An idea for sygate firewall users

thanks MrKvonic

so allow all and that's it? I've been reading and reading and everyone set rules allow tcp udp in out ports I get crazy with it LOL

so I can allow full access to everything and Sygate will do the job? no matter what soft?

 

IMO Act as a server should only be used for p2p. Browsers, email-readers and most other progs who want internet access for updating and like should not act as a server.

But I don't know exactly which other progs should act as a server. Online games, some do. Have to find out by experience.

 

Hips rules are not the same as firewall rules. I was talking about firewall rules.

Eqsecure, hum, tried it but clicking 3 times for each new application after the learning period irritates me. Sorry.

No OA hips is much easier to use and scores good on all kinds of nasty tests like regtest, sss, and the like.

 

IMs, Skype, FTP servers.

 

Hello,

That server thingie is overrated. Apps that do not need to act as servers - will not. And even if you let them, they won't know what to do.

What programs need to be servers? Those that require incoming connection without initiating one - p2p, messengers, games etc.

despusesvengo, yes, that's it. I didn't even bother to check the application properties when I ticked yes (and remember) for emule, for example. Fire it up, allow and remember and it will work great with ed2k and kad servers, tcp and udp. Same for utorrent and all others.

If you have a router, you'll need to forward these ports, though.

Mrk

 

thanks MrKvonic!!

and yes, in fact the time I had Sygate installed before, out of the box, I never ever had any problems whatsoever, no attacks, no nothing...(maybe I am lucky?)

it really ran smooth in my pc. Now a final question, I have sygate version 5.6.2808, 5.5.2710 and sygate pro 5.6.3408.....is there a better one to install for windows xp sp2?

thanks again

 

Hello,

I am currently using 5.6.2808 and am very happy with it. Used 5.5 before. While most people claim 5.5 to be more stable for them, I find 5.6 an improvement. I do not run 5.6.3408 in my production environment, as it was not a formal release.

Now, a better one for xp - better one among Sygates or better one at all? The first, see my answer above, the second - this is subjective, but I think no.

Still, Kerio 2.1.5 is also supposed to be uber light and p2p friendly. L'n'S as well. But I can't vouch for these. As to more modern firewalls, there are some good choices, like ZA, Comodo, OA, but I haven't used these extensively in a p2p/gaming environment, so I can't say if they buckle under 500 connections simultaneously.

Mrk

 

thank you again MrKvonic

 

When I used it a few years back, and even since then once in a while, it always used about 2-3% cpu just idling. So no, you're not alone. I guess it varies from one person to another though.... I liked Sygate, it was one of my favorites for a long time, my first firewall actually...

 

Hi,

So you don't have to do anything about Firefox and like acting as a server?

In the sygate forum (when it still existed) they recommended Firefox not to act as a server. I cannot remember why...

 

Hello,

Generally, you should not let any non-needed app act as server. But let's assume the worst. Let's assume you allow. And you get an incoming packet of some sort on port 1055 (cause that's the port FF seems to use during this session). OK, and ...? What is FF going to do exactly with that packet?

BTW, if you check the FF port on GRC, you'll see it's stealthed, even with server thingie ticked on.

Mrk

 

Ok thanks

 

As far as I know, firefox opens a port on loopback only, so it is impossible to communicate with that port from somewhere else than your computer. This is why it appears as stealth in any test like GRC.

 

I have been using version 5.6.3408 since last year and have never had any issues with the firewall. In fact, I have gotten a couple of port scanning warning messages which I blocked immediately. On one of them, it looks like Macys.com was trying to get my IP address. Yet another attempt by retailers to determine who their online customers are.

 

I think there is actually no firewall that can avoid sending your IP to a certain webpage, if you are actually opening exactly that page in your browser. So no need for a firewall here.

 

He was talking about a portscan, not about browsing.

@ccsito: In order to port scan you, the other party already knew your IP address.

 

That is correct. The prober, in essence, found your home address and was trying to look inside your home.

 

They can be scanning random IPs if they have enough bandwitch

 

Macys ?!?

I think you guys are really quite paranoid.

 

A) One of their computer is infected or
B) The IP address is spoofed
http://en.wikipedia.org/wiki/Internet_protocol_spoofing
http://en.wikipedia.org/wiki/Denial-of-service_attack#Reflected_attack

 

Just switched from LnS to sygate after finding LnS rules creation too difficult. Works great alongside EqSecure

 

OK guys this thread started with post #1 so how about it?

What do you think of the tip, is it useful for sygate users for extra protection?

I think, yes, the OA hips ONLY (firewall uninstalled) is very good.

http://www.tallemu.com/webhelp/How_strong_is_oa_HIPS.htm