which is most ((secur)) ,sygate or looknstop?
aginst insde attack (application control ) and outside attack (Intrusion Detection) ?

looknstop is very secure and passed the most firewall leak test, however, it can be difficult to use at times because programs like irc, p2p, telnet etc... require rules and putting them in the right spot can be tricky. otoh, sygate is a bit less secure since it allows all/denies all based solely on the program. no rules. either firewall hasnt been updated in a while. for the best of both firewall, i recommend outpost pro but rele u need to try which firewall u like best. no matter what ur choice tho, Wilders will always be here to help u and answer ur questions. good luck

-{ Quote: "looknstop is very secure and passed the most firewall leak test, however, it can be difficult to use at times because programs like irc, p2p, telnet etc... require rules and putting them in the right spot can be tricky. otoh, sygate is a bit less secure since it allows all/denies all based solely on the program. no rules. either firewall hasnt been updated in a while. for the best of both firewall, i recommend outpost pro but rele u need to try which firewall u like best. no matter what ur choice tho, Wilders will always be here to help u and answer ur questions. good luck" }-

thank you WSFuser for your replay :)

im not using irc, p2p, telnet im just using firefox and IM so do I need more rules ?
http://www.looknstop.com/En/rules/rules.htm

LNS is better than sygate in leaktest but what about Intrusion Detection
i heard sygate is better in Intrusion Detection
is this true ? I have dsl line and its work 24 hours so id like to have firewall that can stop hackers from attacking my PC from outside

all firewalls stop hackers. and although theres no settings for it, the ppl at LnS assured me that it does have some intrusion detection tho sygate pro is upfront about its IDS/IPS. afaik, u wont need extra rules but just in case some with ur IM doesnt work just search wilders, maybe someone else already asked for them or make a new request (post).

-{ Quote: "all firewalls stop hackers. and although theres no settings for it, the ppl at LnS assured me that it does have some intrusion detection tho sygate pro is upfront about its IDS/IPS. afaik, u wont need extra rules but just in case some with ur IM doesnt work just search wilders, maybe someone else already asked for them or make a new request (post)." }-
WSFuser,

Your statement that "all firewalls stop hackers" is both a prayer and a wish.
While it may be true to some extent for "script kiddies", it is certainly not true for determined crackers - to use the correct term. The most experienced, highly knowledgeable and determined crackers can bypass virtually any firewall with impunity. Of course, where they land may be a honeypot - but, that too can be overcome.

Perhaps you meant that all firewalls present a barrier to stop crackers where the robustness of the barrier is somewhere in between very high to very low.

-- Tom

-{ Quote: "Perhaps you meant that all firewalls present a barrier to stop crackers where the robustness of the barrier is somewhere in between very high to very low." }-
yea, exactly. i know that no product is perfect but a firewall should provide a challenge to those experienced crackers at the very least. i read the following quote by edition:

"id like to have firewall that can stop hackers from attacking my PC from outside"

i usually thought firewalls were supposed to stop crackers but i guess a stricter definition would be that firewalls only allow/deny traffic based on certain rules/criteria.

-{ Quote: "yea, exactly. i know that no product is perfect but a firewall should provide a challenge to those experienced crackers at the very least. i read the following quote by edition:

"id like to have firewall that can stop hackers from attacking my PC from outside"

i usually thought firewalls were supposed to stop crackers but i guess a stricter definition would be that firewalls only allow/deny traffic based on certain rules/criteria." }-
One of the key things about a firewall is that it should stealth (block) all of the ports so that when a cracker scans your IP address they do not find any open or closed ports which tells them that there is a vulnerable computer to crack at that IP address. Doing just this one thing (installing a firewall that stealths all of your ports) is worth its weight in gold if it keeps the crackers away from your computer.

One other very important thing is to prompt for outbound connection attempts which the user will Allow or Deny. The catch is if are you already infected with a call-home trojan that has already disguised itself and stealthed its rootkit, so, by Allowing the connection the trojan author can play with your system with impunity. All the more reason to incorporate an anti-trojan software into your overall security strategy in addition to AV and firewall (best if both hardware and software).

-- Tom