Outbound only Firewall

I want a firewall which allows me to block spefic applications (similar to ZA where a window pops up asking if I want to grant access etc).

+

With a low memory footprint..

Basically, I don't want to reinstall ZA next time I spring clean my machine.

I use NOD32, so don't need a full security suite, just the outbound option to block.

Can anyone point me in the right direction....it doesn't have to be free.

 

Hello Forumhound,

a good one would be Kerio 2.1.5, it is an oldie but still very good, certainly when you will use it only for outbound control.
It is freeware.

Download


Regards,

Smokey

 

Hi forumhound:

For a little while, I used pctools firewall, it is free, easy to use, and it allows for outbound control only, if you disable the packet filter in the gui. It is good for stopping known programs from calling home but has a mediocre rating on leaktests. Also, Jetico 1.0 (free) can be used as outbound only if you delete the bcfilter driver in your system32 folder, or tweak the rules to allow all inbound. Although not so easy to use, Jetico will alert you to every outbound connection and performed excellently on leaktests. DSA is a free HIPS with a firewall that is very good in controlling unauthorized outbound connections. As far as being light, if memory serves me correctly, on my machine:
Jetico- one process 7500 kb's
pctools- two processes 12.300 kb's
DSA- one process- 16,500 kb's

Edit: A search of this forum for any of these apps will probably answer any question you may have.
It's been a long time since I used ZA, but I hope this is helpful.

 

Excellent...I shall have a look at all of these...

Thanks very much

 

If “outbound only” protection with a “low memory footprint” is what you are looking for, then I suggest giving Look n Stop a try. You can easily disable inbound filtering on the internet filtering tab (just uncheck the box at the bottom) and only use application filtering and your router (I have even seen this setup work with no router and the Windows XP firewall for people who are uncomfortable with creating rules). This should use less than 3MB of ram depending on the system and less than 5MB when running it as a service. It’s not free, but might be what you are looking for.

 

I use appdefend to control my outbound connections, only uses 2.5mb of memory, the cuurent release is free. Another option is prosecurity free, you can configure the basic rules to only monitor network connections.

 

Per http://www.matousec.com/projects/wi...ysis/leak-tests-results.php#firewalls-ratings

Code:

Product                Product Score   Level of Anti-leak Protection
Look 'n' Stop 2.05p2   4800            Poor

Mike

 

Hi forumhound

One remark : a firewall is an intenet packet filter: this filtering must be done outgoing ... and incoming too!
NOD32 is an excellent Anti-virus not an incoming packet filter!

Start with this:

W xp firewall + System Safety Monitor ...

SSM: http://www.syssafety.com/
(The free version is okay...)

 

Hi flinchlock

Some other review:
http://www.firewallleaktester.com/

Few remarks:

1) Some failed leak test by LNS are configuration dependant.
Especially the one using Internet Explorer (a.k.a. interNUT Expl'horror...)

Example:
In this test web site LNS failed to WallBreaker:
http://www.firewallleaktester.com/tests.php

Actually, WallBreaker is blocked by LNS ... but not with the "default" configuration...

See here:
http://www.firewallleaktester.com/advices.htm#01
1.2

2) Is it the fonction of a firewall to patch O.S. vulnerabilities? Did a FW must be a huge patch to Bill's product?

3) A firewall is one of the protection layer not the only one...

4) Leak test are one of the criterias to choose a FW, not the only one...

An interesting point of vue here:
http://www.firewallleaktester.com/advices.htm#06

It's about the "Layered defense" ...

LNS is a "pure" rules set firewall: an internet packet filter, not an HIPS (Host Based Intrusion Prevention System) like SSM.

Best regards,

 

@Climenole, you bring up lots of good points.

Thanks, Mike

 

Thanks all