For the last 5-6 years I have used Zone Alarm. I didn't think too much about it because it loaded up nicely and very quietly did its job so I was happy with it.
I saw on a site that a firewall called Comodo was supposed to be the best free firewall and decided to try it. I have only used it for about an hour now and it doesn't seem to be any different than Zone Alarm to me.
Have you always used the same firewall, or do you try to find the best most secure one?

I sometimes try out different firewalls but not because I want a more secure one. I just look for firewalls that are easy-to-use, light, and can handle p2p/gaming.

That's up for debate... http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php ...but I try to find the firewall that works best on my pc first as well as other issues. Haven't found that perfect fit yet that doesn't conflict with other apps, slow down browsing speed, etc.

{QUOTE-> Have you always used the same firewall, <-QUOTE}

No. I love to experiment. It's like a drug and I need usually a weekly or monthly fix to satiate my appetite, though I have recently settled on Outpost 6.0 on one pc and Jetico 2 on another. Jetico, in particular, offers outstanding security with little impact on system resources.

{QUOTE-> or do you try to find the best most secure one? <-QUOTE}

Absolutely! It has become fashionable and perhaps a perception of appearing "cool" in this forum to declare:

"I only need inbound protection. Who cares that my programs call home. They need to anyways!"

For me, I want complete control over how my programs connect to the Internet. I will not settle for less!

For all of my systems, I have stayed with the original firewall program and haven't replaced any of them. Since some of my systems are outdated, I cannot just "switch" to another program. Also, I never trust the uninstall process of any program and just replacing it with another totally new program usually causes other problems. Unless the program stops working or becomes a liability, I usually stay with it.

{QUOTE-> Haven't found that perfect fit yet that doesn't conflict with other apps, slow down browsing speed, etc. <-QUOTE}

This is because firewalls were meant to be standalone programs without regards to any other processes on your PC. Unfortunately when you add a filter barrier (such as one for your A/C or gas furnace), you slow down the flow of data (or air) and you affect other things in that flow path. ;D

{QUOTE-> Haven't found that perfect fit yet that doesn't conflict with other apps, slow down browsing speed, etc. <-QUOTE}
Have you tried Jetico v1? If it's installed on a clean PC (no remnants of other security software) it's almost trouble-free, except for the pop-ups ;D
Also, it's super fast.

{QUOTE-> This is because firewalls were meant to be standalone programs without regards to any other processes on your PC. Unfortunately when you add a filter barrier (such as one for your A/C or gas furnace), you slow down the flow of data (or air) and you affect other things in that flow path. ;D <-QUOTE}
Limited abilities with configuring the one's that don't have issues is another stumbling block, that unfortunately I suffer from. Hopefully time will help solve this. For now, HIPS are my safe haven...

I didn't seem to notice any difference in browser speed when I used Webroot Desktop Firewall with DSA enabled. And I don't think there's much of difference in my browser speed now with ZA Antispyware installed either. I tried Firefox with and without ZA running and that's how I came to that conclusion. Can certain HIPS slow down the browser though? I always felt ThreatFire did this slightly.

Hardware FW along with Sandboxie configured to stop any outbounds from within a sandboxed environment.

Minimal resources and highly effective!;)

In the past year, I've used Jetico v.1, Comodo 2.4 and 3.xx (beta), and am now using Online Armor free. The last two are similar application-based firewalls (like ZoneAlarm), whereas Jetico is a rules-based fw, meaning you have to manually set up your rules to make full use of its capabilities. (You can give apps blanket priviledges, like a app-based fw, but that kind of defeats the purpose of a "tighter" rules-based fw). If you like to have fine control, go with Jetico or another rules-based fw -- Look n Stop, Kerio 2.x, or others. If app-based works for you, then OA or Comodo are highly rated for inbound, leak protection (outbound) and limited rules making ("granular control").

SamSpade


|||

jetico V2

{QUOTE-> I didn't seem to notice any difference in browser speed when I used Webroot Desktop Firewall with DSA enabled. And I don't think there's much of difference in my browser speed now with ZA Antispyware installed either. I tried Firefox with and without ZA running and that's how I came to that conclusion. Can certain HIPS slow down the browser though? I always felt ThreatFire did this slightly. <-QUOTE}
You need to time the browser with TF on then off, then repeat with a different browser.

In terms of inbound protection they're pretty much all the same. Making a decision should be based on if they're compatible with your current setup, how light they run, and if outbound control and/or HIPS is a want of yours. I have used Comodo 2.4 and liked it.

I'm using Kaspersky Internet Security 7 right now, it has everything I want under 1 hood and it's been working great for me. Every time something new comes along I try it out. So far nothing has impressed me enough to give me a reason to change.

Hello,

If you got a firewall that works for you - don't switch.

Regarding what I look for - compatibility, especially with p2p and games. Security, they are all pretty much the same. I don't care about leaktests as they mean you got your comp infected.

In the Windows environment, on my strictly production machines I use Sygate. Other setups, including testing and such, I use several others.

Mrk

Hi, this is my first post.

I am from Austria, German is my native language and therefore not every pun is intended.

I also use Sygate (Free)
Gaming, p2p and surfing are my main activities.
Why I’m not using XP firewall? Because of its limits compared to a “complete” PF.
I don’t like to be disturbed by any local network traffic while I’m on the way to the next “Massacre” or “Monster Kill” in UT3.

But Vista will be a necessary evil in middle term especially for gaming.
(Please tell me that I’m wrong…)*puppy*

So which one to choose for Vista?
With all the qualities Sygate offers: rock stable, easy to use, small footprint, doesn’t affect network latency too much, can’t be shut down in task manager etc.

Cheers

i have 2 computers in the home
one of them i put kaspersky internet security
the another computer i put avira antivir premium with comodo firewall

hello

I was reading all this and I will say something and then I expect some suggestions from you, because I do not know that much concerning firewalls. Just the basics let's say.

I use Sygate. I know, old, outdated, expired. I used Netveda 2 years ago but now that is back again alive, I installed it but noticed after some minutes it takes ram, lots. I posted this somewhere but it seems to be it just happens in my pc and some others. Even the Netveda forum did not answer. OK.

Sygate...don't know but from the moment I installed it pop ups asks you give permission or not to blablabla...and that's it! No problem with p2p, no problem with anything and this is where I expect advice from you....IS IT SO SIMPLE or I am doing a total mess???????

I ask this because I read read and read and I see guys talking about inbound outbound, opening, closing, creating rules, creating rules to forbid the previous rule and I think to myself " I only say yes or no" and THAT'S IT!

thanks so much

Hello,
You can create those rules in Sygate too - they are called advanced rules. I create those for my lan and virtual machines. But for normal daily usage, you're most likely ok.
Mrk

Over the years I've used many different firewalls.
I don't necessarily look for the best if it's not the best on my system.
It has to be light on resources, fairly easy to use and run smooth. In other words no slow downs when surfing.
Right now I'm using Online Armor free.
I tried it and like it.
Looks like this one found a new home.;D
Dan

thanks MrKvonic...I will keep using sygate, at least in grc.com it shows stealth mode

After I was dissappointed while trying Agnitum Outpost Pro Firewall v6.0,
I am testing Online Armor (free version) and
Webroot Desktop Firewall v5.5.10.20.
For the time being, Online Armor seems to be more responssive to alerts :thumb: .
We 'll see...:shifty:

Fully activate DSA in Webroot(see thread) and you'll get more alerts than you can handle.

Anyway what sort of criteria is more alerts for testing a firewall-none-some are designed to be more user friendly.

PS I need sunglasses to read your posts-I hope you dont start a new fashion!

{QUOTE-> Fully activate DSA in Webroot(see thread) and you'll get more alerts than you can handle.

Anyway what sort of criteria is more alerts for testing a firewall-none-some are designed to be more user friendly.

PS I need sunglasses to read your posts-I hope you dont start a new fashion! <-QUOTE}
More like welders glasses

Comodo 2.4 with no plan to move to 3.0. I have said this before, because of its simplicity Comodo 2.4 is destined to be a classic, like Kerio 2.15. It will be in use long after 3.0 comes out.

I just removed Blink to try Webroot Desktop firewall. Had it running a couple of days now and so far no complaints. I've checked it periodically since it does have DSA and DSA seems to forget things. In the couple of days though, no problem yet. It's all still in learning mode.

I've noticed that my computer is a bit faster, not a huge amount but noticeable. For antivirus, I installed AVAST today because I've always liked and trusted AVAST.

I'm still working my way through a learning process with WDF, but it all seems fairly simple. I can't say whether I like it enough to keep or if I'll go back to Blink. We're on a hardware firewall but I like being able to keep an eye on what goes out, too.

{QUOTE-> After I was dissappointed while trying Agnitum Outpost Pro Firewall v6.0,
I am testing Online Armor (free version) and
Webroot Desktop Firewall v5.5.10.20.
For the time being, Online Armor seems to be more responssive to alerts :thumb: .
We 'll see...:shifty: <-QUOTE}

Uncheck all learning modes in WDF settings and you will see how responssive it is. :) In settings and in settings/advanced and in settings/advanced/view edit application list/processes - uncheck all training and check all detections.

And of course Process monitor on high.

Hi all,

Online Armor firewall suits nicely with security setup

Regards,

MaB

{QUOTE-> Hi all,

Online Armor firewall suits nicely with security setup

Regards,

MaB <-QUOTE}


So the admuncher problem is fixed?

{QUOTE-> So the admuncher problem is fixed? <-QUOTE}

Hi Lonewolf,

No the conflict is not yet fixed (i switched to OA free) but according Mike Nask, next Ad Muncher version (4.72) will fix it.

Regards,

MaB

{QUOTE-> Hi Lonewolf,

No the conflict is not yet fixed (i switched to OA free) but according Mike Nask, next Ad Muncher version (4.72) will fix it.

Regards,

MaB <-QUOTE}

Thanks for the info. ;D

I have been using Sygate Personal Firewall Professional for a number of years. Most likely I will continue using the firewall until convinced to change. I have heard so many pros and cons regarding various firewalls that changing now is not a priority for me. I probably have listened to Mrkvonics' comments most because they bolster my confidence in Sygate. I am including in this post the following link to the "Sygate personal firewall guide" which has helped me and hopefully it may help other Sygate users. http://www.kotiposti.net/string/SPF_eng/SPFGuide.html

Hi,

I know this SPFGuide, on Sygate.de is an additional advice about ICMP.
http://www.sygate.de/konfiguration/ICMP.html
So this was the advanced rule I always added first:
Rule Summary:
This rule will allow both incoming and outgoing traffic from/to all hosts on ICMP type 0,3,4,8,11,12,13,14. This rule will be applied to all network interface cards.

So my questions are:
Is this advice correct, to allow ICMP traffic?
And if so, are there any changes in ICMP types if you are behind a router?

Cheers!

What Diver said - Comodo 2.4 is outstanding - whether you're a novice or a security expert.

My current security setup:
- NAT router with SPI protection.
- Comodo Firewall Pro RC1 (Network Monitor with HIPS active).
- Spywareblaster innoculator.
- Comodo BOClean 4.25 resident anti-spyware.*
- NOD32 V3 antivirus.
- SuperAntiSpyware (manual scan only).*
- Using IE7 browser.
- TrueImage 10.0 Backup/Restore program.

* BOClean protection is excellent for detection of attempted malware start-ups, but ignores trivia such as adware cookies - you need a manual AS scanner.

All function flawlessly together.

Hope this helps!

gud4u

So few people seem to include backups as a security feature.

In fact I use ATI I0 to schedule 2 daily backups quietly in the backgound.

No matter what nasties may get through security (and so very few ever have ), I will never loose more than a few hours of data at the very most.

Hi,

I’m doing exactly the same, using ATI for backups too.

BTW before ATI I used PowerQuest’s Drive Image, but Symantec decided to absorb Powerquest like they later absorbed Sygate. Rapacious beast.:thumbd:

So using an image tool, I don’t have to be too afraid installing potential critically software or becoming a malware victim.
Booting up from CD and restoring partitions resolves nearly every problem.

Cheers!

{QUOTE->
So my questions are:
Is this advice correct, to allow ICMP traffic?
<-QUOTE}

These ICMP rules I think are safe:


Echo Request type 8 outgoing

Echo Reply type 0 incoming

ICMP Unreachable type 3 incoming

ICMP Time Exceeded Type 11 incoming

There is also router discovery, Type 10 which may be necessary, depending on your setup.

Hi, wat0114

Thanks for information!

Exactly the same settings are advised by protecus.de.
http://www.protecus.de/Firewall_Security/icmp.html

Don’t know why the settings from sygate.de differ.
Or sophos.com advices this one:
ICMP = 0 IN
ICMP = 3 IN OUT
ICMP = 8 OUT
ICMP = 10 IN OUT
ICMP = 11 IN
http://www.sophos.com/support/knowledgebase/article/14464.html#icmp

It’s a little bit irritating, shouldn’t it be for every PF the same???

Cheers

{QUOTE->
Don’t know why the settings from sygate.de differ.
Or sophos.com advices this one:
ICMP = 0 IN
ICMP = 3 IN OUT
ICMP = 8 OUT
ICMP = 10 IN OUT
ICMP = 11 IN
<-QUOTE}

I'm not sure subset. the only one I might question is ICMP = 3 IN OUT, since only if the pc belongs on a LAN would the Out direction perhaps be necessary. Someone with better knowledge in this area could probably elaborate.

After a brief stint with COMODO in my first change of firewalls in over 2 years after ZA, Kerio 2.15 returned by reappealing quickly to me again. I been pretty much resigned to it ever since. It's been long considered outdated but with a solid HIPS and a few other newcomer risk-preventers it's filled the need on XP Pro exceptionally well enough to depend on for the long term. But now enters OnlineArmor with it's dual capabilities and specialized firewall, so this one seems a very viable candidate now to maybe make a first replacement since departing ZA. If it's results (free version) prove out everything it's been raved about recently, theres a real opportunity it just might finally win implimentation into my overall strategy and then on over to the full program with all features. This is another one of those new golden opportunities where a very new program debut has the substance/results sought after to win over and replace whats been a long standing app where theres long been little interest to veer away from an old standard.

i used to use a firewall behind a nat router. but not anymore, too redundant imo. but its fun to try new firewalls etc.

I was going back and forth between ZoneAlarm and Outpost for a couple of years (with a brief trial of Comodo in between) until I found Online Armor a couple of months ago. No more problems and my machine has never been more responsive.

I originally had McAfee firewall, then ZA. I've been with Outpost now for a couple of years. Currently Using Outpost Pro 6.0.2175.8316. The latest version is stable on my machine.

{QUOTE-> These ICMP rules I think are safe:

ICMP Unreachable type 3 incoming
<-QUOTE}

The ICMP "Destination (Host) Unreachable" is Type 3 Codes(Subtypes) 1 & 7 (incoming).
The ICMP "Destination Unreachable/Fragment-size-re-state" is Type 3 Code(Subtype) 4 (incoming).
I have not allowed other ICMP Type 3 messages incoming through my Intego firewall on my Mac.

ICMP types and codes(subtypes) can be found at:
http://www.spirit.com/Resources/icmp.html
and a useful article at:
http://www.spirit.com/Network/net0700.html