Having used the latest ZA Free Firewall version I was quite pleased as it ran well and didn't seem to slow down my system. I was just wondering though, if the promises made on the Ashampoo website about their Free Firewall was true. If so it would mean it is more informative than ZA Free, even lighter on the system, and give the user more control. So is Ashampoo better than ZA Free at this point? The reviews on Download.com were mixed, but it did get a very high rating.

Ashampoos firewall is definitely not as good as ZA free. For simplicity and ease of use nothing much is better than ZA.

What a remarkably confident statement you make farmerlee. Please point me to the independent comparative testing between the two products that justifies your view - cause I can't find it. I don't use either product nor Comodo Firewall but I'd certainly install it in preference to the other two named products.
As to this view of mine see:
http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php#firewalls-ratings

Also note that the testing there was with ZA Pro whose capabilities are superior to that of the free ZA version.

Here's lots of screenshots (Ashampoo) http://www.softpedia.com/reviews/windows/Ashampoo-Firewall-Review-33853.shtml

-{ Quote: "Ashampoos firewall is definitely not as good as ZA free. For simplicity and ease of use nothing much is better than ZA." }-
Farmerlee, please provide us with some facts that will give your one-liner the predicat "reliable" and the classification "true".

Txs in advance,

Smokey

Ashampoo Free has some small bugs and probably doesn't stealth ports.I use it behind a router so i don't care.
Compared to ZAF,you have some more granularity ,since you can specify ports (but not protocols).The default setting also gives server rights to every application,which is dangerous for newbies.

PErsonally i d reccomend Ashampoo Free to anyone that is behind a router and wants a firewall that is very light and doesn't slow down browsing speed at all.Also unlike ZAF,it works fine with Emule.

I d say ZAF is slightly superior in easyness for a complete newbie,since doesn't ask you ports and doesn't give server rights automatically.But Ashampoo is lighter,more good looking and best for browsing and p2p.

Don't even bother bringing leak tests etc in the discussion,it would be pointless.These 2 firewalls are simple ones,they exist to serve much simpler needs than the security techies in Wilder's ;D

Ashampoo does not stealth.Uninstalling it now,ports are closed only

Hello,
That's no reason to uninstall a firewall. Closed ports are as good as any.
Mrk

I made 24 leaktests, this info may help you.

1. Outpost Firewall Pro 4 100%
2. ZoneAlarmPro 92%
.
.
.
.
7. Ashampoo Firewall 1.14/1. 10 21%

You can be sure that my results are the truth. Forget Ashampoo.

-{ Quote: "That's no reason to uninstall a firewall. Closed ports are as good as any." }-

Nonsense. You have no surveillance ability. Outpost is the best actually. You could compare it with someone who has very good eyes and someone who has bad eyes, the one with good eyes is always in a huge advantage.

-{ Quote: "Farmerlee, please provide us with some facts that will give your one-liner the predicat "reliable" and the classification "true".

Txs in advance,

Smokey" }-
I do not have any facts other than my personal experience with the two firewalls. I have used ZA for years and its always been a very reliable firewall. I have used the ashampoo firewall and found it to be horrible, it could not even stealth my ports by default which imo is terrible. Therefore i submit that my original statement is true.

-{ Quote: "I made 24 leaktests, this info may help you.

1. Outpost Firewall Pro 4 100%
2. ZoneAlarmPro 92%
.
.
.
.
7. Ashampoo Firewall 1.14/1. 10 21%

You can be sure that my results are the truth. Forget Ashampoo.



Nonsense. You have no surveillance ability. Outpost is the best actually. You could compare it with someone who has very good eyes and someone who has bad eyes, the one with good eyes is always in a huge advantage." }-

Hello,

Leaktests - meaningless.
Closed ports = stealthed ports.

Now to elaborate:
Firewall - processing of networking traffic.
Firewall - NOT responsible for killing executables, flushing dlls and so forth.
Real life situation - most people will not be able to tell a real leak from a benign dial attempt by legit app and will allow potential malware to connect, rendering their defense meaningless. As to those who can tell such attempts apart, they do not need a Firewall to tell them that.

Closed ports:
What surveillance ability? Closed port cannot accept unsolicited connection inbound. Period.

Mrk

Uninstalled ashampoo,back to comodo and stealth.Didnt like firewall at all.If i had to choose between the two then zone alarm

Any firewall should be able to be configured to drop SYN packets giving it the "stealthed" capability which is pretty worthless, since it does nothing special except violate internet regulations. A closed port just sends back a packet saying that the port is not accepting connections, so it is just as secure.

As to leaktests, zone alarm free only passes one of them if I remember correctly, as it lacks the OS firewall and many other capabilities of the full version.

Just some thoughts,

Alphalutra1

-{ Quote: "I made 24 leaktests, this info may help you.

1. Outpost Firewall Pro 4 100%
2. ZoneAlarmPro 92%
.
.
.
.
7. Ashampoo Firewall 1.14/1. 10 21%
" }-


Could you post the score of 'Zonealarm Free'. Thanks.

I am behind a NAT Router and the system that is resource challenged would do fine with this Ashampoo lighter firewall. Don't you think? Who needs steath when they are behind a HardWare Firewall (Router) or am I missing something. ??? :-\ Server rights by default :P WHY?

Have used ZA off and on for years it is good but has it's faults too.

-{ Quote: "I am behind a NAT Router and the system that is resource challenged would do fine with this Ashampoo lighter firewall. Don't you think? Who needs steath when they are behind a HardWare Firewall (Router) or am I missing something. ??? :-\ Server rights by default :P WHY?

Have used ZA off and on for years it is good but has it's faults too." }-

I ll reply to the part that i haven't commented already in my previous post:

I suppose they put Server rights by default,a bit like Sygate does,so to help complete newbies.You can however edit the rule and simply remove the "tick" from the box "allow incoming connections(server mode)" and you 're OK (exactly the way it is with Sygate too).

Behind a router and for people that aren't leak test maniacs,it is a great,simple outbound control solution.

-{ Quote: "tell a real leak from a benign dial attempt by legit app and will allow potential malware to connect, rendering their defense meaningless" }-

full nonsense

-{ Quote: " Closed ports are as good as any.
" }-

OMG, only one little server exe is needed to make your idea useless.

Firewall is a must. More surveillance capabilities.

-{ Quote: "Could you post the score of 'Zonealarm Free'. Thanks." }-

Must be pretty similar to the pro results I guess, sorry no time actually for testing this, but probably same thing.

Comodo also 92%.

Hello,

Let's say you use a router - which does not stealth ports. You only get closed. How exactly is my 'closed is secure' nonsense?

What server.exe are you talking about?

Open port does not mean you get hacked. It means the application accepts inbound connections, like ant P2P software. And then what?

If the application listening on a port has no exploitable vulnerability, then there is no meaning to any incoming traffic that tries to exploit something.

Example - Let's say you run BitTorrent, listening on port 54333. It acts as server, in order to allow other people to send requests for files and connect to you for download. Let's say someone sends a blizzard of evil packets at this port. And let's s say these packets are aimed at subverting the Messenger. What will BitTorrent do exactly with these packets? How will it interpret them? Nohow. They will be simply lost in the noise overhead.

Closed ports means no unsolicited traffic comes in. As same as stealth. Open port means that connections can be made. But that still does not mean that incoming traffic will be able to do anything bad.

When someone sends incoming traffic, he / she does not know what application listens on the destination port. He / she can assume and expect and hope it will be svchost or messenger or something. But you can use your ports any which way like for any 1000 applications available.

So, someone sends a Messenger hack to your port 54422. But your Messenger works on port 32111. So nothing happens. And so forth. Then even if the evil packets reach your Messenger port, the exploit works only for a certain version and not the one you have. And so forth.

Exploit might work if an exploitable application listens to a certain ports and receives the exploit packets. Otherwise, it's just Internet noise.

BTW, where did I say firewall is not a must?

It just does NOT have to stealth the ports. Closed ports, alone or by firewall, are as good as any stealthed ones.

So, please elaborate on full nonsense and little server.exe?
What did you mean by those?

Mrk

I read that Ashampoo Free Firewall is not recognized by the Windows Security Center, true?

-{ Quote: "I read that Ashampoo Free Firewall is not recognized by the Windows Security Center, true?" }-

That's not important at all.
Security Center is pretty useless if you ask me. I don't use it.

But is it?

Hello,
Maybe. It really does not matter.
Mrk

-{ Quote: "I read that Ashampoo Free Firewall is not recognized by the Windows Security Center, true?" }-This is not important to me at all, but this is duke's thread so if some one knows it would be good to post it. ;)

-{ Quote: "This is not important to me at all, but this is duke's thread" }-

Duke! What's he still doing here. That's it! Does anyone know of a good 'Obsession Counselor'? :wacko:

I know, I know. I promise I'm going to quit, but little by little is easier. I have installed Ashampoo AntiSpyware and it's really nice. That's why I was wondering about the FW now. I realize it doesn't need to be recognized. I just would like it too, if I decide to use it instead of my AVG FW. I liked ZA, and of course Comodo is my favorite, but Ashampoo looks like it may be a good choice between the two. Judging by their AS, it may not be bad either.

Regarding the closed/stealth port issue, I thought that both prevent communications from connecting to your PC, but that in the closed situation, the hacker knows that your PC is there since it returned a "closed" response? So your system could be more vulnerable and the hacker could then use some other means to zero in on your system?

I don't have any experience with the Ashampoo firewall, but I will mention that the graphics are quite appealing. I have used ZA free for several years and it has never caused any problems on my computer. I have never experienced a dialer program that tried to call out from my system and the firewall has never shut down by some outside means when I have used it. Since you like several programs, I would get several PCs and then load them up with different configurations and then you compare the machine efficiency rates to your heart's content. ;)

-{ Quote: "
Regarding the closed/stealth port issue, I thought that both prevent communications from connecting to your PC, but that in the closed situation, the hacker knows that your PC is there since it returned a "closed" response? So your system could be more vulnerable and the hacker could then use some other means to zero in on your system?
" }-
Open port = house with a certain door open.
Closed port = house with a certain door closed and locked.
Stealth port = house with closed and locked door. The house appears empty but that does not mean that the house is not there.

-{ Quote: "
Closed port = house with a certain door closed and locked.
Stealth port = house with closed and locked door. " }-

Since both mean that the door is closed and locked, isn't that the same thing?

-{ Quote: "Since both mean that the door is closed and locked, isn't that the same thing?" }-
For security: YES
Technically: NO
Perhaps you want to learn something about networking, TCP/IP, firewalls. A basic understanding of these is maybe the best you can do for improving your security and peace of mind.

I think I'll stick with either Comodo Firewall or my AVG. One is tops and the other simple. Thanks to everyone from saving me a new installation. I just thought Ashampoo looked cool with some neat features. However, it may not be worth the installation at this time.

-{ Quote: "So, please elaborate on full nonsense and little server.exe?
What did you mean by those?" }-

here is your answer ;-)

-{ Quote: "Open port = house with a certain door open.
Closed port = house with a certain door closed and locked.
Stealth port = house with closed and locked door. The house appears empty but that does not mean that the house is not there." }-

-{ Quote: "Closed port = house with a certain door closed and locked." }-

A house with a closed door is maximum one step further then one with open door. The bandit still can break in he only needs more aggression. Mr.Kvonic

Hello,

You mentioned server.exe - please elaborate on that one too.

And now tell me, how can a bandit break through a closed port? Send a packet that has a PBM (Port Bursting Munition) string? Such a packet will be simply dropped as invalid. Send thousands of packets that will simply rebound and go back?

Closed port is closed.

The only difference between closed port and stealthed port is that the firewall does not reply back to the sender.

Furthermore, if you have no services listening, there is no way anything outside can communicate with your PC, despite your or their best wishes.

Mrk

-{ Quote: "Closed port is closed." }-

You only need a click on one bad exe and your locked door may open, that was related to server exe.
You should not forget rootkits. Some lacks in your house you cannot see.

Hello,

Server.exe has NOTHING to do with firewall / ports / closed / stealthed. What you're talking about is OUTBOUND and execution.

I'm talking INBOUND.

And BTW, open port IS open, regardless whether your firewall stealthes or closes the ports.

Mrk

So far Ashampoo is doing good. i have tried PC Tools Firewall and didn't like it. I have tried ZA and it is better to use now than before, not as many uninstall problems. luckily i saw how to do clean uninstall ahead of time and it uninstalled ok for me. it used lots of memory and i don't want that. Ashampoo uses much less memory and has better interface and features then ZA like sound alert for allow deny pop up which is cool. it really is a decent firewall and i like it so far. didn't hear good things about company, but maybe this has changed.

-{ Quote: "Duke! What's he still doing here. That's it! Does anyone know of a good 'Obsession Counselor'? :wacko:" }-

He can use mine after I get over my obsessions. Might be awhile, though...;D Doesn't sound like that book is going to get written any time soon - kind of like the one I started...am too obsessed to remember when..........