http://www.secadministrator.com/articles/index.cfm?articleid=25348

this is getting really old with the same comparisons over and over......3 of those apps are crap and ''SYGATE and OUTPOST......2 of the best aren't even mentioned!!!!!!!

I'd like to see a factual poll done by the actual users of these .......only 2 on that list would rate high.......

There seems to be a huge pool of "professionals" out there that are totally out of touch with reality.
Whenever I see a study start with how great Norton and McAfee is, I instantly know that study or article is a waste of my time.
I guess society has always been like that. Look at the success of McDonalds and Burger King in the US and even overseas (for me).
Hell, people listen to Opra. I don't understand. ???

Sy-GATE! Sy-GATE! Sy-GATE! Sy-GATE! Sy-GATE!

LOL, Tiny isn't in the same class as ZA! True but perhaps backwards.

Perhaps becauseTiny didn't offer "protection zones and modes" and other rhetoric that keeps people from learning what the he!! a firewall actually does. Once again a rating system based mostly on what product is the most n00b freindly. Oh and Tiny wasn't preconfigured to allow IE to do whatever it wanted, oops!

Even XP's FW was mentioned !! LMAO !!

nuff' said !!
bill

-{ Quote: " quoting: eyespy link=board=23;threadid=2149;start=0#15385 date=1025744342]
Even XP's FW was mentioned !!

" }-

No comments!! ;D

Ciao,

Smokey

;) Just a friendly question. Why don't we do a comparison of our many firewalls? At least to set the record straight for those who are out-of-touch-with-reality! ;D

Not a bad idea, in a way, P_S!

Or maybe simply the things that we have problems with as regards our firewalls?

FI, even though I liked L'n'S enough to purchase it (penny-pinching miser that I am! <g> ) , and feel totally confident of its protection of me when I'm on the Internet, it irritates me no end that it won't hold its' permissions for several of the programs I use here - I have to constantly chase those programs around with the cursor, authorizing, then closing the other little message that comes up to get them to work - when they do. I know it's because something about those particular programs must be violating the "Advanced" ruleset, and that I need to get into the individual settings for those programs in the firewall and make changes - I simply don't have the time to mess with it!

It would be nice if they'd just put an 'Exempt Program' box in there somewhere, something that just lets it by-pass all the rules. Pete

I have no such problem with LnS.

Did you already post a question at the LnS board?

I am running Win98 SE, by the way.
I do seem to remember a thread at the LnS board of someone's settings not being retained in Windows XP, however

Isn't it wise then to use a product by a company that sells both protections? Norton has antivirus and firewall (@guard)
And they both play well together. :o

Root,
-{ Quote: " quoting: root link=board=23;threadid=2149;start=0#15363 date=1025735652]
There seems to be a huge pool of "professionals" out there that are totally out of touch with reality.
Whenever I see a study start with how great Norton and McAfee is, I instantly know that study or article is a waste of my time.... " }-
Well, as you probably know, I've been using NIS/NPF since version1.0 and have no problems with it. However, there are factual inaccuracies in the statement about NIS/NPF in that review which lead me to believe that the author really did a rather superficial review.

I'm not promoting NIS/NPF; indeed, I've been very critical of much of the invocation, but (at least for the moment) I will continue to use it.

I think there's some merit to doing an independent firewall evaluation here at Wilders, but this is not as easy as it may seem. It would take considerable time to set up the criteria to be addressed and then comprehensively evaluating the extent to which each PSF (in particular) satisfied that criteria. Let's take 'intrusion detection', for example (which seems to be the latest rage). Different PSFs do different things and the evaluation criteria would have to adequately reflect that (not an easy task, by any means).

And, I also suspect, it would be essential to specify the build of the PSF and the OS on which it was tested, as well as the basic configuration of the PSF. I don't think it does much good to simply compare 'default' configurations, inasmuch as the different vendors (and different end-users) have different ideas as to what is most appropriate.

Well, let's think about it. I would suspect that the first thing to be done is to set up some (unweighted) evaluation criteria. We could then proceed from there.

-{ Quote: "Isn't it wise then to use a product by a company that sells both protections? Norton has antivirus and firewall (@guard)" }-

No. I think it is wise to use a product because it performs best for you. :)
My firewall, Outpost, plays quite well with any AV I try to use.
I loved @Guard. Why did Nortons have to add so much fluff to it? It more than trebled in size. Sorry I don't remember the exact size @Guard was.
Then McAfee turned around and did the same thing to the other great firewall, Conseal.
You know, I almost cried when I saw what those two companies did to two of the finest pieces of software around.
Love Norton if you want. It's certainly your choice. I will forever despise those two companies for what they did, out of greed, to two of the best firewalls ever produced.
I realise everyone doesn't see it as I do, but I am not by myself. Wouldn't be any fun if everybody used the same programs anyway. ;D

Hello there Mr. Morris, I guess we were typing at the same time and I just now saw your reply.
I know there are a lot of faithful Norton users and McAfee users as well. I am sure they use those products because they believe they work quite well for them.
I can only go by the experience I personally have had. I get called to work on other peoples computers a lot. Not because I am a professional, it's just that I live in an area of the OZarks where sunshine has to be piped in. :) I seem to be the only person around here that knows anything about computers at all.
Anyway, I have found a lot of people have McAfee installed and even on the ones that have updated databases, McAfee has missed some of the most common viruses around. I have also seen Nortons, with current databases miss some very common viruses, most notibly the WM.Marker virus, I think is the name.
I have come to the conclusion that AVs to some degree behave differently on different configurations of Windows. I know other people have very good results with NAV.
Now, when it comes to firewalls, I do not have any similar experience at all. In the first place, most of the world doesn't know a firewall from a firefly. I have seen a lot of posts on different forums where people were having this issue and that issue with XYZ firewall. It seems here again, the configuration of the machine any firewall is installed on has everything to do with how well it will perform. I think it is going to be impossible to say any given firewall is the best in any circumstance.
Being a big supporter of Outpost, I know it is an excellent firewall for most. I also know it is not the best firewall for everybody.
I am sorry my post sorta wandered all over the place. But that's what happens when you start thinking about the ins and outs of setting up some kind of criteria for judging firewalls. Being a mod at Agnitum one thing I have learned is there are a million different configurations of OSs and other programs out there, and it is amazing how many different setups will affect performance of firewalls.
I suppose in the end, it's as always - we are just going to have to agree to disagree. :)

Hey, root, could we drop the Mr. Morris? (It confuses my father. ;) ) Joe or Joseph works just fine.-{ Quote: " quoting: root link=board=23;threadid=2149;start=0#16124 date=1026177164]
. . . . Anyway, I have found a lot of people have McAfee installed and even on the ones that have updated databases, McAfee has missed some of the most common viruses around. I have also seen Nortons, with current databases miss some very common viruses, most notibly the WM.Marker virus, I think is the name." }-Can't say yea or nay to that. It's been eleven months since I saw my last virus here. I'd like to think that's because I'm very careful in what I do; but, really, it's more likely a matter of plain, dumb luck.
-{ Quote: "I have come to the conclusion that AVs to some degree behave differently on different configurations of Windows. I know other people have very good results with NAV." }- Interesting; I'd never thought about that, but I suppose it's possible. I know Symantec definitely uses somewhat different drivers for NIS/NPF on different OSs.
-{ Quote: ". . . . I have seen a lot of posts on different forums where people were having this issue and that issue with XYZ firewall. It seems here again, the configuration of the machine any firewall is installed on has everything to do with how well it will perform. " }-Yeah, @Guard, the moderator of the Unofficial AtGuard Users Forum, spent a great deal of time trying to drum that into my thick skull once upon a time. ;D Unfortunately, the lesson didn't really 'take' until I'd gone through the experience with different machines using different Internet hookups and different ISPs.-{ Quote: "I think it is going to be impossible to say any given firewall is the best in any circumstance." }-Agreed. Once upon a time (I think it was in the old GRC newsgroups) I laid out something like seven primary determinants of what might be 'best' for a given user in a given situation. Combine the various combinations and permutations of those determinants with the variety of PSFs out there today, and the decision matrix becomes rather awesome. (And tomorrow, a couple of the vendors will release upgrades, so you get to start all over, once again! :P )
-{ Quote: ".... I am sorry my post sorta wandered all over the place. But that's what happens when you start thinking about the ins and outs of setting up some kind of criteria for judging firewalls. . . . . there are a million different configurations of OSs and other programs out there, and it is amazing how many different setups will affect performance of firewalls. . . . .
I suppose in the end, it's as always - we are just going to have to agree to disagree. :) " }-
Where'd we disagree? I, too, think it would be a gigantic undertaking.

Hi Joseph. Please excuse the name thing.
I really am convinced that AVs must work differently on different configurations. My experience with several AVs has caused me to wonder why anyone would use an AV that performed so badly. That, over a period of time and a lot of "discussions" has convinced me that different setups must affect the performance of such programs.
As for the disagree part, I was just referring to the fact that people, including you and me, are going to disagree about what's the best firewall, AV, AT, etc.

-{ Quote: " quoting: root link=board=23;threadid=2149;start=15#16182 date=1026227498]. . . . As for the disagree part, I was just referring to the fact that people, including you and me, are going to disagree about what's the best firewall, AV, AT, etc." }-

Oh, that's what it was! ;) That ain't no big thang. I got over my Ford vs Chevy syndrome a few years ago.

Still, it might be nice if we could identify functionality in the various PSFs that's present in one but not in another.
For example, AG/NIS/NPF only handle TCP, UDP, ICMP, and IGMP. I think Kerio and Tiny can handle more.
Do any of the PSFs yet handle IPv6 protocols?
Possible combinations and permutations of some potential settings (for the rules-based firewalls) seem to differ from one vendor's products to another.
AG/NIS/NPF (historically at any rate) has not explicitly identified TCP flags; ZA does. And there's a similar issue with the codes associated with the various ICMP Message Types.
Who's got an integrated, on-demand packet sniffer and who doesn't?
AG (and I think Tiny at least) has time-settings available on when rules were in effect; NIS/NPF does not.
NIS (but not AG or NPF) allows one to link rules to particular OS User Accounts (in Win XP); does anything else?
For novice users, what are the implications of simply going with default vendor-provided configuration settings?
To what extent can an advanced user further customize the PSFs from the various vendors.


Stuff like that, if fairly done, could be a real service to people looking for information on which firewalls best support their personal needs.

Agnitum tried to make a comparison of features that was accurate, but I think there may be a few errors on it yet.
http://www.agnitum.com/products/outpost/compare.html
Protocols handled by Outpost:
TCP, UDP, ICMP, IGMP, RAWSOCKETS, GGP, IPIIP, ST, CBT, EGP, NVP, TMux, HMP. RDP, IRTP, NETBLT, SDRP, GRE, ESP, AH, MARP, MEP, SKIP, ICMPv6, VMTP, MOSPF, OSPF, MTP, IFMP, PIM, IPPCP, VRRP, PGM, PTP, SCTP.
Next version is going to add:
1. New logging system
2. Protection against all known leaktests (dll injection, application
commandment etc)
3. New LAN settings dialog (autodetection of Trusted LAN)
4. Rules are loaded before any appolication starts
5. ICS support for XP
6. Fast user switching support for XP
7. Statefull inspection that will toggle on or off for applications like FTP.

So, the above can be added to what is already listed at the Agnitum Outpost comparrison page. That's why I love this firewall so much. This is @Guard on steroids.

NIS(?) is @Guard + fluff (parental controls)(How many predefined rules trying to cover every instance of use??)

IMHO ;D

-{ Quote: " quoting: root link=board=23;threadid=2149;start=15#16251 date=1026249579]

4. Rules are loaded before any appolication starts

" }-

except windows of course. The os will always be able to phone home with a software firewall.

Root,

Well, I just spent the last hour composing a big, long response to your posting above. Unfortunately, the site crashed when I tried to transmit it and I don't have a backup copy or the inclination to try to rewrite it from scratch. Sorry.

Don't know what's wrong here; my browser crashes continuously on this website.

Joseph, I'm sorry to hear that. I know how frustrating that can be.
Perhaps I should have left off the remark about NIS. I can understand it if you like the product. I did use it for awhile, I think NPF 1.0. If I remember correctly, it had it's points.
I enjoy discussing the strengths and weaknesses of various security products. I learn, and try to apply the knowlege to my job at Agnitum in helping them make a better mousetrap.
Wish I could help with the browser crashing, but I can't think of a thing that would be site specific here. Hope you get it sorted out. :)

Hello all. I was happy to see a review like this and thank you for bringing it to my attention. I'm no firewall buff, hell I barely get these things running. I do however run them because I know there value when it comes to my PC.

I would like to point out after someone said shouldn't you use a firewall and virus software that play well together. I think this would be a very bad way to choose your product and would suggest rather then the performance you have between the two is the overall performance on your system with any one of these programs.

That all being said I have had probelms with the two top listed firewalls in this review. Are you surprised? I doubt you are..

First, Norton doesn't want to play nice with other software, a list to extensive to bother going in to I would just say that although I do believe Norton to be a good firewall I would suggest making sure early on that you can run your software with it installed so as not to have to remove it after you have extensive time in the product.

Second, Mcafee has let their support go to hell. Earlier this year they acctually had an update that left many Mcafee users without working virus protection. I was one of them and went through hell trying to just get to the proper Mcafee division for my product. This could also be looked at as Mcafee was handing off the buck. Now that they have started a product line that is run totally from the web they seem to have let the users that acctually install their firewall hanging. I had been useing Mcafee for several years and left them earlier this year due to their lack of commitment.

I now use the folowing and feel pretty darn good about these right now, although I continue to read about them all.

BlackIce Protection 3.5
PC-cillin 2002 (has pop3 & real time support)
Trojan Hunter
Ad-Aware
System Purify 2002
Windows XP PRo (w/firewall turned off, along w/a grip of useless services turned off)
I also set my system so nothing calls home, how dare anyone think they have the right to call home with out asking me? I even use BlackIce file protection to block a couple programs that M$ thinks is ok to have call home with out my consent. (ie. wmplayer for one)

Hi Raygun. Even though BID now filters outgoing traffic also, I still believe it is something less than desirable. I wish I had bookmarked a couple of articles I recently read on it. It just dosen't perform well.
In my opinion, and that's all it is, (I know), The firewalls people should consider using are Outpost, Sygate, Kerio, Tiny, and Look N Stop. I know you didn't ask, but I hate to see people put their faith in BI. I don't think it deserves it.
Now, what is System Purify 2002? Never heard of that.

hmm, I hear you. I have heard many others voice there concern with BI. However, what can you do to my system while I run BI that you can't do with those you mention? I'm very tempted to just give out my IP and let you have a go so you can put your concerns to rest. I think you would find BI does well enough so you couldn't do a damn thing to me, and with out all the tinkering you firewall finatics like. Although that in it self is something I can understand, being able to fine tune your firewall is something that could be very apealing.

System Purify 2002 can be found at Clipper Soft
http://www.clippersoft.net/systempurify/overview.htm

I, unlike the average intrusion watcher, feel I have a better experience on the web with cookies. Therefore I use a program to clean things up regularly. That is where System Purify 2002 comes in. It has many options when it comes to deleting temp files and cookiesand the index.dat files on your system. It's just one thing I use to clean up after doing anything I want on the web with out limiting myself!

Hi Raygun. BI has always had an excellent IDS, that is not the issue with it. I use a firewall as backup protection against trojans and call home type applications. I really have very little concern about coming under a DDoS attack, or anything like that.
I will see if I can find the article I read last that expounded on BIs strengths and weaknesses.
Please understand, I have no intention of trying to get everyone to believe that the programs I use are the only good ones or the best. However, when I see people putting their faith in security programs that I have reason to believe do not live up to their promises, I simply pass on my concerns so that I know the other person is aware there are people with concerns about the product in question. I also enjoy debating the pros and cons of various programs, as I have learned a lot that way. I have, in the past, changed programs I used because I found out someone knew something I didn't.
Let me see if I can find an article or two that I came across to show you why I am concerned.
Please do not take this as me thinking I know more than you do, or me telling you I know best how to protect your computer.
I'll get back to you when I have some more information.

I see that system purify is something like Window Washer, which is what I use to do the same thing.
Thanks.
:)

Ok Raygun, if you go here (http://www.firewallguide.com/software.htm#Comparative) and look around, especially look at Comparative reviews of personal firewall software and follow all the links, you will get a pretty good picture of the strengths and weaknesses of BI and indeed many other firewalls.
This is from PCWorld and represents one of the major concerns I have about BI.
-{ Quote: "BlackICE suffered from other problems, too. We've awarded Best Buys to earlier versions of the program because of their demonstrated ability to fend off and track attacks from outside. This time around, we focused more on application control, a feature that's new to the current version--but this feature failed to pass muster. By default, BlackICE grants full Internet privileges to any applications already installed on your PC. Because of this setting, BlackICE was the only firewall (other than Windows XP's) that failed to block a backdoor program preinstalled on our test system. You can restrict applications after installing BlackICE, but that requires you to review its list of the several hundred executable files installed on your PC and to configure rules for each." }-
I hope this shows you why I voiced concern. I am sure you are cabaple of making informed decisions concerning your computing habits and I hope this has not seemed intrusive to you.
regards
root

On the contrary, I enjoy your information and thank you for the link! I didn't mean to come off as though I was angry, if I did I'm sorry. I only said what I did because you posted

"Hi Raygun. Even though BID now filters outgoing traffic also, I still believe it is something less than desirable. I wish I had bookmarked a couple of articles I recently read on it. It just dosen't perform well."

Even though you stated it was your opinion I find that too many people/places decide to say these things with out proof. The statement "it just doesn't perform well" is far from the truth and shows somewhere deep down you have some inbedded hate for the product.

Now the article you bring to my attention describes the supposed lack in file protection I think you are refering to. I would like to point out this, and I do not think you can toss this reality aside. You talk about firewalls that take some serious time and learning to get up and running correctly. Yet you want to say BlackIce is bad because if you already HAD a trojan then it would not block that trojans outbound! Well I just think that like any of these programs you must do your research and I did. I installed BlackIce on a fresh install and went further to learn how to block any program with BlackIce's outbound protection. I am able to use BlackIce to block ANY OUTBOUND TRAFFIC! <--this is what I need to get you to believe, if you won't use the program then you are just going to have to take my word. Not only that you can remove all known applications and start from scratch so to speak allowing one program at a time if that makes you happy! Then there is apsolutely NO way it will miss any outbound traffic, of which you seem to be pre-worried about when it comes to your chose in firewalls.

Here is the low down, or MY opinion. It does just what your program does you just don't want to admit it for some reason! If you check and remove trojans with another program, or you install BlackIce after a clean OS install, or you simply learn how it works and remove any questionable known files and ok them one by one or not allow them then it's doing the same as your firewall.

I think you have to face facts, for some reason you don't like BlackIce and have not tried it, therfore this is what bothers me when you make statements like, " It just dosen't perform well."

That's just a bad statement, I continue to read your insight as well as your links and thank you. I can always learn more.

Hi again. Actually I think BID was my first firewall. I liked it well enough although the early versions used to drive you batty with the warnings unless you turned them off.
Then, like so many people, I switch to ZA when Steve Gibson convinced me I needed outgoing protection as well as an IDS. I was happy enough with ZA, but I like to try out new and different products. I think I tried Sygate for awhile. It was cool. I then tried Tiny, I believe and learned some about rule making and application control. I used Conseal for a bit, but the rule making on it was difficult and I just didn't know enough to set it up properly. I switched to conseal desktop and I loved it. Simplest thing in the world and seemed to work well.
Well, one day I tried @Guard. I found a preset set of rules and was off. I had finally found my firewall. With all the extra filtering that went with it I was a happy camper.
All good things seem to come to an and and Conseal sold out to McAfee and @Guard sold out to Symantec. I tried NPF and McAfees both. Here is where I developed a deep seated resentment against a couple of Product lines. It was my personal opinion that the two best firewalls on the market were bought up by the big bullies of the industry and RUINED! So, here is where you will find my resentments, not BI and ZA.
I tried Look N Stop but I did not like the restrictions on rule making it had. I felt I had to make too many rules to accomplish the simplest blocking.
I went back to Sygate and then Outpost came along and I got involved in beta testing and I am at home now.
I would not debate you on the qualities of BI verses Outpost, that would lead nowhere, I feel.
It seems like you know enough about the products you choose, and that to me is what its all about. People having enough information to make informed decisions. Of course different people will make different decisions. I never try to sell Outpost as the best possible choice. I just try to sell Outpost on its merits. I love its versatility and rule making ability.
I hope I haven't bored you to tears with my little firewall history, so to speak. It's been interesting and fun trying out different products.
Who knows, I may someday try something other than Outpost. (Shhh) Don't spread that around, please. ;D
By the way, i never thought you were angry. I just know that sometimes I appear to come across as a know it all, and I try to avoid that at all cost. I'm just another guy with another opinion and hopefully I can share some usefull information from time to time and in turn, pick up a little useful information from time to time.
Cheers. :)

That was actually a very interesting road you took us down! :)

It sounds as though you have found the firewall for you. I find I have to defend BI way too much, yet for user that likes less rule making and more GUI interface I think it's great. You really hit a good point when you said that we each find programs we like more. I have yet to try outpost so that's on my list. Like you I feel at home with what I have now and find all the tests out there I pass with flying colors. However, If and when I try another or find a reason to switch I think you have compeled me to try outpost.

After such a wonderful story I probably shouldn't say what I'm about to, but I can't resist because I feel so strongly about it.
My advice for anyone would be to turn your head the other way when it comes to steve gibson, he spouts more drible each day and there have been many things he simply can not back up. To this day I contend stealthing yourself does you no more good then just blocking. In fact I believe that with a stealth set up you will inevitably be probed more then if you were blocked and had sent an original signal back saying "yes here I am and the door is closed"

this is just my 2 cents though, I have yet to see anyone prove it either way and as I said at the begining of the thread I'm not in a position to know enough to test it myself.

Thanks for the fun thread and great info root. See you around!

-raygun-

Appears the comparison on Outposts page is saying NIS comes in second for features ;) Isn't that funny? :P
Nice comparison posted though.
I have been messing with Outpost myself and I really think the name is COOL ;D right from the frontier days.

http://www.agnitum.com/products/outpost/compare.html