- Joined
- Nov 4, 2005
- Messages
- 11,689 (1.73/day)
| System Name | Compy 386 |
|---|---|
| Processor | 7800X3D |
| Motherboard | Asus |
| Cooling | Air for now..... |
| Memory | 64 GB DDR5 6400Mhz |
| Video Card(s) | 7900XTX 310 Merc |
| Storage | Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning |
| Display(s) | 56" Samsung 4K HDR |
| Audio Device(s) | ATI HDMI |
| Mouse | Logitech MX518 |
| Keyboard | Razer |
| Software | A lot. |
| Benchmark Scores | Its fast. Enough. |
There have been quite a few people getting infected, and or having their personal data exploited. So I am creating a simple guide to hopefully show people how easy it is to lockdown a computer and prevent any sort of malicious activity from spoiling your good fun.
It will be a work in progress for awhile as there is alot to show, and I would like to eventually have it be a step by step procedure of how to.
For now just the basics and some tests to help show you where you are vounrable.
First up is Firewalls.
Hardware VS Software
The biggest differences I have seen in Hardware VS Software firewalls is.
The expense.
Setup time.
Ease of use.
Hardware does not tax a systems resources.
Ease of procuring software firewall.
Firewall Testing.
Most tests you will find on the internet about Firewalls are for software firewalls. Leak testing is a good example. I am currently unaware of Hardware firewalls that offer protection from the exploits that a USER can encounter by browsing or downloading the internet. For this a software firewall offers a large advantage provided it can pass the leak tests. For more information about leak testing your system or network please visit the site listed below, I have tried the leak tests on my personal choice and it has passed every one easily.
http://www.firewallleaktester.com/index.html
Try this for both your Hardware and Software firewalls and see what results you get. If you fail certain tests do not immediately blame the firewall, perhaps you have not configured it properly. I do not expect Hardware firewalls to pass some of those tests, and will test the ones at work. The Windows firewall that is included will not pass the majority of those test, and sometimes your Anti-Virus, Anti-Spyware or other malware detectors will catch the leak or fault before your Firewall does.
Does the fact that a hardware firewall will not offer some of the per user advantage mean that it is superior? Not a chance. I use Sonicwall firewalls at work and have a spare TZ-170 around here somewhere. If I am so inclined I only allow users to access pages that I approve, enforce content filters, permanently ban whole top level domains from being accessed. I can lock down the whole place. Hardware firewalls are great for a multi-user environment. They offer better blanket protection, better protection for people who are unaware of how firewalls work, and how to setup a software firewall properly. They are great for users who don't want to expend their system resources to make sure their system is running clean. They offer logging that can be e-mailed to yourself, or you can check. Most offer other services as well as firewall protection, such as user controlled Network Address Translation, the ability to setup your own secured domain, Secure VPN, packet inspection, and intrusion prevention.
What firewall to get?
For right now I am only going to review what I have, and am using. Others will have their own opinions, and feelings about this subject. I am not against the software or hardware that anyone else uses. But if you are going to suggest it, or put down what I have posted please give good reasons for doing so. Simply saying "It didn't work for me" is not a valid argument.
The first one up is Comodo Firewall Pro
http://www.comodo.com/
They offer much more than just a Firewall. I have experience that even when visiting questionable sites that will try to exploit your computer and install malware/trojans this program will prevent the file from being executed and able to do harm.
(Need to insert Pics Here)
As seen in the pictures above Comodo stops the leak tester before it can even get started. it also checks the "fingerprint" or digital signature of executable files to make sure that there has been no tampering. During this test I had to OK the installation and system hook that this test uses for its attempt. Even after having files in the system directory and loaded it was unable to thwart the firewall.
There are options below that allow you to select the file as a trusted application as shown below
, after this when a event occurs that could pose a risk a small window pops up in the corner like this.
If playing a game and the game causes one of these to pop up you will not see it, and it will not cause any problems from my experience.
Comodo Setup
This is the main screen after the installation.
As we look down the left side we can see the following. First up is system summary. This lets you know the status of the firewall. If there is a faulting or damaged component this will alert you. Next up is Network Defense, this shows the current connections by process, and direction of connection. In this box there is also a "stop all activities" this will shut down your network connection, useful if you have a program that keeps downloading, or a file that has bypassed the windows networking configuration. Some trojans and other malware will bypass the windows networking stack to connect, this operates at a lower level than the windows network stack completely shutting off all access.
Below this is a box that not every Firewall provides, Proactive Defense, this is the part of the firewall that checks for system access of malware, some of which is targeted at firewalls and anti-virus, it will end instances of your protection in a attempt to gain control over a system. As seen below there are active processes that have been approved, and files that are "waiting for your review". It is good to note that even when there are files waiting for review you don't have to check this every day as is obvious with my system.
They system only notes the new files and changed files, this way if there are problems or a infection that has spread to a file you can contain the file.
On the right side you can see where the firewall reports other useful information, such as a update being available, and you can click this link to download the new version. Next is the Traffic manager, it shows what processes are accessing the network, and what direction the connection is flowing. In the window shown Firefox is using 100% of the outbound connection, it changed shortly after to show a inbound connection. The % shown is not total connection speed, but what percentage of the connection is used by what process. So for that connection it is possible I was only using a small amount of the total bandwidth available. Next up is Tip of the Day, where you can learn things about your firewall, along with radio buttons to move through different tips.
At the top we see the following category's.
Summary, and that is the screen we are currently in.
Firewall, where you can control features of the firewall.
Defense+, where you can choose programs as trusted, and view other security settings.
Miscellaneous, Where you can manage different configurations and submit files.
Here are screenshots of each category.
For this Firewall I would give it a rating of 9/10.
Positives:
Free
Highly secure
Offers more security than just a firewall.
User editable rules.
Port Forwarding
Allows host system to act as gateway.
Small footprint
Negatives:
Hard to setup
Constant requests can get annoying
Next up will be Sonicwall Firewalls.
It will be a work in progress for awhile as there is alot to show, and I would like to eventually have it be a step by step procedure of how to.
For now just the basics and some tests to help show you where you are vounrable.
First up is Firewalls.
Hardware VS Software
The biggest differences I have seen in Hardware VS Software firewalls is.
The expense.
Setup time.
Ease of use.
Hardware does not tax a systems resources.
Ease of procuring software firewall.
Firewall Testing.
Most tests you will find on the internet about Firewalls are for software firewalls. Leak testing is a good example. I am currently unaware of Hardware firewalls that offer protection from the exploits that a USER can encounter by browsing or downloading the internet. For this a software firewall offers a large advantage provided it can pass the leak tests. For more information about leak testing your system or network please visit the site listed below, I have tried the leak tests on my personal choice and it has passed every one easily.
http://www.firewallleaktester.com/index.html
Try this for both your Hardware and Software firewalls and see what results you get. If you fail certain tests do not immediately blame the firewall, perhaps you have not configured it properly. I do not expect Hardware firewalls to pass some of those tests, and will test the ones at work. The Windows firewall that is included will not pass the majority of those test, and sometimes your Anti-Virus, Anti-Spyware or other malware detectors will catch the leak or fault before your Firewall does.
Does the fact that a hardware firewall will not offer some of the per user advantage mean that it is superior? Not a chance. I use Sonicwall firewalls at work and have a spare TZ-170 around here somewhere. If I am so inclined I only allow users to access pages that I approve, enforce content filters, permanently ban whole top level domains from being accessed. I can lock down the whole place. Hardware firewalls are great for a multi-user environment. They offer better blanket protection, better protection for people who are unaware of how firewalls work, and how to setup a software firewall properly. They are great for users who don't want to expend their system resources to make sure their system is running clean. They offer logging that can be e-mailed to yourself, or you can check. Most offer other services as well as firewall protection, such as user controlled Network Address Translation, the ability to setup your own secured domain, Secure VPN, packet inspection, and intrusion prevention.
What firewall to get?
For right now I am only going to review what I have, and am using. Others will have their own opinions, and feelings about this subject. I am not against the software or hardware that anyone else uses. But if you are going to suggest it, or put down what I have posted please give good reasons for doing so. Simply saying "It didn't work for me" is not a valid argument.
The first one up is Comodo Firewall Pro
http://www.comodo.com/
They offer much more than just a Firewall. I have experience that even when visiting questionable sites that will try to exploit your computer and install malware/trojans this program will prevent the file from being executed and able to do harm.
(Need to insert Pics Here)
As seen in the pictures above Comodo stops the leak tester before it can even get started. it also checks the "fingerprint" or digital signature of executable files to make sure that there has been no tampering. During this test I had to OK the installation and system hook that this test uses for its attempt. Even after having files in the system directory and loaded it was unable to thwart the firewall.
There are options below that allow you to select the file as a trusted application as shown below
If playing a game and the game causes one of these to pop up you will not see it, and it will not cause any problems from my experience.
Comodo Setup
This is the main screen after the installation.
As we look down the left side we can see the following. First up is system summary. This lets you know the status of the firewall. If there is a faulting or damaged component this will alert you. Next up is Network Defense, this shows the current connections by process, and direction of connection. In this box there is also a "stop all activities" this will shut down your network connection, useful if you have a program that keeps downloading, or a file that has bypassed the windows networking configuration. Some trojans and other malware will bypass the windows networking stack to connect, this operates at a lower level than the windows network stack completely shutting off all access.
Below this is a box that not every Firewall provides, Proactive Defense, this is the part of the firewall that checks for system access of malware, some of which is targeted at firewalls and anti-virus, it will end instances of your protection in a attempt to gain control over a system. As seen below there are active processes that have been approved, and files that are "waiting for your review". It is good to note that even when there are files waiting for review you don't have to check this every day as is obvious with my system.
They system only notes the new files and changed files, this way if there are problems or a infection that has spread to a file you can contain the file.On the right side you can see where the firewall reports other useful information, such as a update being available, and you can click this link to download the new version. Next is the Traffic manager, it shows what processes are accessing the network, and what direction the connection is flowing. In the window shown Firefox is using 100% of the outbound connection, it changed shortly after to show a inbound connection. The % shown is not total connection speed, but what percentage of the connection is used by what process. So for that connection it is possible I was only using a small amount of the total bandwidth available. Next up is Tip of the Day, where you can learn things about your firewall, along with radio buttons to move through different tips.
At the top we see the following category's.
Summary, and that is the screen we are currently in.
Firewall, where you can control features of the firewall.
Defense+, where you can choose programs as trusted, and view other security settings.
Miscellaneous, Where you can manage different configurations and submit files.
Here are screenshots of each category.
For this Firewall I would give it a rating of 9/10.
Positives:
Free
Highly secure
Offers more security than just a firewall.
User editable rules.
Port Forwarding
Allows host system to act as gateway.
Small footprint
Negatives:
Hard to setup
Constant requests can get annoying
Next up will be Sonicwall Firewalls.
Last edited:
