Hi!

Since I use SP2's firewall AND a router firewall, I really don't need another one.

But I do want to have application control. Yea, I know I can install ZoneAlarm and disable everything except said feature, but not only do I feel it's kind of lame, it takes a huge RAM, its installation shoves files into my windows' folder and, in summary, I feel it's not more logical than installing DOS just because I want a command prompt...

Basically, I want a prompt that tells me "application X just tried to make a connection to whatever. Allow or Deny?"

I know there's a little program, which does just that, called Little Snitch, but it's only for the MAC!

Surely there's something similiar for Windows.
I'm sick and tired of all these "overall solution" packages. No, I don't want "pop ups blockers"! I don't want "intrusion alerts"! Is it really so hard to simply prompt me to deny or allow whenever an application tries to call home?!

Thanks

well, that would be not so easy I guess. most of the programs nowadays are all in one just like you told. even pc internetpatrol or blackice functions as a ordinary firewall with extensive application control. there are some utilities that monitor programs starting up eachtother, spawning eachother, like SSM but not internet. just pc. a program like port explorer with alert showing all info ,...damn that does sounds nice if you ask me.
we see... ;D

I think I now it, it is called JAMMER from Agnitum (of Outpost Pro:firewall)

# Jammer's unrivaled multi-barrier system blocks each step an intruder takes with sophisticated counter-measures that protect the registry, monitor applications and inspect both incoming and outgoing connections.
# Its unique AppWalltm technology is designed for home users yet has the power of corporate firewall programs. AppWall controls any application's access to the Internet effectively nullifying the threat of Ad-ware, Spy-ware and all kinds and classes of Trojan horses. Jammer lets you allow specific applications to access the Internet and to deny access to others.
# Scanning detection modules discover intruders when they first probe your connection. Attackers hit a solid wall.
# Jammer is a cracker's worst nightmare. It sends a message to their ISP warning them that their service is being used for unauthorized purposes. This can result in legal prosecution of the cracker.
# Jammer monitors the Windows Registry. Any attempt to modify critical sections results in a warning message on your screen letting you cancel the alteration.
# Jammer includes an advanced process viewer. It lets you see even the hidden processes. It describes each running application and what it's doing.
# Jammer monitors network connections and shows you which ports are active and who is connected to your computer.

Only one thing, do not know if is SP2 ready

Hi Infinity
You are correct with your outline for "Jammer", however, it does not support XP (sp1 or sp2).
See their requirements on this page
here (http://www.agnitum.com/download/jammer.html)
Cheers :)

Damn I missed that...getting late would be a lame excuse isn't it???sorry.

Inf.

Plus it hasn't been updated in years (which explains not supporting XP) and one look in its page can tell you that its developers couldn't care less about it (no screenshots, 2(!) FAQ, etc.).

Also, I've managed to test it before you said it doesn't support XP and the (very few) options didn't even allow to stop monitoring incoming connections.

I wonder why they came up with this program in the first place.

Ok, there is a (small) FAQ, but it's hidden in the other side of the site...

Outgoing firewall: I know exactly how you feel. Jammer did seem like the perfect solution, but like fedra said it doesn't work with XP. I did email them asking if they were going to update it at some point, and they just gave a generic "no, try outpost, it's better." Right now I'm using x-Wall (http://www.sphinx-soft.com) It does have content filtering, but it's easily disabled. It has some pretty good options for limiting outgoing connections, although it's a little complicated to get set right, and it only takes about 6mb of RAM. You might give it a try.

yes Notok, that would be the problem. no support for xp. anon user was looking for outgoing cause the incoming would be indeed the xp built in firewall. I was hoping someone could find a tool like port explorer with alerts when something was wanting go out. too much all in one these days.

{QUOTE-> too much all in one these days. <-QUOTE} Exactly. The paid version of x-Wall has a couple other goodies, but the freeware version doesn't even have content filtering (which I forgot about in my last post, and it's so unintrusive to turn and leave off in the paid that I don't even think about it.) It's the most "to the point" firewall I've found yet.

As I read more about firewalls and configuring them correctly, the thing I'm seeing is that outbound protection is really the more complicated issue with these things. Although x-Wall's UI takes a little getting used to, I think it leaves you less to configure in the long run. Basically you set whether you want to allow or deny something, then you can go in and fine tune where it's allowed to go, and that's pretty much it. A lot of the extra settings I see others having to make with other rule based firewalls don't seem to be necessary. The only real weakness that I can see are in things that I think are better covered by ProcessGuard and/or Prevx, although I'd like to see the firewall experts' opinion of x-Wall at some point. So far I haven't found any reviews of it by anyone except general software reviewers that don't look past the UI.

You know, "Outgoing Firewall" is not really a nickname...;-)
I've just used it because it annoyed me that "Guest" was taken, so I decided to use the "username" field as an extension to the "title"...

So wait a minute, the freeware (and unlimited?) version X-Post, DOES have outgoing control?

And does it also have inbound control? If so, can it be disabled (because, as I said before, I have enough inbound protection already).

Ok, tried it and already got rid of it.
First of all, the first time I approved iexplorer.exe, my PC rebooted...

It may not have happened a second time, but then I found out it doesn't allow to permit or deny just ONCE. Even more so, once an application calls home, it stores it in the list and just WON'T let you delete it - never. The reason? It claims it still runs (although it really doesn't).
Come on, I really don't want one time programs to be there for eternity. Plus the list would be huge eventually.

I've even went so far as to finding the list in the registry and delete it from there (under CurrentControlSet AND ControlSet001), but it goes back there once the program re-launches! Is there a place for the "real" list somewhere?

Also, the program is "heavy" in the sense that it touches both your system folder, writes deep in your registry and both the install and uninstall demand a reboot.
I hate a reboot because it means the program dug too deep in your system.
I believe a program should stay in its folder, use INI system and just do its job...

And last but not least, it's not a free, but a "mailware". You have to sell your e-mail address to the makers to "register" it.

To tell you the truth, I really liked Sourceforge's "Winsock Firewall" because it's really light - stays within its folder and its installation doesn't require a reboot, etc.. But it's really crippled since there's no prompt screen. You have to configure all the programs before hand - manually that is, which is insane.
Plus it uninstallation does require a reboot...

give the new Zone Alarm Beta a try, it works very well, ver 5.05.035.
not 2 resource hungry, although u shound have atleast 512 ram ir ur using XP anyway[preferably 1024 ram if u like games]

I hope I'm not too late to suggest Armor2Net firewall... picks up ANY sort of connection request from INSIDE your PC (offers only application control - no rules per app, but you can block specific ips) www.armor2net.com

No13,
Not to late for me. I will do some more research when the time comes to make a change. I'm not big into rules. I have a wireless FW router too. I am really looking to get rid of my ZAP 5.1.033 (expired). Is it "seen" by SP2 as a working FW and is it easy on RAM useage? Price is not to bad either. 8)

Dunno about SP2... but its really light. Not much by way of configuration...
I'd suggest using this on a trial basis along with Kerio 2.1.5 (free, rules based).
For kerio help, you can visit
1. http://forums.kerio.com/index.php?t=thread&frm_id=11&S=4ee08f46f6a1d28aa5f13123fa8d7b8c&SQ=c3370295d6ae82d1fe04a6bfa9945a7e
2. http://www.broadbandreports.com/forum/kerio ---> best ruleset here (BlitzenZeus' ruleset)
3. http://www.geocities.com/yosponge ---> good place to start

Armor2net is again this "all in one" package that throws on me things I've never asked for.

Who asked it to detect spyware or block popups? I just want a small program like Little Snitch that just does its job and not everyone else's.

Besides, Armor2net doesn't even have screenshots and/or technical details and FAQ.

Anyway, get it - people who have SP2 and/or a router firewall DON'T need a full software firewall! Actually, it'll only hurt them. But they do need an outgoing defender.

...and apparently a MAC.

{QUOTE-> Who asked it to detect spyware or block popups <-QUOTE}

maybe you have a virus...virus alert virus alert ... ;D

{QUOTE-> Armor2net is again this "all in one" package that throws on me things I've never asked for.

Who asked it to detect spyware or block popups? I just want a small program like Little Snitch that just does its job and not everyone else's.

Besides, Armor2net doesn't even have screenshots and/or technical details and FAQ.

Anyway, get it - people who have SP2 and/or a router firewall DON'T need a full software firewall! Actually, it'll only hurt them. But they do need an outgoing defender.

...and apparently a MAC. <-QUOTE}

Ya know, you can remove certain dll files and trash its useless features (Armor2net), or even go crazy and instead of deleting them, disable them...
But in my 30 day trial... I found that those features are lame and weak... They won't bother u if u configure your setup properly.
So g'luck you crazy buyers...
The best part about this firewall is it can
a) Detect "listen" connections
b) let you shut down ANY connection IN/OUT of your system from its informational display.