Tiny Firewall

I'm using a demo version of Tiny anybody have any experience good or bad that would help my decision...

 

Good: It can be confiured alot, I mean alot
The firewall engine is great, SPI works like charm.
It is so much more than a firewall. I love the sandboxing feature for example.
It isn´t bloated with anti spyware stuff (wich is good imo)
I haven´t had any issues with it, it does its job.
I´ve been using it just for a couple of months, tho.

Bad, or it can be good too, depends on how you see it: You have to understand what happens in a computer when configuring this software. I dont fully understand it, but the deeper I go the more I learn. But you really have to be motivated.
It looks like, to me atleast, that CA, who bought Tiny Firewall, has abandoned the software. (If not, someone please enlighten me )
There is dead silence from them, atleast in their support fourm and they have not answered any of my emails. Maybe they are gonna "steal" the good stuff and put it in their Etrust firewall?
But I will keep this Firewall for years, regardless. Unless someone proves it to be obselete some time in the future.
There are more experienced users here, and I am sure they will input more benefits with this software

 

there's 2 versions which one did you get?

 

I have 6.5.126

 

same one, I'll play around with it, I tried Look-n-stop but not impressed tha much..thanks again

 

Well, actually you have the Standard version and a Pro version. I assume both have the same engine but the Pro version has more configuration options. I use the Pro version already since version 5.0

Recently I installed the x64 on my Ferrari Notebook 4000 with WinXp x64 and never had any issues with it.

I just hope, and keep fingers crossed, that all of them will run on Vista x32 and x64.

I use it on my computers only because I think I know what I am doing. On the other hand.. I never installed it on one of the computers I manage for family and friends. Just explaining what and how to configure (over the phone) is just too difficult if the other person has no clue about internet security. On their computers I just install ZA.

Ciao
Itsme

 

to bad you cant buy it anymore

 

Excuse me, where did you get this info? Tiny is still available and able to be bought, just check out this link Here

Please don't put out false info since it will scare people off from products uneccesarily such as your previous post that tiny won't have support which is false

Alphluatra1

 

ah so ca didnt shut down the site

 

Tiny is like two sides of a sword, the one is pretty funny and cool the other dangerous and vulnerable.

At the beginning of a system install it´s very useful, especially the sandbox, the more tools you install the more vulnerable tiny becomes, thats the biggest problem.

At some point tiny sandbox can be easily surpassed, it also does not have a good self protection, can be stopped very easy.

 

TPF can only protect the system to the extend at which the user understands Windows Security. So TPF is just as smart/stupid as the user is. This is the strongest drawback/advantage of TPF, depending on who the user is. For other firewalls/HIPS, the product is usually as smart/stupid as the developer is. That is the difference between TPF and other products. TPF can be easily configured to protect itself better than any other firewalls/HIPS, so that nothing can stop/surpass it. Of course, it is also dangerous if nothing can stop it at some situations.

 

It´s not only that.

A windows system by default (or a system created by humans (imperfect beings who struggle to be perfect)) is a big hole of insecurity which you must fill step by step, but a imperfect system can never become perfect, no matter which software you use, even if your mind is genius.

 

Nothing is perfect. People say that Linux is safer than Windows. That may be true. However, if Linux is as popular as Windows, and if it is explored as much as Windows, as many security holes probably may also be found. Who knows.

 

Exactly in a study they found more security holes in linux then in windows.

 

What makes you think Tiny's sandbox can be easily surpassed? By default installation of Tiny, all unknown applications bring up a prompt asking for user input. Even a person unsure what to do can simply click the "Help" button and read a nice summary explaining all of the options.

The only situation in which the Windows Security features could "be easily surpassed" is if someone diddn't take the time to read the help provided or was for some reason trusting example.exe from a source that shouldn't be trusted. Common sense is needed for sure, but I would guess anyone with enough brains to install something like Tiny has enough of that.

What do you mean by "...the more tools you install the more vulnerable tiny becomes..."?
Security tools, or just any software?

 

Very well said, but Tiny is a little of both worlds. By default Tiny has many security features in place put there by it's creator, but when it comes down to designating new applications into the pre-defined groups it is up to the user to take the time and do so themselfs. The only way around this would be something like what authensys.com has done (which is a headache for some).

Here are some examples:

 

.....and:

 

has this firewall ever beemn tested by leaktest?

 

Do you mean by gkweb? No, because it is a sandbox with a firewall. He did award it the sandbox of choice along with process guard the last time though...

Alphalutra1

 

Yes, it was , and it had no problem of course.

I think this is funny, the most advanced windows software firewall there is
out there. It is better, faster and safer.
That has the same features as Process Guard,
but can also protect memory, and files etc. etc. and much more..
..and has the "track and reverse" option.

Please read the pages here:
http://www.tinysoftware.com/home/tiny2?la=EN

Very true, but the new generation of HIPS are not that difficult to use
even for the average user.

The new HIPS (like Online Armor) don't prompt you for every process that starts, or if you want to allow to change a certain registry-key.
And they are very simple to use.

Tiny can be used by the average user, the latest versions of course.
And it can only be stopped out of the box, by a program that you allow.
But that is possible with every software firewall
and can be done easier with all the others.

But apart of that TPF can protect more items of your system (memory/processes/files/registry etc)
then any other software firewall can.

 

One leak-test that I know Tiny fails by it's default configuration is DNStester. In order to stop this type of attack, do this:

Open the Administration Center and goto System Protection/Dlls.
Goto Add New Rule:

General:
Description: Stops DNStester
Priority: Low
Status: Enabled

Application:
Application: By ID: *
Application runs under system account: both system and non-system

Access:
Load: Ask user/Monitor

Object:
Load what (dll/exe): dnsapi.dll (located in c:\windows\system32\dnsapi.dll)

Restriction:
Time: *
Users: All Users (*)

Summary:

Props to AndiG at the TinySoftware Forums

 

A few other things for first time users of Tiny:

Make sure when viewing the Administration Center that the option: ">>Internet" in the top left corner is selected. This will make sure your current connection is in the dangerous zone (Network Protection/Zones)

Also, under the Zones page selecting the two options: "Hide closed ports access from dangerous zone." and optionally "Hide closed ports access from safe zone." can be ticked to pass stealth port scans like GRC.com's nanoprobe.

Under System Protection/Devices: enabling devices protection for "Raw IP Packets" and "Disk Control" wouldn't hurt either.

 

My experience with Tiny has been Very Good

 

Note: In order to stop DNStester (located at firewallleaktester.com), you must choose to run it with "Default Security" in the first pop-up window and choose Deny in the Second:

 

Thanks AJohn for the tutorial http://ganjataz.com/01smileys/images/smileys/OdBall-thatworks2.gif