Hi all,

can anyone point me to a free firewall without HIPS for windows XP SP3?

im not sure about free, but the best pure FW ive tried is Look 'n' Stop. :thumb:

Try the Sunbelt Firewall.

I think Ashampoo has a free firewall without HIPS.

-{ Quote: "Hi all,

can anyone point me to a free firewall without HIPS for windows XP SP3?" }-
zonealarm free firewall

-{ Quote: "zonealarm free firewall" }-

:thumb:

GhostWall

the best free and the lighter is PCtools FW , just disable "enhance security" and u got it :)

-{ Quote: "the best free and the lighter is PCtools FW , just disable "enhance security" and u got it :)" }-
Can that possibly be lighter than GhostWall? Don't think so.

Kerio 2.1.5 is a good solution for a simple firewall.

Rising Firewall Free also good, light & without HIPS.

Thanks to all for the suggestions. I have started out trying PC Tools FW. I had thought to try an older version of ZA free, but couldn't remember which version I last had that worked so well for me. I believe it was back in 05 or 06.

-{ Quote: "I had thought to try an older version of ZA free, but couldn't remember which version I last had that worked so well for me. I believe it was back in 05 or 06." }-

I use ZoneAlarm version 6.1.744.001 on XP SP2 and it works well for me.

I use PC Tools FWP 3.14 with code injection been stable..

Comodo Firewall
Just change setting: Disable Defense + Security
And you got pure firewall

There are quite a few old versions of Zone Alarm available at OldVersion (http://www.oldversion.com).

For a pure, lightweight rule based firewall, it's hard to find better than Kerio 2.1.5.

Windows firewall, Sygate, Kerio 2.1.5.
Personally, I'm using mostly 1 and 2 when relevant and applicable.
Mrk

-{ Quote: "Rising Firewall Free also good, light & without HIPS." }-
:thumb:

For the firewall purists, I have seen some recommend the SoftPerfect product.

http://www.softperfect.com/products/firewall/

Windows FW. None of that HIPS / outbound rubbish. Just pure, light inbound traffic filtering.

Best free pure firewall: Sygate or Kerio 2.1.5

And if you're willing to pay, LooknStop is fantastic.

-{ Quote: "Windows FW. None of that HIPS / outbound rubbish. Just pure, light inbound traffic filtering." }-

It's a good and simple solution :thumb:

paid / Look'n'Stop :thumb: excellent firewall.
Free / Kerio 2.15 ran it breifly but from what I can tell...not bad.

-{ Quote: "For the firewall purists, I have seen some recommend the SoftPerfect product.

http://www.softperfect.com/products/firewall/" }-
Pure firewall, being defined as filtering inbound and outbound ports, and deny/allow based on address/port/mac, SoftPerfect does this, and only this. No injection monitoring, no application monitoring. So, it could be defined as pure I suppose.

Windows Firewall, for inbound pure too I suppose. I use it mostly.

You might also consider ipsec as a pure firewall. Not easy to use, but can do same thing in regards to allow/restrict based on ports or ip.

Sul.

Depends what your doing on your PC? Most people are okay with their Router 3 hardware firewalls. Some still use the hardware and software types. Like most here use some sort of sandbox types. Still just a plain fast one would be Firewall Plus 3.14. I have it hosted on my site see the Firewall Plus 3.14 posting in this thread. That's good with P2P if you do that, otherwise that's it..

Why would anyone want a FW without HIPS?

I thought HIPS was essential for a FW?

-{ Quote: "Why would anyone want a FW without HIPS?
" }-
Because Mr. Anyone has already a HIPS without FW. :)

Cheers

"HIPS" are a comparatively recent addition to firewalls. The present trend is to combine all the security apps into one package. Firewall vendors saw the effectiveness of apps like Process Guard and System Safety Monitor, added those abilities to their products, and came up with the term HIPS. The term itself is more of an advertizing buzzword than a useful of the software. It's used to describe too many different things and has no definite meaning. Sites like Matousec like to push that combined suite concept with their misuse of so called "tests", turning them into advertizing tools that do nothing but push the "newer is better" concept to increase sales for the vendors.

There's no reason "HIPS" has to be part of a firewall suite. A lot of us like to run separate HIPS and firewalls. I run Kerio 2.1.5 and SSM, which I consider to be equally as effective or better than any combined package.

-{ Quote: "Hi all,

can anyone point me to a free firewall without HIPS for windows XP SP3?" }-
Hi,

So, if one is looking for a simple "Pure Firewall" as stated in the title...

I wonder why no one mentioned GhostWall....

http://www.ghostsecurity.com/ghostwall/

This is probably the easiest and most uncomplicated, low profile firewall I know of..
Nothing unneeded just simple blocks and rules!

Just a thought! ;D

-{ Quote: "Hi,

So, if one is looking for a simple "Pure Firewall" as stated in the title...

I wonder why no one mentioned GhostWall....

http://www.ghostsecurity.com/ghostwall/

This is probably the easiest and most uncomplicated, low profile firewall I know of..
Nothing unneeded just simple blocks and rules!

Just a thought! ;D" }-
It still is in development?
Do you have support for it?

Hello RDSU,

Wilders used to host the support for ghost security... I think Jason might have dropped the ball somewhere in the forums...

However the firewall itself is rather good, I still have several clients (XP users) who wont let go of it...

It does have a few peculiarities where some ports need to be configured properly for it to block them, but the rules are easy to understand and implement...

Just test your firewall installation as soon as you setup to make sure you have no leaks...

Here is a link for you to some resources to test your firewall (Whatever choice you end up making).
http://www.hermes-computers.ca/index.php?pid=39

here is a wilder post I wrote some years ago for those interested in Ghostwall... About Port 0 & 1 being exposed! and the solution...
http://www.wilderssecurity.com/showthread.php?t=148627&highlight=Ghostwall

The particular rule to solve the issue is located here: http://www.wilderssecurity.com/showpost.php?p=847698&postcount=3

I hope this helps!

I know that Ghost Security is a great firewall, and already use it in its beginning, but I don't like firewalls that doesn't have support and its development is dead...

If we only install the Comodo Firewall, disabling Defense +, we will get a pure firewall, and at least on my system it runs really stable and fast with almost no CPU usage and Memory...

It seems that is the only option that really works for me...

No comments! :blink:

-{ Quote: "No comments! :blink:" }-
Please, give them! ;)

Note: just in case someone finds the info interesting I did edit my previous post to reflect the issue of port 0 & 1 (which is common in many firewall).

if you want to re read it: http://www.wilderssecurity.com/showpost.php?p=1449936&postcount=31

-{ Quote: "I know that Ghost Security is a great firewall, and already use it in its beginning, but I don't like firewalls that doesn't have support and its development is dead..." }-

I'm with you on this... However the secret to this recipe is in the testing!
And ghost wall being probably the most bare boned Firewall around albeit airtight and super light weight using practically no resources. I can't see much need for further development being required given what it actually does already...

Vendor support isn't that important with firewalls like Kerio 2.1.5, Ghostwall, etc. They don't depend on updates or databases that need maintaining. They've been in use long enough that the major bugs were found and fixed.

The internet has gotten bigger but its basic design hasn't changed since these firewalls were released. The IP address system is the same. Internet software still uses the same basic protocols and connects through the same ports. Firewalls like Kerio, Ghostwall, Sygate, and others will filter and control internet traffic exactly as they did when they were new. When IPv6 is fully implemented, then the older firewalls will cease to be useful, but for right now, they do their job very well. That's one reason that a lot of us stay with an older firewall. They were designed to do one thing, control internet traffic, and they do it very well.

Hi hermes.
I'm using Kerio 2.1.5 since a few months, and after reading your comments on Ghostwall, decided to try it.
There's no applications rule though, and the Allow All Outbound rule is a bit scary to me...
Kerio allows me to control what apps have network access, and to which IPs and Ports.
With the default rules, like depicted here:
http://www.wilderssecurity.com/showpost.php?p=847698&postcount=3
It's barely an incoming packet filter, no?

TIA,
François

-{ Quote: "Hi hermes.
I'm using Kerio 2.1.5 since a few months, and after reading your comments on Ghostwall, decided to try it.
There's no applications rule though, and the Allow All Outbound rule is a bit scary to me...
Kerio allows me to control what apps have network access, and to which IPs and Ports.
With the default rules, like depicted here:
http://www.wilderssecurity.com/showpost.php?p=847698&postcount=3
It's barely an incoming packet filter, no?

TIA,
François" }-

Bonjour Francois!

By definition all firewalls are merely packet filters... as the only way to block some and allow others require packet filtering to ports and sockets...

This being said, this firewall will allow you to create port rules sophisticated enough to facilitate all your firewall needs... However they must be created by hand. So if you enjoy finessing around with port rules this is the firewall for you... on the other hand if you like everything done for you it may not be...

On a side note: Kerio is an excellent basic firewall. It does nothing less than Comodo or Ghostwall as far as Firewalls do. In fact even the firewall built into the Vista or XP Pro SP3 is "Effective" as a firewall. The real issue everyone suffers from is caused by applications that resides on a user's pc then dials out, bypassing router based firewalls as well as machine specific firewall. Not including that an ever increasing numbers of system breach is now related to plug gins and add ons to web browsers or to scripts built into web sites then the web browser interprets the content and voila... Firewalls, applications filters and other such fine technologies are rendered moot as the system is compromised...

Thanks Hermes.
I don't mind doing rules.
I've tweaked Kerio myself, so I can do it.

With Ghostwall, I don't see how I could, for example, allow outbound port 80 to my browsers only.
It seems I can open the port or not, but can't choose to which apps.

For the moment, Kerio seems far better since I can control the apps.

(or I'm missing something obvious...)

Regards,
François

Francois,

Nope, you are right... No application level filtering here.

However, as I have mentioned you should not rely on your firewall for applications filtering...

A HIPS is far and above the better option as it is not applications or port/socket specific.

Also hardening your web browser as well as any "risky" applications you wish to filter would be far more secured if used within a Sandbox further operated within a user account with reduced rights (As in not an administrator's user account).

Thanks again.
Just added Dynamic Security Agent (DSA) from Privacyware, and may have a winning combo here.

Another question: where does Ghostwall saves the rules?
Did some tweaking tonight, and wanted to save the rules file (as I did with Kerio) to a backup directory.
Didn't find anything in the app dir, documents and setting dir nor registry.
?

TIA!
François