Skip to main content

firewall choices

More
21 years 1 month ago #1770 by bwana
firewall choices was created by bwana
A quick glance at the posts on this bbs shows most in favor of cisco pix, sonicwall, checkpoint.

What do these boxes have over a smoothwall or zone alarm pro that makes them better? Obviously I'm a layman (where do we get that word?), but im interested in setting up a box at home to keep my kids from irc and im. I currently use a netgear fvs318. I could block the ports (if i knew them) buti'd rather block everything and just allow port 80 on their machines. I've gone over to manual ip addressing so i could thus control specific machines (with dhcp, they'd get a new ip addy with reboot). I think i'll have to dump the netgear and use my old p3 with 2 nics in it. DSL->old p3 running smoothwall->netgear switch
>many boxes+wap.

what suggestions/thoughts/criticisms can you offer? I imagine this is a common problem so if you know that it's already been addressed in a faq, forgive me and point me to it.

tnx


stefan :roll:
More
21 years 1 month ago #1772 by sahirh
Replied by sahirh on topic Re: firewall choices
Hey bwana,
first off the Cisco PIX, Checkpoint and Sonicwall are usually considered enterprise level firewalls.. something like zonealarm is a personal firewall, designed to be used on each individual machine. It does not stand as a gateway between their machine and the outside host.

If you want to block IRC you could consider blocking port 6667-6669 outgoing connections, this will prevent them from accessing most IRC servers, otherwise if you wanna use a personal firewall, you can setup zonealarm not to allow mirc.exe (or whatever their irc client is) to access the internet, then you just password protect zonealarm and they can't shut it off or change the settings.

However, you say you want to allow only port 80.. remember that there are a lot of irc servers that let you use irc via a java applet right on their page.. most kids will figure this out within 20 minutes of finding irc blocked..

not to mention if your kids are savvy there are a million ways around that..

blocking instant messenger traffic is a bit easier, MSN Messenger connects to one of a few central servers, all you need to do is deny access to those IPs and they wont work. I'm really not sure of the IP range but I have found an article on blocking IM traffic
www.connect.more.net/lists/coor-connect/2002.10/0140.html

I'm actually quite interested in replies to this post, a lot of companies want IM traffic and IRC blocked and I would like to see someone share a complete ruleset that works, it would be beneficial to a lot of people on the board.. so if your company filters, then let us know what the filters are.

Then I can get round to posting how to get round the rules hehe ;)

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
21 years 1 month ago #1776 by tfs
Replied by tfs on topic Re: firewall choices
Linksys has a decent firewall for about $80.

Not sure about the IRC problem. They have plenty of options for port forwarding and DMZs, so I assume you should be able to set it up.

Thanks,

Tom
More
21 years 1 month ago #1780 by bwana
Replied by bwana on topic firewall
which linksys are you referring to? port blocking also exists on my netgear as well as port forwarding, but this does not restrict OUTBOUND access to a specific ip range. The closest my netgear comes is 'keyword blocking'.


The rules posted in the link referenced above, are IP ranges so i do not really know how useful they would be with my netgear fvs318. I guess I'll need to use my pentium3 box. Should I load smoothwall or clarkconnect on it?

Since I have a dsl connection with a dynamic ip, will i be able to put this box in between my dsl modem and the fvs318? If it cannot do ppoe, I'll have to put it behind the fvs318 and then put an 8 port switch behind that . That means spending MORE money. Maybe I'll just get the sonicwall soho3 and be done with it. Given that people are coding java so that everything runs in port 80, this firewall business is losing its usefulness.
More
21 years 1 month ago #1788 by sahirh
Replied by sahirh on topic Re: firewall choices

Given that people are coding java so that everything runs in port 80, this firewall business is losing its usefulness.


We're talking about an $80 solution... there would be far more options on a more full fledged firewall.. you could strip the java clean out of the webpages.

Anyway thats off the topic.

I'm pretty sure whatever form of firewall you're using you should be able to perform egress filtering (outbound traffic blocking)... if not then you could keyword filter for packets matching
/join #

that way they'd never be able to join an IRC channel. However thats a very random solution. The simplest thing is to just close up port 6667.

Is there no way you can lockdown the individual machines using ZoneAlarm ? That would really be effective.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
21 years 2 weeks ago #1922 by mafiozos_
Replied by mafiozos_ on topic firewall
what firewall is the best for me? i have a hp notebook P3 1,1 GHz with 256MB ram. i surf in internet and i use irc. thnx!
Time to create page: 0.141 seconds