Hi,

I need a small but fast Personal Firewall , small fingerprinting and not much features.

Help

10x Guys

Painkiller

What are your needs

rule or app based,
for what os
what is important to you



I'd look at

Jetico - hard to config
LNS - easy to config - but paid
Comodo - good but not a fav of mine
Outpost - paid - turn off plugins and logging



But answer depends on what you want and how you will use it - best is different for different people

-{ Quote: "Hi,

I need a small but fast Personal Firewall , small fingerprinting and not much features.

Help

10x Guys

Painkiller" }-

Look N Stop (not free)

Kerio 2.1.5


There are others that fit into this category but these are the 2 that I have used, currently using Online Armor + FW (beta), another firewall which DEFINITELY fits this category, except for being free.

As for features, depends on what you are looking for, most firewalls come with some type of feature (antispyware,HIPS) but can be turned off.

L n S and Kerio 2.1.5 are just basic firewalls with out all the bells and whistles of some of the others

Comodo free or
Older versions of Zone Alarm 4.5 or 5.5. Can still be found free around the net.
Currently running ZA free 5.5 on my resource deprived laptop connected via wireless to a LAN. Total mem. usage for two processes loaded by ZA 10,004K with 0 processor load.
DISCLAIMER;As always, results may\will vary from PC to PC due to different hardware, software configurations.

I tried 1st ZA, even the suite which is great, then Kerio, also good, but there were things that bugged me (i don't remember what, long time).
Both great but limited free versions, to my knowledge. Now i'm for Comodo all the way! I think it passes all the leaktests, when it didn't they were more than effective updating.
As for others i don't know.

so do you know where i can download the Kerio 2.1.5 ... it's long gone ... but small and fast ...

i dont need application control, only small FW for my work PC ...

i'm using sygate but it's latency is harsh :-( .... does Kerio 2.1.5 is better ?

10x Guys
Painkiller

Hello,
You can find Kerio 2.1.5 here (http://321download.com/LastFreeware/page7.html#Kerio%20Personal%20Firewall) :)

Just would like to add, if you want to use Kerio 2.1.5 there is some information here at Wilders that was very helpful to me when I first started using the firewall here
http://www.wilderssecurity.com/showthread.php?t=135983&highlight=Kerio+2.1.5+obsolete
page 3 of this thread has some useful info

Also there is more information and you can start off by using BlitzenZeus rule set here http://www.dslreports.com/forum/remark,8023708

I started off with this rule set than adjusted it when I started getting a better understanding of the firewall.

10x guys

How about the newer Sunbelt Kerio firewall? I think it's simple and unbloated.

Filseclab is another firewall that is free and light.

I like the Kerio 2.1.6. Nice and light. I learnt a few things about firewalls and the rules involved- that was very rewarding. I use the free SSM with it. Together they are a great combination.

12fw

-{ Quote: "Filseclab is another firewall that is free and light." }-
and it is as easy to set up comodo

Kerio 2.1.5 is the firewall I use for outbound alerts as I am behind a Nat Router. I do not claim to know a lot about the packet checks and the rules making in firewalls.

I know this, it alerts me to what program wants out. I can then make the choice to allow or disallow. Kerio is an excellent firewall for this purpose. Becuase it is free and light. It serves it's purpose for me. ;)

Comodo is the next one I would consider. :thumb:

I'd have to suggest you get look'n'stop, its very light and very stable. Sure you have to pay for a license but its a one time fee and the license doesn't need renewing.

-{ Quote: "I'd have to suggest you get look'n'stop, its very light and very stable. Sure you have to pay for a license but its a one time fee and the license doesn't need renewing." }-


I've got to ask the obvious: you recommend L&S -- OK -- but you are using Ghost for your *own* security. As I understand, Ghost is also free, is it not? So if you are using Ghost, why not recommend *it*??

Just curious...


SS



//

Hi everybody,

I need a personal firewall ( Freeware ) which can take care of incoming traffic and which is also light.

-{ Quote: "Hi everybody,

I need a personal firewall ( Freeware ) which can take care of incoming traffic and which is also light." }-

If that is all you want then all you have to do is activate the firewall built in to windows XP SP2 no need for a third party firewall. you have already paid for it once and wont add anything to your system resource usage as far as I know.

Well, I have installed Jetico and it is one of the best choices I have ever done...fast and efficient.... btw, look at this test http://www.firewallleaktester.com/tests_overview.php

And its completely free, you may use it even in your company or wherever (use fully finished version 1, version 2 is in development )

not to nag you guys with Comodo, but the version in that link is very old.
The current version is 2.3.6.81 . And maybe the same applies to others

-{ Quote: "How about the newer Sunbelt Kerio firewall? I think it's simple and unbloated." }-


From this thread, the Kerio firewall was seen to use over 100 MB of memory. That seems to be quite resource intensive, IMHO.

http://www.wilderssecurity.com/showthread.php?t=153176

-{ Quote: "Hi everybody,

I need a personal firewall ( Freeware ) which can take care of incoming traffic and which is also light." }-

One free program is Ghostwall that you can get at ghostsecurity.com

-{ Quote: "I've got to ask the obvious: you recommend L&S -- OK -- but you are using Ghost for your *own* security. As I understand, Ghost is also free, is it not? So if you are using Ghost, why not recommend *it*??

Just curious...


SS



//" }-
Well i was using ghost security's appdefend combined with my hardware firewall while waiting for agnitum to sort out a few problems with outpost. Now that some problems have been fixed i'm back with outpost pro 4.

I didn't mention ghost security suite as its not a firewall. But yes, appdefend combined with ghostwall would be a possible freeware solution. I have never used the freeware version of appdefend so i don't know how effectibe it is.

I use outpost pro 4 on this computer as it is fast enough to handle it. However on my slower computer i use LnS as its stable, secure and very light.

Previously I used Zonealarm Free and it works just fine. But the main problem with it is that it is resources and memory intensive. It can really slow down your PC a bit.

Now I am using Ghostwall and it is really as wonderful piece of software. It is very compact and it has better "Out-of-the-box" performance compared to other free firewalls. If your computer has no special requirements for surfing the net, the only config that you may add is the Port 0-1 block rule. BUT this firewall is not an HIPS and doesn't detect applications network activities. You can use Appdefend for that BUT you may just have a good antivirus for the detection of such malicious programs...Avira free will do...

Oh by the way, Avira's firewall is also good but not free...

-{ Quote: "Well i was using ghost security's appdefend combined with my hardware firewall while waiting for agnitum to sort out a few problems with outpost. Now that some problems have been fixed i'm back with outpost pro 4.

I didn't mention ghost security suite as its not a firewall. But yes, appdefend combined with ghostwall would be a possible freeware solution. I have never used the freeware version of appdefend so i don't know how effectibe it is.

I use outpost pro 4 on this computer as it is fast enough to handle it. However on my slower computer i use LnS as its stable, secure and very light." }-




Thanks for the explanation. Makes sense.

I tried Outpost 4.x last week. Although it looked very nice and I liked the kinds of protection it affords, my computer had serious problems with it -- system freezes, a few BSODs (God, I hate those), and general crankiness. So I uninstalled it.

I'm running NOD32 and also SpySweeper w/ av turned off (both paid). The Outpost I downloaded a month ago just didn't get along with SpSwpr, apparantly. Since I'd already paid for the latter I opted to let Outpost go, even though I liked it very much.

I'm now running Sunbelt Kerio 4.3. No stablitiy probs. It has a HIPS, a NIPS, and a Behavior Blocker -- all stuff that OA, SSM, and other system controllers/protectors have.

One point though: the three Kerio processes combined burns *at least* 30 megs of RAM, and this has gone up to 115 megs when many (~30) tabs are open on my Firefox browser and T-bird is also running.

I guess that's for all the extra-curricular work the entire 4.3 app is doing (packet filtering, network monitoring, system monitoring/protecting, etc.).

My question: I'm using an almost brand new IBM T60p, dual core 2.00 ghz, with 2 gb of RAM. So, I'm not exactly starving for RAM or processor speed. Do you think this SunbltKer 4.3 is a better idea than purely dedicated coverages -- a simple firewall for packet filtering, another app for system monitoring and control, something else for behavior analysis??

I'm definitely going to keep NOD32, and I'm going to keep SpSwpr (but probably not in full-out mode). I also sit behind a D-link (NAT) router, hard-wired, but I do go out on the road a fair amount and use airport and other foreign connections.

What's your recommendation for my system protection from mostly internet-borne malicious vectors??


Sam


//

-{ Quote: "From this thread, the Kerio firewall was seen to use over 100 MB of memory. That seems to be quite resource intensive, IMHO.

http://www.wilderssecurity.com/showthread.php?t=153176" }-


Yep, I'll confirm that. I've got this Sunbelt Kerio 4.3 firewall/system protection app -- because it is much *more* than a simple firewall -- running on my machine.

It starts up using no less than 29 mb of RAM under three separate processes, then it has gone up to over 115 mb when I run Firefox w/ many tabs open, T-bird w/ a big cache of emails, and maybe a few other things.

It is doing *much* more than simple firewall packet-filtering duty; it has a HIPS, a NIPS, and a Behavior blocker -- probably like OA, SSM, and others have, more or less.

My question, though, is: how much total RAM do you people use with *all* your firewall/system monitoring/system controlling apps -- not including anti-virus?? For example, if you run a simple firewall, like LnS or Kerio 2.15, or some other, plus SSM, OA, Cyberhawk, and/or others, how much total RAM are you using for this combined "layered" protection??

This seems to be the bottom line -- how much resource is necessary to get the desired level of protection??

Sam


//

-{ Quote: "My question, though, is: how much total RAM do you people use with *all* your firewall/system monitoring/system controlling apps -- not including anti-virus?? For example, if you run a simple firewall, like LnS or Kerio 2.15, or some other, plus SSM, OA, Cyberhawk, and/or others, how much total RAM are you using for this combined "layered" protection??" }-

I made a recent calculation yesterday.
With avast antivirus (that takes most) and kerio 2.1.5 and SSM 2.0.8.583 free my system takes 32 MB.
That was only a snapshot, since avast at times consumes RAM as it pleases, but not often. Above is the usual normal status.

I excluded SnoopFree since I uninstalled it after having found a conflict that may be not so serious with partmgr.sys in these wilders thread. Might add it back and then 4.4 MB more.

EDIT
Without antivirus, 15 MB or less.
I did try Sunbelt Kerio a few months ago, maybe 3. It did not take anywhere 100 MB, more like 35 MB, but it was unstable for me and unreliable in logging and alerts among other things. Maybe cause it was unstable for me, I never saw the memory usage grow as high, until BSOD and uninstall.

-{ Quote: "I made a recent calculation yesterday.
With avast antivirus (that takes most) and kerio 2.1.5 and SSM 2.0.8.583 free my system takes 32 MB.

That's what my SKer 4.3 uses at "idle", just after boot-up and before loading any browsers. As soon as I start using the browsers (FFox and Tbird) the usage climbs and keeps climbing -- up to 115 mb.


I did try Sunbelt Kerio a few months ago, maybe 3. It did not take anywhere 100 MB, more like 35 MB, " }-

Curious about you system: how many mb of memory? cpu speed?

I have a theory that apps check to see how much system memory is available, and if there is a lot, the apps will access it; if there is less, they won't but (perhaps) page some of their usage onto the hard drive (?? Does this sound plausible??)

Sam

//

Well, I think avast uses at times memory available more. And if not available, could be satisfied with lerss. Some apps like firewalls are more steady, excluding your notorious Kerio 4, lol.

I have 512 MB ram, 2400 mhz amd athlon cpu.

If one is behind a router, GeSWALL combined with a good AV like KAV, Active Virus Shield, Avast, Nod etc. should be good enough protection.

-{ Quote: "If one is behind a router, GeSWALL combined with a good AV like KAV, Active Virus Shield, Avast, Nod etc. should be good enough protection." }-

People don't say good things about that "firewall" :ouch:

-{ Quote: "If one is behind a router, GeSWALL combined with a good AV like KAV, Active Virus Shield, Avast, Nod etc. should be good enough protection." }-

I tried Geswall but it is hard to configure...It functions differently compared to others and for a novice users this will be hard for them...

Hello,
I would suggest Sygate.
Mrk

GeSWall is not hard to configure. In fact, you don't need to configure. Just read what they have to say on the website and the manual, and you'll see what i mean. And you won't read too much, don't worry on wasting time. It will be quick.

-{ Quote: "I'd have to suggest you get look'n'stop, its very light and very stable. Sure you have to pay for a license but its a one time fee and the license doesn't need renewing." }-
it wasn't so stable for me
with Kerio 2.15 no problemo

-{ Quote: "Hello,
I would suggest Sygate.
Mrk" }-
I like Sygate and still use it on two of my machines.

-{ Quote: "I made a recent calculation yesterday.
With avast antivirus (that takes most) and kerio 2.1.5 and SSM 2.0.8.583 free my system takes 32 MB.
That was only a snapshot, since avast at times consumes RAM as it pleases, but not often. Above is the usual normal status.

I excluded SnoopFree since I uninstalled it after having found a conflict that may be not so serious with partmgr.sys in these wilders thread. Might add it back and then 4.4 MB more.

EDIT
Without antivirus, 15 MB or less.
I did try Sunbelt Kerio a few months ago, maybe 3. It did not take anywhere 100 MB, more like 35 MB, but it was unstable for me and unreliable in logging and alerts among other things. Maybe cause it was unstable for me, I never saw the memory usage grow as high, until BSOD and uninstall." }-


I wonder if that has to do with what apps and open connections you/anyone has at a given time.

For example, when I used Ker 4.3, at start up the three processes use about 7, 8, and 11 mb -- total about 26 mb. But when I open my email and web browsers, the total mb usage climbs steadily. With imap (one account) and pop (four accounts) open, and with twenty or so tabs open in my web browser, Kerio is using up 32, 37, and 46 mb of RAM.

She ran stable as a rock, but resource usage was way high.

I tried Comodo for the 2nd time, and with less restrictive settings on packet inspections my browsing speed was fine.

Then after reading about Jetico and seeing its results on the Firewalker test site, I decided to give it a whirl. So far so good. I haven't done much tweaking, but I set the default at "optimal protection" -- I hope that means what it says!!

:)

Now I guess I've got to learn about making rules. (But *time* is an issue there.)

I tried Comodo Firewall and it didnt like AVG which I dont want to change.

with all do respect, I dont get Kerio 2.1.5, why ppl using something that its maker doesnt support it anymore.

Hello,

Why do you need official support? You still have forums all over the place where you can get help for any which product.

About RAM usage: Does it really matter if a program uses 15 or 25MB? In most cases, people today have at least 512MB but most likely 1024MB or more. So, using 1-5% of RAM is not that much, is it?

Mrk

-{ Quote: "with all do respect, I dont get Kerio 2.1.5, why ppl using something that its maker doesnt support it anymore." }-

People use those kind of basic packet filters cause they are simple and flexible. Time has also tested them and their faults are generally known. After kerio 2.1.5, there came that added feature, 'application behaviour blocking'.
It is a feature belonging to HIPS department. Causing possible conflicts with other HIPS like SSM or PG.

I can understand some people wanting a security suite, all in one program. But I don't like that trend. Makes programs imcompatible to run with each other, needs to stick to just one suite that never contains best pssible components. Or the freedom of choice. Or are just bloat.

In some extent memory usage is not an important matter, but it can show a sloppy design, memory leaks etc, as might be the case with Kerio 4.
I started to follow the threads when it was first Kerio 3 a short while as beta, then the memory usage grew in 4, always pushed new versions, and always the memory usage i think has grown.

Adding a new feature may also downgrade a product, as happened with Sygate. They tried to add XP SP2 security center recognization and pushed spf 5.6 free, never as pro. I have myself seen that as a firewall service should start before a user logs in, it did not with that beta. Avast network shield gave me an alert.
So a totally good quite basic packet filter was ruined and pushed out as a last offer that there still is available. One should have just been there and read all the negative remarks about spf 5.6 free.

So there is a very good reason to stick to old and goldies, if they do their job as expected. In a way a new version of a security product is always beta until it has been tested by a wide public user base. There are demands from users to keep security software makers to push out new program versions. And negative remarks if not, might be a case with PG or then something else. My point is just that latest is just not sometimes the "best" thing to use.

XP patched and antivirus updated, of course.

About leaktest passer suites:
Jetico 1.0 is not a complete firewall, needs a router since there is no firewall service. Gets reboot onto login screen by some reason, unprotected !
Comodo. Unintuitive GUI and rule making, logging not good, mostly a black box. Too many features and possible conflicts with HIPS's.
Never tried OP, but suffers from bloat too, IMO of course. Don't like suits.

To Mrkvonic:
Sygate still is a very good firewall if you are not running any local proxy software. Many antiviruses scan web traffic as a proxy, also more wide proxy software like proxomitron. And my comment for spf 5.6 being a bad relase stands.
SPF has 'antiapplication hijacking', meaning asking when another program than explorer.exe wanting to start an internet connecting application. But that feature is lost as all others for asking about outbound connections if ANY local proxy. First that local proxy needs to be allowed by you to internet, but after that the outbound protection is sort of lost, leaves only the logging from that proxy.
That thing could be taken care of somehow with a software HIPS like SSM free.
Sygate has also had for years a feature, 'DLL authentication'. I never liked it, cause too much noice in asking popups, but it basically asks if ANY DLL is to be downloaded from web to your browser etc or not.
Only there were no rules to edit. Suitable only to really paranoid surfers!
Works also I think even with local proxies.
SSM free does only ask for if something wants to hook windows, those DLL's, nothing more. So in a sense Sygate's one is more advanced, but to me it was too noisy, no more information given and only asking if a program is allowed to use that dll for you to answer your decision.

Still I wonder about msctf.dll since I have no ms office programs installed and it wants to hook for almost every program I run. It is now allowed in SSM, cause being tired of the popups.

I like kerio 2.1.5 as a packet filter very much, more than SPF, so no turning back I think to Sygate. http://www.wilderssecurity.com/showpost.php?p=826112&postcount=4
Anyways a firewall for me has to have no HIPS features, as I like to add them on my own :)

-{ Quote: "Thanks for the explanation. Makes sense.

I tried Outpost 4.x last week. Although it looked very nice and I liked the kinds of protection it affords, my computer had serious problems with it -- system freezes, a few BSODs (God, I hate those), and general crankiness. So I uninstalled it.

I'm running NOD32 and also SpySweeper w/ av turned off (both paid). The Outpost I downloaded a month ago just didn't get along with SpSwpr, apparantly. Since I'd already paid for the latter I opted to let Outpost go, even though I liked it very much.

I'm now running Sunbelt Kerio 4.3. No stablitiy probs. It has a HIPS, a NIPS, and a Behavior Blocker -- all stuff that OA, SSM, and other system controllers/protectors have.

One point though: the three Kerio processes combined burns *at least* 30 megs of RAM, and this has gone up to 115 megs when many (~30) tabs are open on my Firefox browser and T-bird is also running.

I guess that's for all the extra-curricular work the entire 4.3 app is doing (packet filtering, network monitoring, system monitoring/protecting, etc.).

My question: I'm using an almost brand new IBM T60p, dual core 2.00 ghz, with 2 gb of RAM. So, I'm not exactly starving for RAM or processor speed. Do you think this SunbltKer 4.3 is a better idea than purely dedicated coverages -- a simple firewall for packet filtering, another app for system monitoring and control, something else for behavior analysis??

I'm definitely going to keep NOD32, and I'm going to keep SpSwpr (but probably not in full-out mode). I also sit behind a D-link (NAT) router, hard-wired, but I do go out on the road a fair amount and use airport and other foreign connections.

What's your recommendation for my system protection from mostly internet-borne malicious vectors??


Sam


//" }-
The setup that you have is more than sufficient to protect you against internet baddies imo. Sunbelt kerio firewall is very good imo, its easy to use and does its job well, if you've paid for it then use it.
I have a dell inspiron dual core 1.8ghz / 1gig ram running outpost 4, nod32, ghost security suite and ca antispyware 9 and it still runs very nicely, total ram usage for these apps would be somewhere around 80mb normally which is no problem for my setup. I also have a paid subscription to spysweeper but like you i noticed it had some conflicts with outpost so i removed it.