RJARRRPCGP Posted February 23, 2006 Share Posted February 23, 2006 Just dump all that firewall stuff, setting it up for an home enviroment is just wasted time and also most worms now turn off firewalls directly so you won't even find out that you're unprotected.At the minimum, don't allow unused ports to be left wide open! Because a new virus can find a way to crash a Windows component! Link to comment Share on other sites More sharing options...
iCEhOT Posted February 23, 2006 Author Share Posted February 23, 2006 Yep tried outpost, tried kaspersky (which was complete and utter crap btw), had the same "interfaces" problem described originally, had next to no options, and although I tried this program a few months ago I *think* i recall that you either allowed net access or not, not server or client access etc...Outpost is ok, but buggy atm, that would be my second choice, although it has the problem of needing an expert rule for every program u want to have some access etc... Also the interface isnt the best...I'm not leaving any ports wide open, cos atm, i'm running a hardware firewall, and windows firewall so nothing can come in, I just have no outgoing protection right now, except for antivirus and antispyware etc.Nice to see though that I'm not the only one who thinks the current state of firewall software is pretty abismal! Link to comment Share on other sites More sharing options...
Andrew932 Posted February 23, 2006 Share Posted February 23, 2006 Try Kerio 2.1.5 version, never had any problems with it. I didn't like Zone alarm because it kept blocking me out of the internet. Link to comment Share on other sites More sharing options...
RogueSpear Posted February 23, 2006 Share Posted February 23, 2006 Try Kerio 2.1.5 version, never had any problems with it. I didn't like Zone alarm because it kept blocking me out of the internet.Believe it or not, this very old version of the freeware Kerio is about the best I've run. I thought that 2.1.5 wasn't available for download anymore in lieu of a newer version. Link to comment Share on other sites More sharing options...
WolfX2 Posted February 24, 2006 Share Posted February 24, 2006 its hard to know what software to trust! some of it is REALLY good and some of it is just a piece of crap that comes in a shiny box Link to comment Share on other sites More sharing options...
Andrew932 Posted February 25, 2006 Share Posted February 25, 2006 Try Kerio 2.1.5 version, never had any problems with it. I didn't like Zone alarm because it kept blocking me out of the internet.Believe it or not, this very old version of the freeware Kerio is about the best I've run. I thought that 2.1.5 wasn't available for download anymore in lieu of a newer version.I used it a couple of years ago when I got fed up with Zone Alarm. Kerio and AVG Free work great together. Unfortunately Kerio 2.1.5 is a bit out of date now and I doubt the protection is that good but it does Inbound/Outbound protection so it would easily be adequate I would had thought (excellent for PCs running 64MB RAM)http://pricelessware.org/thelist/sec.htm(Scroll down)Personally, I've got fed up with using Free software so I now use Norton Internet Security 2006. Not exactly the most recommended security software but it's just as good as anything else. (Although for some reason fails to detect a 6 month old MSN virus while AVG detects it) Link to comment Share on other sites More sharing options...
kurt476 Posted February 25, 2006 Share Posted February 25, 2006 Hi chilifrei64, i was woundering if you know anybudy els knows how to disable complete windows xp firewall so i can use outpost?they both seem to have a conflict or something. dose anybudy know? Link to comment Share on other sites More sharing options...
WolfX2 Posted February 25, 2006 Share Posted February 25, 2006 (edited) @kurt476 - 1.go start>run, then type in "services.msc" (without the quotes)2. Find "Windows Firewall/Internet Connection Sharing (ICS)"3. Right click it, then click properties4.Click the general tab5. under startup type select, "Disable"6. Click OK Edited February 25, 2006 by wolf74481 Link to comment Share on other sites More sharing options...
chilifrei64 Posted February 25, 2006 Share Posted February 25, 2006 that would be the easiest way.. or you can specify group policies to deploy that settings to multiple computers or GP has a setting to disable the firewall. Normally in my group policies, I will disable windows firewall and disable the service because it does tend to remove some lingering dependencies. Link to comment Share on other sites More sharing options...
DigeratiPrime Posted February 25, 2006 Share Posted February 25, 2006 (edited) Winpoochhttp://winpooch.free.fr/home/index.php1) remove default filters that allow anything to connect to internet 2) add custom filter that says block everything from connecting to internet3) add filter that says let firefox connect to any address on ports 80 and 443.[EDIT] I went ahead and posted a guide here:http://www.msfn.org/board/index.php?showtopic=68523 Edited February 25, 2006 by DigeratiPrime Link to comment Share on other sites More sharing options...
kurt476 Posted March 1, 2006 Share Posted March 1, 2006 Hi, chilifrei64 and every one els...that would be the easiest way.. or you can specify group policies to deploy that settings to multiple computers or GP has a setting to disable the firewall. Normally in my group policies, I will disable windows firewall and disable the service because it does tend to remove some lingering dependencies.How did you deploy gp for the windows firewall to be disabled?also if i reinstall windows xp with service pack 2 would there be away to have this done? Link to comment Share on other sites More sharing options...
chilifrei64 Posted March 1, 2006 Share Posted March 1, 2006 (edited) First create a group policy and lets call it WS_Windows_Firewall (That is my naming convention for Workstation Windows Firewall GP)Secondly we will apply it above the OU where the computers reside and leave security filtering to authenticated usersThirdly we will add a WMI Filter.-> From within Group Policy Management Console-> Right click on WMI Filters and select new-> Under Name lets call it PostSP2-> Under Queries add--> Select * from WIN32_OperatingSystem where ServicePackMajorVersion>=2 and Version='5.1.2600'-> Hit OKApply this WMI Filter to WS_Windows_Firewall (the selector box underneath security filtering)Fourthly lets right click on WS_Windows_Firewall and choose edit-> Navigate to Computer Configuration\Windows Settings\Security Settings\System Services\--> Select Windows Firewall/Internet connection Sharing--> Check "Define this policy--> Choose Disabled-> Hit OK-> Navigate to Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile--> Select "Windows Firewall: Protect All Network Connections--> Choose Disabled-> Hit OKLastly.. close out and your all done. This will disable the Windows Internet Connection Firewall Service on all computers running Windows XP SP2As far as re-installing and automating having it done.. I only do RIS OS Deployments, GP Software Deployments, and GP setting deployments..I don't normally mess with default settings on install.. for me.. once you join to the domain.. you get all the settings you need..As geeky as it sounds.. even my home network is this way.. I know nothing of applying custom reg settings through runonceExec or however that goes.. Domain all the way Edited March 1, 2006 by chilifrei64 Link to comment Share on other sites More sharing options...
kurt476 Posted March 1, 2006 Share Posted March 1, 2006 (edited) Hi, chilifrei64 is there away to export this to my unattended cd after that is done? Edited March 1, 2006 by kurt476 Link to comment Share on other sites More sharing options...
chilifrei64 Posted March 1, 2006 Share Posted March 1, 2006 (edited) Like I posed above. I dont do unattended installation stuff... All my stuff that I do gets pushed down via group policies Edited March 1, 2006 by chilifrei64 Link to comment Share on other sites More sharing options...
kurt476 Posted March 1, 2006 Share Posted March 1, 2006 dose anybudy els know how to export gp's? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now