As far as firewalls go, I've run the gamut and the best one I've found so far is Zonelabs. Personally I prefer the Pro version rather than the free version, but it's truly a preference issue.
I didn't care for Norton Internet Security as it's simply a slightly updated version of AtGuard. The automatic rule generation was, in my opinion, way too lax. And the fact that any application with the name of an "authorized" app would immediately be granted access bugged me to no end.
PGP Desktop Security has an integrated firewall and IDS (Intrusion Detection System) but it's not exactly user-friendly.
Tiny was ok, but some people find it confusing.
BlackIce Defender isn't a firewall, to contradict their site. It's simply an IDS, nothing more. There is ZERO outbound security, which leaves you totally vulnerable to many trojan attacks, including the latest Sub7 which can be configured to use ANY port.
Zonelabs also works great if you've got a home network and want to use ICS - there's a specific setting just for that purpose.
There's a complete review section on
that will give you some more ideas, and you can scan your own machine while you're there so you know just how badly you're exposed to the script kiddies and other little haxor wannabes out there.
also has a port scanner you can use to see what's being exposed on your machine - and those of you running Windows 2000 will be AMAZED at what's open.
If you've got a drive shared and you're on cable/DSL, to not have some kind of firewall protection is suicidal.
I had a little script kiddie one day decided to sub7 ping my box. My firewall caught it and alerted me. Since I was sitting at the box I decided to run my handy dandy network sniffer to see just what Junior Hacker was running on his own machine.
Within 30 seconds I got quite a surprise. The person on the other end not only had a myriad of ports open on their machine, but was open enough that I was able to get a machine name AND HIS NAME. He lived in Montreal, CA. A search in the Canadian 411 website showed only 1 person with that last name.
A quick edit of the hosts file and a net send later and a nice little message pops up on junior's screen with his own name, phone number, address, and a second cute little note regarding his peril should he continue his trojan scanning.
Pinging his machine less than 10 seconds later showed he'd completely shut his computer down.
The logs were sent to his provider and he no longer has that expensive DSL connection he paid for. They were curious about just how I knew their customer's name. When I explained how that one was accomplished there was a goodly amount of laughter.
The entire exchange lasted maybe 5 minutes, including the time it took me to reverse-engineer the information to a point where I could positively identify him.
Scary, huh? I was actually able to narrow him down to a single user, name, address, and everything, to the exclusion of all others, in less than 5 minutes. Now just think about that happening to you by someone who has darker motives.
Zonelabs url one more time:
And no, I will NOT tell you what network tools I used, so don't ask
