so...now here´s an article, in German, sorry@all

http://www.nabooisland.com/publications/pffaq/


maybe that mertsch going to Jump because he uses no PFW,too

Personally, I find that a combination of hardware and software is the safest way to go. For inbound detection (hackers) I use a SOHOware Broadguard NBG800 router with built-in hardware firewall. It is about the most inexpensive router out there that incorporates the "stateful packet inspection" mechanism and is bulletproof. My system can't even be pinged, let alone broken into.

On the outbound side, I use Norton Internet Security 2001. Any of the versions will work though and if you put it in MANUAL mode, you'll be amazed at how many processes actually do try and access the Internet (most of them are just checking for updates). In manual mode, you can pick and choose which one(s) you allow to access the outside world and create very specific rules that apply to them all (protocols and port numbers).

On the Broadguard router, I have it set up to email me whenever someone tries to break into my system. It doesn't happen very often but when it does, the router "learns" and after a few attempts, it permanently blocks the IP address of the offending hacker. In the case of on-line games or remote control software, it provides port-forwarding features that allow you to determine which port (and protocol) to pass [what you consider to be safe] packets to on any system connected to the router (it can handle up to 255 systems).

It's a broadband/DSL router, by the way, and is totally transparent once it's configured and running. You access it via 192.168.1.1 through a browser and it's a snap to set up. I have it connected to a Motorola SB5100 cable modem and I'm averaging around 3MB/sec on downloads, which is pretty good for Southern California. It's also a Domain Name Server (DNS) as well and I've got all the systems connected to it on static IPs.

So, if you want to cover ALL the bases (inbound as well as outbound), there's only one way to approach the problem --- use a router with built-in hardware firewall (for inbound attacks) and some sort of software firewall (like NIS) for applications/scripts/worms/etc. that attempt outbound connections (to whoever). Nothing will get in OR out without you knowing about it. Period.

Later.

Absolutely True. Software Protection is good, but the bottom line is, if they got to your system in the first place, then your security is already compromised.

I use a Cisco 837 ADSL Broadband Router. It has an excellent hardware firewall, as well as many other great features. Its not cheap, but in my line of work, I really can't afford to be cheap.

For software protection, I use NIS 2004 (Haven't upgraded to 2005 yet, maybe I will as a Christmas present to myself :wink: ). I have found that NIS offers the best all around protection. I have frequently tested others such as Black Ice, Sygate, McAfee and Zone Alarm, but in the end I always come back to NIS. It is a bit more complex than other firewalls to operate, but is the features that it offers can't be beat. Symantec is also the leader in antivirus protection, and NAV is included in the NIS package.

Incidentally, in case they have fixed it, Sygate does not properly protect all ports. I can't remember which that they left open, but any is too much for me to be satisfied.

Dear Dark Biene

I use the following..

AVG : http://www.grisoft.com/doc/5/lng/us/tpl/tpl01
BSpam : http://www.bspam.com/download_bspam.htm
Zone Alarm : http://www.zonelabs.com/store/content/home.jsp