Serious Discussion What firewall do you use? Which is the most complete and safe?

[tisko4]

What's your experience with Portmaster? How do you use it? Default, tweaked, etc?

i like very much the graphic UI
no login account , just free
select only quad9 for DNS ( maybe in the future +cloudflare )
filter lists add Deception
all other options are default

im not a power user that blocks everything , i like it , im good for now
also check

 

[Kubla]

Portmaster, the paid version with SPN - Safing Privacy Network is very interesting, I am going to do a little research on it. perhaps test it out for a month.

I used to use Cydec bubble browser, one of the things it could do was use a different VPN address per browser launch to do something similar to what this SPN does which is making you appear to be in multiple places at once. It was a very powerful anonymity software, perhaps to powerful as they have disappeared from the internet and I have been looking for something to replace that aspect of the software.

 

[tisko4]

Portmaster, the paid version with SPN - Safing Privacy Network is very interesting, I am going to do a little research on it. perhaps test it out for a month.

I used to use Cydec bubble browser, one of the things it could do was use a different VPN address per browser launch to do something similar to what this SPN does which is making you appear to be in multiple places at once. It was a very powerful anonymity software, perhaps to powerful as they have disappeared from the internet and I have been looking for something to replace that aspect of the software.

when the time come tell me your experience with the paid version

 

[Kubla]

FYI I installed Portmaster, rebooted, did the setup left it at default settings, and it broke my internet connection, nothing would connect then got a blue screen, rebooted again, and Brave browser was working but very slow, Edge could not connect to any website at all. I played around with it for about a half hour and could not get Edge to connect, had to give up for now and uninstall it.

I will try it again when I have more time, from what I have been reading the SPN can be set per app, so one can have specific browsers use it, and other browsers bypass it, almost like split tunneling where the browsers you use for banking, shopping, crypto transactions, social media etc.., connect normally and browsers for everything else can go through the SPN.

 

[oldschool]

FYI I installed Portmaster, rebooted, did the setup left it at default settings, and it broke my internet connection, nothing would connect then got a blue screen, rebooted again, and Brave browser was working but very slow, Edge could not connect to any website at all. I played around with it for about a half hour and could not get Edge to connect, had to give up for now and uninstall it.

I will try it again when I have more time, from what I have been reading the SPN can be set per app, so one can have specific browsers use it, and other browsers bypass it, almost like split tunneling where the browsers you use for banking, shopping, crypto transactions, social media etc.., connect normally and browsers for everything else can go through the SPN.

I tried it too and had problems immediately upon install, so Bye-bye Portmaster.

 

[wat0114]

Uncomplicated Firewall (UFW) for Linux, configured as default-deny in & out.



It has no application control but at least IP & Port control. Better than nothing.

On Windows 11 I use Andy ful's hardening tool to block LOLBins. Of course I'm also behind my ISP's NAT wireless router. I did setup its WANside & LANside DNS addresses to match UFW's.

 

[Victor M]

Hardware application layer deep packet inspection firewalls have been around for a long time. It is better than normal firewalls which can only deal with ip addresses and ports. Application layer firewalls understand the underlying network protocols. This tech has traditionally been expensive ($400+ eg Dell SonicWall ) but Ubiquiti has one called EdgeRouter X that costs only $69 (they have a different business model). It does not have wifi only Ethernet, but if you live in an apartment building then that should be considered a plus. Because an attacker with a portable router can over power your router, confiigure the same wifi name, and you will automatically connect to him rather than your own router. (and then your entire network gets hacked) I think their Wifi products have the same capability but I haven't checked.

Hardware firewalls also have another advantage: the attacker cannot erase the firewall's logs. So even when the attacker has gained admin control over your laptop and erased the local logs to cover his tracks, the logs on the firewall still reveals his presence.

That is not to say that Windows based firewalls are useless, they have their place. They can have rules for each application - which a hardware firewall cannot have. And they can have a Outbound default deny policy, where only known good specified apps can connect outbound. But that can be overcome.

Anyways, no technical security layer is ever 100% secure. All a defender can do is put in layers of it and hopefully stop the attacker at some layer. Good security requires monitoring and thus time and effort.

 

[Digmor Crusher]

Hardware application layer deep packet inspection firewalls have been around for a long time. It is better than normal firewalls which can only deal with ip addresses and ports. Application layer firewalls understand the underlying network protocols. This tech has traditionally been expensive ($400+ eg Dell SonicWall ) but Ubiquiti has one called EdgeRouter X that costs only $69 (they have a different business model). It does not have wifi only Ethernet, but if you live in an apartment building then that should be considered a plus. Because an attacker with a portable router can over power your router, confiigure the same wifi name, and you will automatically connect to him rather than your own router. (and then your entire network gets hacked) I think their Wifi products have the same capability but I haven't checked.

Hardware firewalls also have another advantage: the attacker cannot erase the firewall's logs. So even when the attacker has gained admin control over your laptop and erased the local logs to cover his tracks, the logs on the firewall still reveals his presence.

That is not to say that Windows based firewalls are useless, they have their place. They can have rules for each application - which a hardware firewall cannot have. And they can have a Outbound default deny policy, where only known good specified apps can connect outbound. But that can be overcome.

Anyways, no technical security layer is ever 100% secure. All a defender can do is put in layers of it and hopefully stop the attacker at some layer. Good security requires monitoring and thus time and effort.

A large majority of computer users do not have attackers. They are infected because they downloaded a program from a sketchy site, clicked on a link in an email, or fell for a phishing scam. If for any reason you do have an attacker such as your have a crypto account, are a politician or press employee, or you pissed someone off. If they are a competent hacker they will eventually get you if they want to.

 

[Trident]

I personally use at home the firewall that comes with my Virgin Media Hub 5 router and Check Point Harmony firewall at a software level.

Recently, Virgin Media added a light IPS to the hub 5.

Virgin Media O2 to offer enhanced security to Hub 5 customers | thinkbroadband

If you are a Virgin Media O2 customer with their Hub 5 hardware running your broadband you may be offered a place to trial a new Smart Security internet protection option.

www.thinkbroadband.com

It does seem to work.

 

[Nevi]

Portmaster, the paid version with SPN - Safing Privacy Network is very interesting, I am going to do a little research on it. perhaps test it out for a month.

I used to use Cydec bubble browser, one of the things it could do was use a different VPN address per browser launch to do something similar to what this SPN does which is making you appear to be in multiple places at once. It was a very powerful anonymity software, perhaps to powerful as they have disappeared from the internet and I have been looking for something to replace that aspect of the software.

I have tried the Portmaster firewall recently, and it's very light, and seems to do a lot of good things, if you are concerned about your privacy.

 

[Victor M]

@Digmor Crusher . Dear Ms. Crusher, I have a red team at my shop. We are professionals, no hard feelings involved. I agree, everybody thinks they are not targets. But hackers know no boundaries, I have personally known several hackers who I know hack 'ordinary' people. If they are curious about somebody, they'd hack them to dig around their computers. They may not inflict any damage. The victims may never know they were hacked. Sometimes, like you said, it is done for vengeance. And sometimes it's for political reasons. And nowadays for money. For me, I just do my job. I would throw together a test rig with new defenses, and my red team take a swing at cracking it. It's all a game, Ms. Crusher.