Home firewall solution - poll

[oraldlight]

What firewall solution do you run at home/non-commercially?

Looking to update my existing dedicated FW and interested in who's running what/ and why?

 

[sdotbrucato]

Untangle. Both in the home, and in the office.

 

[Vito_Corleone]

Other - Cisco ASA 5505 and Cisco 871

 

[Freezebyte]

Other- My dlink router. I hate software firewall crap.

 

[YeOldeStonecat]

Should edit poll and add the more common choice..."Retail brand NAT router"...which would probably be the most popular.

I change very few months..just to try new things. Mostly been running on PFSense for quite some time now though. Prefer to stick with various *nix router distros.

 

[Nenu]

I'm using a router with Stateful Packet Inspection, Comodo Firewall and Protowall/BLM to block all the bad places on the web that have been discovered.

When I move to Windows 7 x64, it looks like Protowall will be no use (its no use on XP 64 or Vista 64) so I will be implementing a mini itx PC and IPCop instead to block using the same blocklists I use for Protowall.
Comodo all the way for Desktop Firewall though, the Vista version works fine on Windows 7 32bit, not tested 64bit yet.

 

[requiemnoise]

well.. it can be other or IPCop and Smoothwall. I manually use IPtables. Why? It is nothing to do with being more geeky or trying to learn the advance features of Linux firewall. Iptables becomes really powerful when you combine with custom scripts to read from your /var/log.

For example. You want to block attempts from an ip address for FTP for 6 tries, but 50 tries for http.

 

[marley1]

buffalo wireless router, dont reallyseem to need more at home.

freedom9 at work

 

[fibroptikl]

WRT54G v4 w/ Tomato 1.23

 

[oraldlight]

Should edit poll and add the more common choice..."Retail brand NAT router"...which would probably be the most popular.

I change very few months..just to try new things. Mostly been running on PFSense for quite some time now though. Prefer to stick with various *nix router distros.

Exactly why I'm asking.... Curious if the general populous uses ready made/supplied FW or if pupose built FW is more common.

With Comcast lookign to limit Interporn volume, it's time for a report of some sot. IPCop, doesn't have what I'm looking for.

 

[|CMF|SoulAssassin]

Untangle. Both in the home, and in the office.

how is this working out for you?

I've tried the V5.3 I believe and was way to laggy for me on a 2.8 GHZ Pentium 4 computer running Windows XP 1 Gig of Ram. I'm about to try the stand alone Version 6.0 see if thats any better

 

[Gott]

Using IPCop currently. I really would like to try out pfSense but my Intel NICs aren't being recognized but I think I know what the problem is. When I get around to it I'm going to load pfSense again and hopefully get it working.

 

[sdotbrucato]

how is this working out for you?

I've tried the V5.3 I believe and was way to laggy for me on a 2.8 GHZ Pentium 4 computer running Windows XP 1 Gig of Ram. I'm about to try the stand alone Version 6.0 see if thats any better

Running v6 at home and in the office. My home router is an old AMD 3000+, with 2GB DDR2. Supporting 6 users and 17 machines. It's running awesome at home.

In the office I'm running a Dell R200. supporting 15 users on a Gb network. Havent experienced any issues.

 

[TechieSooner]

Should edit poll and add the more common choice..."Retail brand NAT router"...which would probably be the most popular

Yep, QFT.

For home users, that's essentially all you need. I've got a WRT54G with Tomato firmware installed, at the house. Spam isn't really an issue, and NAT prevents most all of the intrusion attempts since I don't have any incoming ports allowed in, just the outgoing stuff.

Add to that Vista's firewalls and it's pretty darn secure solution.


In the office it's Untangle all the way though.

 

[Orinthical]

Right now? I am running a DIR-655 at home day-to-day but swap it out with a SFF box from time to time to test new distros. Favorite distro? PFSense has come a long way and has my vote right now but Untangle is awesome should you have a box that can run it smoothly.

 

[Private Citizen]

Fortigate 50A

 

[Grentz]

I change a lot between open source firewall distros, right now I am loving Endian.

 

[dandragonrage]

pfSense. Might run pfSense and Untangle both soon. I'd run just Untangle if they would improve their traffic shaping.

 

[YeOldeStonecat]

I change a lot between open source firewall distros, right now I am loving Endian.

It is quite the slick distro. I used it at a few clients before I found Untangle.
Albeit Untangle is a bit overkill for home usage.

 

[TechieSooner]

It is quite the slick distro. I used it at a few clients before I found Untangle.
Albeit Untangle is a bit overkill for home usage.

Yea but easy as can be to setup. And IIRC there's not all the features in the distros (like PFSense) included by default as there is in Untangle.

I'm all about the simple + easy

If it means I spend less time screwing with getting it up and running, AND it's a great product, I'm all for it.

 

[YeOldeStonecat]

Yea but easy as can be to setup. And IIRC there's not all the features in the distros (like PFSense) included by default as there is in Untangle.

I'm all about the simple + easy

If it means I spend less time screwing with getting it up and running, AND it's a great product, I'm all for it.

Yup the install routine is quite easy. I guess by "overkill"..I meant more along the lines of a machine with "horsepower" to run it. I'm more pleased with a very small footprint box with low noise and low AC consumption..and PFSense on my old 14" T22 thinkpad does that well. Plus the QoS features..for home use..online gaming....nothing better!

I love Untangle..believe me, so much I signed up as a reseller a year ago..I have it at quite a few clients. I actually have it at home too....on a 1U IBM X-335 server..dual Xeons, hot swap RAID 1, etc. I just don't run it full time..only occasionally to dork around or check out the latest version. I don't want this monster running 24x7 though on my bill.

 

[Nenu]

Oh yeah, forgot to mention, I also use Sandboxie to sandbox my Browser.
Absolutely invaluable, I've had a few occasions when my browser has shafted itself really badly through something on the web.
Simply deleting the Sandbox contents puts me back to a completely fresh state

 

[Grentz]

Yup the install routine is quite easy. I guess by "overkill"..I meant more along the lines of a machine with "horsepower" to run it. I'm more pleased with a very small footprint box with low noise and low AC consumption..and PFSense on my old 14" T22 thinkpad does that well. Plus the QoS features..for home use..online gaming....nothing better!

I love Untangle..believe me, so much I signed up as a reseller a year ago..I have it at quite a few clients. I actually have it at home too....on a 1U IBM X-335 server..dual Xeons, hot swap RAID 1, etc. I just don't run it full time..only occasionally to dork around or check out the latest version. I don't want this monster running 24x7 though on my bill.

Exactly, Untangle is nice, but horsepower hungry which tends to make it overkill for home use. Great for business use though.

 

[BigD1108]

I use Untangle at home on a random Athlon 2.0GHz machine with a gig of RAM. Dropped a NIC card in there, works like a charm.

 

[sh0rty]

bump for great read!!!

 

[Cheetoz]

I found IPcop my favorite, but once the computer died, I tried pfsense since everyone here liked it. I still hated it as the first time i tried it. I'm sure my reply-less thread on setting things up on pfsense is floating about.

I decided to give endian a try, as it was the first firewall i tried years ago. I am LOVING the new interface. It is currently my favorite, although IPcop is a close second due to the large amount of mods and features it can have.

 

[Phantoms]

Windows built in firewall and my Router.

 

[LittleMe]

I picked other because I run a mix. I have a Untangle box that sits infront of my pFsense box. Maybe overkill for home but works great for me.

 

[crazyjeeper]

Windows built in and Peer Guardian 2.

 

[Grentz]

Windows built in and Peer Guardian 2.

You do realize that is not a firewall, just an ip blocker, correct?

 

[YeOldeStonecat]

I decided to give endian a try, as it was the first firewall i tried years ago. I am LOVING the new interface. It is currently my favorite, although IPcop is a close second due to the large amount of mods and features it can have.

Endian is built on top of IPCop, combined with the Copfilter add-in...plus a couple of other things.

 

[Nenu]

Windows built in and Peer Guardian 2.

Hey thanks tons, I didnt know version 2 was out !
Before this, Protowall was the only option for XP32 or Vista32 but doesnt work on any 64bit OS.
Vista32 support is also limited with Protowall as you cant view blocked connections.
I have wanted to upgrade to Vista64 (now Windows7 64 ) but this was my main stumbling block - no decent IP blocker.

For those interested:
PG2 supports XP32/64 and now Vista 32/64.
The beta Peerguardian 2-RC1 gives Vista support that maybe works on Windows 7 !
What a refresher.

http://forums.phoenixlabs.org/showthread.php?t=17880&highlight=vista

PG2 RC1 test2 "should" work in Windows 7 x86 and x64.

Driver signing enforcement is in Windows 7 x64 same as Vista x64. Not sure if Ready Driver Plus will work in Windows 7. I have Windows 7 x64 and will be installing it sometime in the near future. So try using the manual F8 boot or Ready Driver Plus. I am not sure if Ready Driver Plus will work correctly with Windows 7. I guess if you try it and it screws something up all you will have to do is install a fresh copy of Win 7.

To counter the claim that this isnt a firewall...

It is not a full Firewall but is an additional Firewall method you can use in conjunction with your own firewall.
Any IP on the blocklist cannot get access to your PC, period.
Pretty effective Firewalling for known bad IPs

 

[jonniefive]

Nice thread!

I have Smoothwall running on an old P4 box, like it a lot, mainly b/c it was easy to setup. I have really no experience with networking etc... But I am learning. I may have to give Endian a try some day...

 

[rkf76]

Vista firewall + TRENDnet TEW-633GR router firewall

 

[Jgedeon]

Untangle here.

 

[Grentz]

Endian is built on top of IPCop, combined with the Copfilter add-in...plus a couple of other things.

Just a slight correction, a bit knit picky but just to inform, Endian was originally built upon IPCop (which was built upon Smoothwall), but Endian has now been redone and rebuilt for scratch.

 

[thefordmccord]

I run a smoothwall at my house. It is on an old celeron 800 box and runs fine.

 

[Captain Colonoscopy]

Right now I am running Astaro Home 7.305. I keep flip flopping between Astaro and Untangle and I keep going back to Astaro, really love all the features and QoS is better I think. It also runs on lesser hardware.

I've also used Endian, ClarkConnect, PFsense, IPCop, SmoothWall and a few others. I always end up putting Astaro back on my firewall box . . . . .

 

[brom42]

I was an IPCop + Copfiler user for years. I switched to Endian about 6 months ago and have been loving that one too.

 

[Oneos]

I'm an EFW user myself. Haven't really had the motivation to try anything else since I'm happy with it. There have been one or two things I've nit pciked about, but nothing major.