Firewall

[aanaravs]

I am looking for a good firewall for my laptop. I connect to the internet using a wireless card, so I probably need to secure my data too. Does anyone have any reccomedations?

[redwudz]

ZoneAlarm is popular. I use the hardware firewall in my router and the software firewall in SP2, along with Peerguardian. Was using Protowall, but it kept resetting.

[aanaravs]

I prefer not to use ZoneAlarm, since Premiere Pro has some compatibility issues with it. I will take a look into the others that you reccomended. Thanks.

[JSB]

Kerio Personal Firewall ..... use version 2.1.5 .... DO NOT use version 4.0 and higher (really crappy new engine).

read all about it here: Kerio

Here is the basic set of rules I would recommend... (The text file is prettly long so here is the overview. tpf.txt is the whole thing)

Code:

Rule 1 is the default rule of Tiny Firewall for loopback. 

Rule 2 - 3 are your NetBIOS blocks. Enter them as displayed. Even if you have removed NetBIOS from your Network applet, these will serve to "Notify" you of any attempts. (Of course, this assumes you are NOT legitimately using NetBIOS on your system.) 

Rule 4 - 5 allow any application to connect to your Domain Name Servers. If your ISP uses 4 different servers, yours may add and use more or less. 

Rule 6 - 10 are the balance of the ICMP rules. Enter them as displayed. 

Rule 11 blocks and logs every requests issued to your computer on common ports : FTP, HTTP, POP3, SMTP, Telnet, NetBios, etc. 

Rule 12 - 15 are more (AtGuard Default) rules. But you can use for Tiny Firewall now. Once the Trojan Port Blocking rules are activated, these can be deactivated or deleted as they provide duplicate coverage. (I don't use) 

Rule 16 - 17 are the Low and High Trojan Port Blocking rules. Make sure they are set to Log all occurrences. Later you can examine your logs for any programs that are legitimately trying to use these ports. High/Low Trojan Port Blocking rules are not required. But they do "enhance" security, at the cost of increased nuisance. (I don't use)

Rule 18 - 21 are the "application specific" rules. In general, you'll write one or two rules for each application that you want to access the internet.

Rule 22 blocks and logs every unwanted UDP/TCP requests issued from your PC (could be a trojan, a worm...), this rule disables the learning option (unknown outgoing request).

Rule 23 is the "Block Everything" rule. Enter it as shown but don't enable it until all of the "kinks" are out of your ruleset. Let the Rule Assistant (ask for action when no rule is found) work for you to show you where problems are occurring.

As you can see KPF is VERY configurable.... It can scare some ppl off. I really like calling rule 23 The Hammer. Sometimes when I install a new program, like P2P, i have to turn of the Hammer and then start the new program. None of the rules now match KPF, so KPF will ask me to accept ot deny the program. I will check "make a new rule" and accept. Then go into KPF and shuffle the new rule above the Hammer, then turn the Hammer back on.

Also I really like the MD5 signature feature. If a virus spoofs a program like Outlook Express, KPF know what OE's MD5 sig was and now it does not match. KPF stops the new program untill you say it is cool. Microsoft hotfixes will change MS programs and therefor change MD5 sigs... so do not be alarmed when KPF catches it. Just be mindful when it does happen, MD5's do not change out of thin air.

JSB

[makntraks]

I use nothing other than being behind my router....

Knock on "wood", I've never had a problem or issue...

YMMV,
makntraks

[bazooka]

I am behind a router as well.

That is all I use.

[aanaravs]

So far, I was behind a router too, but now I am getting my Inspiron XPS, so want to keep it as safe as possible. Thanks for the tips

[stiltman]

Firewall-1

[bazooka]

So far, I was behind a router too, but now I am getting my Inspiron XPS, so want to keep it as safe as possible. Thanks for the tips

It would be safe behind a router.

[Italic]

I use Sygate Personal 5.6 behind a router connection.
No leakages, no attacks in last 4 months !