Game Servers & Firewalls

NAiLs · Post by **NAiLs** » Mon Oct 31, 2005 11:36 pm

Alright, I've got my CS:S box up and running on Windows Server 2003 Enterprise Edition. Yes, it's legit!

I have a problem though. I put Sygate Personal Firewall on the box, and once there is traffic, it LOVES to suck up the CPU. This affects my game server's performance. Does anyone have any idea how to stop this or know of a good firewall that will not do this?

Server specs:
- Athlon XP 2800+
- 2x 1GB PC3200 DDR (Obviously running at PC2700 speeds)
- SCSI Setup... OS one drive, game servers another.
- ABit AN7 (I think... otherwise AN8... honestly don't remember right now)
- 100mbps Full Duplex Connection
- Windows Server 2003 Enterprise Edition w/ SP1

Any help or tips are appreciated!

-Brian

Dragon_Cooler · Post by **Dragon_Cooler** » Tue Nov 01, 2005 9:38 am

i would try Zone alarm. I have a server with 2003 that runs some game servers with a normal gateway/router (d-link). Normally if you open the port that is made for the game you shouldnt have to worry much about attackers on other ports. If they want in they will get in no matter what. But unless they are looking for something then you shouldnt have to worry much.

i wouldnt go with norton!!! either zone alarm. They also have deals where you can setup an extra computer like a pentium 1 or something as a firewall too. they use to be all over TechTV.

NAiLs · Post by **NAiLs** » Tue Nov 01, 2005 7:55 pm

Actually Symantec JUST bought Sygate, so their BS isn't programmed into the software yet. I cried when I saw that too.

I'm not too hot on ZoneAlarm just because of a horrible flaw in the free version that they absolutely refuse to fix because they say it isn't their problem. They claim it is a Microsoft operating system problem and not theirs, but yet the paid version fixes this problem.

Malicious code masquerading as a trusted application could trick a ZoneAlarm firewall into letting it connect to the Internet, security experts have warned.

The issue affects the popular free ZoneAlarm firewall and default installations of version 5.5 and earlier of the paid product, maker Zone Labs said in a security advisory on Thursday. Default installations of the Check Point Integrity Client are also affected, but the paid ZoneAlarm 6.0 products, released in July, are not, Zone Labs said.

Zone Labs has no current plans to update its free firewall product to protect against this issue, the company said. Its paid products offer protection against the problem because of additional technology, called an operating system firewall, that is not part of the free network firewall, LaCour said.

Link

Nobahar · Post by **Nobahar** » Tue Nov 01, 2005 9:50 pm

I use ISS Blackice, been using it for a long time- I believe it uses less system resources than the other ones, and it gets the job done-

I turn off application protection, it takes a decent scriptkiddie to be able to compromise my system enough to run something that needs to connect to the internet, I think the ap protection gets annoying more than it helps.

killswitch83 · Post by **killswitch83** » Tue Nov 01, 2005 11:41 pm

that's easy, if you have some decent, mid-end parts laying around, set up a home network and set-up that rig as the firewall with Sygate installed. Sygate eats up wayyyyyyyyy too much system resources once installed on a system, so I believe it prefers to be by itself...well it and the OS, duh, lol. Of course, me being a fan of Cisco products, a hardware firewall would be good too if you have a home network, especially one with wireless connectivity. But, if it's just the rig you want to protect, then yeah I would have to agree with BlackICE...it kicks arse, and I want to get ahold of a legit copy myself, lol.

kenc51 · Post by **kenc51** » Wed Nov 02, 2005 1:10 am

Have you tried Tiny Personal Firewall??? --> not supposed to use much resourses

Kerii · Post by **Kerii** » Wed Nov 09, 2005 11:32 pm

Ever consider using a cheap $10 router for a firewall?

Just by the very nature of how it works protects you against a lot of attacks, and even better if it has additional specific firewall features.

Works plenty well enough for me.

Not like it's a mission critical business server right?

NAiLs · Post by **NAiLs** » Wed Nov 09, 2005 11:57 pm

Kerii wrote:Ever consider using a cheap $10 router for a firewall?

Just by the very nature of how it works protects you against a lot of attacks, and even better if it has additional specific firewall features.

Works plenty well enough for me.

Not like it's a mission critical business server right?

I'm on a switched network which I have no right to put a router in the line unfortunately.

I'll be looking at the above two mentioned for sure!

Kerii · Post by **Kerii** » Thu Nov 10, 2005 12:23 am

How about Kerio Personal Firewall?

Free for personal use.

I tried using it before but it was just too technical and I was too lazy to try and learn it.

Kind of like XP's Control Panel compared to 2000's Control Panel.

Whichever one you used first will seem much simpler to use, and I had originally started with ZoneAlarm.

But yeah, heard a lot of good about it from more technically oriented aquaintances, but never got it to work. Maybe you'll be able to figure it out.