[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Firewall solution for Windows 2003 Server
- To: "Ondrej Krajicek" <krajicek@xxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Firewall solution for Windows 2003 Server
- From: "Lee" <cheekypeople@xxxxxxxxx>
- Date: Sat, 24 Apr 2004 21:48:01 +0100
Are you suggesting that the win2003 server will be the point of contact for
the Internet? is this a wise choice or just a product of your setup?
I dont like application layer firewalls, they fill me with dread, yes the
displays are nice , but that doesnt mean it cant be acheived elsewhere.
I would prefer to point you in the direction of Smoothwall, and IPCOP (both
are free) they run on small Pentium boxes , seperate to the win2003 server
and offer excellent protection and performance. You can even just setup a
nice FreeBSD box with simple ipchains packet filtering if needs be, but
those two suggested would be a nice set in the right direction.
Any ideas on amounts you have to spend? that obviously sways a decision
somewhat, but I still like to stay away from desktop application layer
firewalls.
Hope that helps.
Kind Regards
Lee @ STS
http://www.seethrusec.co.uk
Building Knowledge and Security..
----- Original Message -----
From: "Irwan Hadi" <irwanhadi@xxxxxxxxx>
To: "Ondrej Krajicek" <krajicek@xxxxxxxxxxx>
Cc: <full-disclosure@xxxxxxxxxxxxxxxx>
Sent: Saturday, April 24, 2004 8:44 PM
Subject: Re: [Full-Disclosure] Firewall solution for Windows 2003 Server
> On Sat, Apr 24, 2004 at 06:18:50PM +0200, Ondrej Krajicek wrote:
>
> > Greetings to all disclosers ;),
> >
> > I would like to see your opinion on currently available firewall
> > products for Windows Server 2003. I am looking for simple
> > firewall solution as an _additional_ protection measure
> > for our servers.
> >
> > We all surely know about poor Windows logging (when it comes
> > to information coverage). I want a simple packet filter
> > running as a service logging everything. I was happy with
> > Kerio Personal Firewall, but Kerio no longer supports
> > Windows servers with this product.
> >
> > I do not need router capabilities, just local packet filter.
> >
> > Could someone recommend me something? Preferably without,
> > nice overcomplicated GUI is not a requirement
> > (and I hope it could be avoided :).
>
> I'm using Visnetic Firewall (from deerfield.com) on all of my Windows
> servers, and probably on all of my Windows clients pretty soon. One thing
I
> like from Visnetic is:
> - It is just a packet filter. Doesn't do any application level filtering,
> which is a good thing for a server. Who would keep watching the console of
> the server for popup generated by a firewall asking "do you want to allow
> this application to send packets to that destination"
> - As far as I know, since it is simple, it hasn't had any security issues,
> like Zone Alarm did, Kerio did, and the funniest one was Blackice, which
was
> exploited by witty worm. My principle is, a firewall suppose to protect
the
> system it's protecting. If a firewall since it is made quite complex, with
> all kind of unnecessary features, then have some vulnerabilities in it,
which
> instead protecting its host now is threatening its host then what good
does
> it have?
> - It is now configurable both by GUI and command line
> - Has sequence number hardening and tarpit
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html