norton so you dont have to buy new each yr

ZoneAlarm is probably one of the best as far as 'software based' firewalls are concerned. I'd suggest you consider a good security policy before a 'software' firewall. This obviously entails patching your operating system of choice, ensuring whoever is using the machine only opens 'safe' emails and downloads/runs 'safe' applications and switching from 'Internet Explorer' to either Mozila, FireFox or Opera.

Windows firewall under XP with SP2 seems reasonably reliable although ALL 'software' firewalls are open to attack from a non anti-virus protected machine (W32/Datom.worm disabled ZoneAlarm a few years back if I remember correctly (2002?)).

Your router (if on ADSL) may also have IPSec options available such as filtering ICMP ping requests and manual port filtering.

The next step up from this is a hardware based firewall solution (personally using SmoothWall (http://www.smoothwall.org) on a 150MHz machine with 2 nics and 16MB ram (all free :)).

ez.

Originally posted by m0nkey
ZoneAlarm is probably one of the best as far as 'software based' firewalls are concerned. I'd suggest you consider a good security policy before a 'software' firewall. This obviously entails patching your operating system of choice, ensuring whoever is using the machine only opens 'safe' emails and downloads/runs 'safe' applications and switching from 'Internet Explorer' to either Mozila, FireFox or Opera.

Windows firewall under XP with SP2 seems reasonably reliable although ALL 'software' firewalls are open to attack from a non anti-virus protected machine (W32/Datom.worm disabled ZoneAlarm a few years back if I remember correctly (2002?)).

Your router (if on ADSL) may also have IPSec options available such as filtering ICMP ping requests and manual port filtering.

The next step up from this is a hardware based firewall solution (personally using SmoothWall (http://www.smoothwall.org) on a 150MHz machine with 2 nics and 16MB ram (all free :)).

ez.

Dead on re. security policy! If your policy is good enough you can do away with firewalls, av, adaware and everything else for that matter as long as you stick to it! And switching to mozilla/firefox and thunderird is probably the best advice anyone can give re. improving your pc's security.

Smoothwall is good but is still a software firewall and runs on top of a Linux kernal which itself has had remote root vulnerabilities in near memory.
(oh, and acl's used to be really easy to map using ttl manipulation - not sure if that is any better now...?).

I don't have a problem with xp's firewall (reputably based on ipfw from bsd) as long as you don't want bells and whitsles. It's easy to set up, intergrated and free.

Originally posted by kilauea
Smoothwall is good but is still a software firewall and runs on top of a Linux kernal which itself has had remote root vulnerabilities in near memory.
(oh, and acl's used to be really easy to map using ttl manipulation - not sure if that is any better now...?).

True True it is software based but the distinction I wanted to make was really between a 'standalone environment' firewall and 'local environment' firewall ;) You'll not get the same throughput performance with a 'software' based solution like Smoothwall but its definately the next best thing before a Cisco box for me (TCO being the major factor).
I'm really not sure with regards to the TTL manipulation stuff your on about or how long ago that was an issue. Smoothwall is still subject to any flaws in the hardened kernal as is any other system (recently flaws in the Apache administration and mod_ssl). Alot of improvements were made when they launched Corporate Server being a commercial product. Obviously your firewall is your first line of defence against skiddies, patching the systems your firewall is supposed to be protecting and as we've already discussed the biggest dangers lie within the local network and its users.

Its supprising the number of corporate networks you can hookup a WAP un-noticed ;)