Hi folks,
Is there any firewall that is suitable for a novice like me, who doesn't know anything about rule-making?
My OS is Vista, and I'm using NOD32.
I don't really feel secured with this Vista firewall...
I guess there isn't any, right?
Oh well,
Have a wonderful day... or night~

You could try WebrootDesktopFirewall, which would make the rules for you, has a learning period, is vista compatable and this forum contains helpful threads about it. Worth a try...

Here's a link (http://www.webroot.com/consumer/products/desktopfirewall/?id=H2-HO_Links-DF&WRSID=49eafde8b82369bfb0b7120f063f2da6) if you want to read up on it...

Thanks for your reply, 19monty64!
I'm also a gamer, so is it also light?,
btw, haven't seen it in matousec's leak test-result though...

For gamers, one could exit the firewall and use vista FW, inbound only or no firewall if behind a router. You could also check this thread (http://www.wilderssecurity.com/showthread.php?t=191404) but as I'm still in xp, I'm not sure which ones are vista-ready yet.

Thanks again for your reply 19monty64,
I think every firewall is rule-based... Oh, well, I guess no company is generous enough to make a nice, fast, secure, and easy firewall for novices...
Thanks anyways.

I recently tried Webroot's, and it made the rules itself. Learning-mode is quite simple, and it has DSA built in. It's a HIPS for added security that is off by default. You could leave it that way. Are you behind a router by chance???

I test-drive a lot of firewalls but don't normally use one full-time. Other than the AV, I use this (http://www.threatfire.com/download/).

19monty64, Thanks!
Yes I'm using a router.
But it's second-hand, so I don't know if I should trust it.
ThreatFire looks nice, but I heard it is something called HIPS, which I have no idea what it is, and how to use.
This laptop I'm using is getting the signal from my router(wireless).
Does router guarantee safe security for wireless internet too?
I think I'm still going to give Webroot Desktop Firewall anyways.
Thanks again, 19monty64!

Oh, btw, is Webroot Desktop Firewall using their own technology? (OP, ZA, etc??)

As member WSFuser suggested in the link posted above, LnS might be a good firewall for u. I found it quite easy to use when i tried it some time ago and very light,

http://www.wilderssecurity.com/showthread.php?t=175766

There's also a very good tutorial on how to set it up,

http://www.wilderssecurity.com/showthread.php?t=83498

As u can see, the LnS forum is hosted right here at Wilders. :)




snowbound

Yes, ThreatFire is a HostIntrusionPreventionSystem, but it's a quiet one. It alerts you based on malware-like activities. The first time I used it I uninstalled after a few weeks because I didn't think it was doing anything. To the Webroots question, look here (http://www.wilderssecurity.com/showthread.php?t=188464).

Many thanks to snowbound and 19monty64,
I better give WDF and LnS a shot.
I wonder why LnS doesn't do very well in matousec firewall leak-test,
while there are so many people using it.
I bet it's a nice firewall!
Thanks again to both of you!

I do not understand what you want. Do you mean a firewall with automatic rule making or 1 popup per app?

{QUOTE-> I do not understand what you want. Do you mean a firewall with automatic rule making or 1 popup per app? <-QUOTE}

Sorry, I think I'm maybe... demanding too much.
A firewall that anyone, especially novices have no problem using.
If there is any...

If your second hand router is working,then its OK-so enable NAT.
Check out the instructions for the router.

Then use a good HIPS like Threatfire-thats all you will need -for better gaming speed!

If you feel insecure and can sacrifice bit of performance then as Monty said ,WDF but without any further HIPS -or Filesclab-light,simple plus Threatfire.

http://www.download.com/Filseclab-Personal-Firewall-Professional-Edition/3000-10435_4-10421598.html

Edit-Wrong-Filesclab wont run under Vista.

What about Onlione Armor Free? The free version runs in Standard (simple) mode, and I believe the free version automatically allows trusted programs to access the internet.

Online Armor is currently at first place in the matousec firewall leak test results. I higly recommend it too. Using it also with kaspersaky.:thumb:

{QUOTE->
Yes I'm using a router.
But it's second-hand, so I don't know if I should trust it.
This laptop I'm using is getting the signal from my router(wireless).
Does router guarantee safe security for wireless internet too?
<-QUOTE}

For a start ensure that your wireless security is adequate,otherwise theoretically anyone so inclined ,driving past can break into your network.

My setting for this is WPA2 preshared key.

Secondly,as its wireless,you are probably going to get more network latency than if you were directly connected.

As i said, just enable NAT and use a HIPS

There are a lot of light firewalls out there,but if you are serious about gaming,installing one is only going to slow you down even more on a laptop,most of which are relatively underpowered.

Thanks for your kindness people.

To. boonie, ultragunnerdcl:
OA Free sounds nice, but I'm using Vista... I heard OA Free is not vista compatible.

To. Hairy Coo,
Thanks for your tips, but I have no idea how to enable NAT... However, I did make a password to access into my wireless signal... How do you enable NAT? Do I have to go into 192.168.10.1 or 192.168.0.1?

{QUOTE-> What about Onlione Armor Free? The free version runs in Standard (simple) mode, and I believe the free version automatically allows trusted programs to access the internet. <-QUOTE}
OP using Vista -- Online Armor not compatible with Vista yet.

{QUOTE->

To. Hairy Coo,
Thanks for your tips, but I have no idea how to enable NAT... However, I did make a password to access into my wireless signal... How do you enable NAT? Do I have to go into 192.168.10.1 or 192.168.0.1? <-QUOTE}

Cannot help as each make of router is different,but if you can access the router,you probably can adjust the settings without too much trouble

Otherwise,you will have to get a copy of the instructions-they will tell all .Do a Google.

The first thing is to enable max. wireless security.

{QUOTE-> Online Armor is currently at first place in the matousec firewall leak test results. I higly recommend it too. Using it also with kaspersaky.:thumb: <-QUOTE}

So what?

"It should be noted that leak-tests probe only a few features of personal firewalls. If a firewall passes all leak-tests it does not mean it is perfect, bug free or secure in other aspects! " (Matousec)

Dear Hairy Coo,
Hi, I am using a router,
but I have no idea how to enable NAT...
only thing I did when I got the router is to make a password for my wireless signal coming out of my second-hand router...
Isn't NAT suppose to be turned on automatically from the moment I got the router?
Sorry, I'm really a beginner on this paticular subject...
And thanks in advance...

P.S in my country, for the router setup, I have to goto http://192.168.10.1

{QUOTE-> Hi, I am using a router,
but I have no idea how to enable NAT... <-QUOTE}You don't in the sense being discussed in this thread

A router employs NAT - network address translation - to route (hence the name router) packets from the WAN (Internet) side to the LAN (Local network) side. It accomplishes this by acting as a local DHCP server on the LAN side using a private (i.e. not Internet routable) address space (typically 192.168.x.y, but there are others).

Assume you have 1 or more PC's connected on the LAN side. From the WAN side, all requests for information are sent to the same WAN IP address which was issued to you by your ISP. The router is the hardware device that keeps track of which PC gets which packet sent to the WAN side and also aggregates all LAN side requests to be sent from the same WAN IP. In a nutshell, that's the address translation part of NAT. Although it is not functionally needed for just 1 PC on the LAN side, the mechanics are exactly the same, as is the translation from an Internet routable public IP address to a non-Internet routable private IP address.

If you've purposely reconfigured the router as a passive switch, then it does not act as a DHCP server, does not actively route, and does not employ NAT.

{QUOTE-> Isn't NAT suppose to be turned on automatically from the moment I got the router? <-QUOTE}Yes, out of the box. You must actively reconfigure whether or not it acts as a DHCP server to "turn off" NAT, but then it is not functioning as a router anymore either.
{QUOTE-> P.S in my country, for the router setup, I have to goto http://192.168.10.1 <-QUOTE}This is not country dependent, it is router dependent with typical address spaces starting at 192.168.1.y or 192.168.100.y

Blue

Ohm

Looks like I may have mislead you regarding enabling NAT,thanks Blue Zanetti(due to my fiddling around with my router settings).

Here is another description of NAT and its usefullness.

http://www.billion.com.au/forums/index.php?act=ST&f=9&t=1226

I would still try to make certain that your wireless security settings are OK.

You now have to decide whether just to use NAT and HIPS,or whether you still need a software firewall.

Look N Stop is made for Vista & I think so is PC Tools Firewall Pro. You might try them.

Right now I don't think any stand alone firewall that runs on Vista is all that great. You probably need to look at suites and take the one that has the fewest things wrong with it.

The alternative is pick your favorite AV and go with the Vista built in FW until something else comes along.

Blue Zanetti

from previous post:

Quote:
"Isn't NAT suppose to be turned on automatically from the moment I got the router?

Yes, out of the box"

Need your advice please.

In my Billion router,there is a setting under PPoe Routed-Wan Link -to enable or disable NAT.

It was originally disabled.

What then is this setting?

thanks

Hi,
Many thanks to all you guys,
Especially Hairy Coo for making me feel secure,
I'm thinking of just using Vista firewall,
because every other software firewalls are too complicated for me to handle,
anyways, thank you guys!

Good move:thumb:

Also,I suggest that you download the free edition of Threatfire,one of the very best HIPS,which is light and unobtrusive and very simple to use!

Just use as is.

http://www.threatfire.com/download/

Hairy Coo,
I'll definately try it!,
but what exactly does HIPS in Threatfire do?
Does the free version of TF provide enough security?
Thanks in advance!

Read Paragraph 8-that will explain it.

http://www.techsupportalert.com/best_46_free_utilities.htm#8

Its an additional layer of security for your firewall and router.

The freeware is identical to the shareware except it doesnt have antivirus and a couple of relatively unimportant points-all listed in the link I provided.

You neednt worry about using it-it shouldnt cause any problems at all.

I presume you have an antivirus.

{QUOTE-> Need your advice please.

In my Billion router,there is a setting under PPoe Routed-Wan Link -to enable or disable NAT. <-QUOTE}The details of the device matters since the specific terms can change a bit, but the end result is basically the same.

If all PC's on the LAN side have distinct and public IP addresses (i.e. your ISP allows multiple public IP addresses), you do not have to use NAT to link all PC's to the WAN side. The router is basically used as a switch in this case.

If you use distinct devices for the modem and router, turning the router into a switch is effectively equivalent to plugging the PC into the modem. If you have more then one PC, putting a switch between the PC's and the modem simply yields more physical hardwired ports to add additional PC's to the whole network.

In paired modem/router devices (i.e. one physical device), the same thing occurs but the physical relationships aren't quite as obvious.

Virtually all standalone routers are configured to act as a DHCP server by default. Modem/router paired devices, particularly those supplied by ISP's, may employ different default configurations.

Blue

Thanks for the explanation

Hairy

Hello OHM,

My two cents on the matter. Why not give Returnil, or Shadow Defender a try? Programs like this 'clone' your hard drive, so your working in a virtual environment, nothing writes to your actual hard drive. Catch a Trojan, delete anything you want, reboot the Trojan does not exist & what ever you deleted is still present.

I chose Shadow Defender & am writing this in Shadow Mode so anything bad that happens to C: just does not exist, after a reboot.

Think of your hard drive as a "chalk board" contains precious documents etc., adding "Shadow Defender" is like putting a piece of plastic in front of the chalk board. Bad stuff tries to erase the chalk board, or spray paint it, you reboot & the plastic (containing malware) is gone & your data is safe.

Since using Shadow Defender i've said goodbye to: Comodo FW, Prevx2 <another Hips>, LinkScanner Pro, I still use NOD32 because there's still time left on the subscription, & may not renew.

Another product using this approach is: DeepFreeze see:

DeepFreeze (http://faronics.com/html/DFTutor.asp)

Watch theere video, while there, very impressive.

Take Care
Rico