duel firewalls

[deanus]

im a bit paranoid about hackers etc, so can you run two different firewalls at the same time or do they screw with each other?

eg
norton and zone alarm
mcafee and whatever

[Aido]

Wouldn't imagine so on the same machine as they'd be fighting for control of the IP stack so it could get messy....

If you're that paranoid you could run two in parallel on different machines but to be honest there's not much point for the home user...

[deanus]

which is better then

norton2003

or zone alarm?

[abarthman]

deanus, like you, I'm a wee bit paranoid about internet security and I've had Norton PF and ZA pro running together for about a year without any problems whatsoever.

I also run NAV, The Cleaner, PestPatrol, adaware and trojan remover fairly regularly ... just for good measure!

[Aido]

A lot of the guys on here recommend Agnitum Outpost or something like that - I only ever used Smoothwall as a software firewall but that required a box to itself..

I once tried ZoneAlarm but it kept randomly blocking my DNS traffic so I ****ed it off eventually...

You can find Agnitum at www.agnitum.com

They have a basic featureset comparison at http://www.agnitum.com/php_scripts/compare.php

[tef89]

Been using Agnitum Outpost for a good long while and am totally happy with it in just about every way. I've also ran ZA with Outpost and although it does give a warning after install I've not personally experienced any problems.

[Aido]

just a quick question for those of you running two firewalls on the same box - do they both alert or is it random as to which alerts?

[tef89]

On mine only one will Aido - not sure how it decides initially (maybe order of installation) but the attack is stopped at the front facing firewall. As for allowing access then I have to allow the program thru both or simply block it at the rear facing one.

[neo2810]

You can run 2 fw's with no problem. What it does is means that your ports are sheathed with double protection. If a hacker manages to bypass one of the firewalls, he will still hit the second one. Generally at that point he will give up and move on . With regards to access alerts and rules, it depends which firewall is set as your primary TCP/IP scanner. You should be able to find this out in your TCP/IP properties. Otherwise, disable the TCP/IP scanning function on one of the fw's and just leave it as a port shield.

I use Tiny PF at the moment as a stand alone fw, and have never had any problems, but it is quite a difficult front-end to learn to set up. As long as you configure it properly, 1 fw is sufficient. Ensure you have an up-to-date virus checker as well, and any other progs you want to run checks on your system with (trojan detectors, ad-aware, Norton Cleensweep, etc). Alos want to turn off any network util's you are not using (NetBios, MS Print Sharing, etc) and either disable, or set to prompt Active-X controls.

There are many other things you can do to protect your system, but vigilance is above all the best. Usually, if your system is relatively protected, you will be skimmed past. Only if an agressive hacker has a reason to target your particular machine, will the strength of your protection become an issue.

Good luck tho