Is there any firewall suitable for me?

Hi folks,
Is there any firewall that is suitable for a novice like me, who doesn't know anything about rule-making?
My OS is Vista, and I'm using NOD32.
I don't really feel secured with this Vista firewall...
I guess there isn't any, right?
Oh well,
Have a wonderful day... or night~

 

You could try WebrootDesktopFirewall, which would make the rules for you, has a learning period, is vista compatable and this forum contains helpful threads about it. Worth a try...

 

Here's a link if you want to read up on it...

 

Thanks for your reply, 19monty64!
I'm also a gamer, so is it also light?,
btw, haven't seen it in matousec's leak test-result though...

 

For gamers, one could exit the firewall and use vista FW, inbound only or no firewall if behind a router. You could also check this thread but as I'm still in xp, I'm not sure which ones are vista-ready yet.

 

Thanks again for your reply 19monty64,
I think every firewall is rule-based... Oh, well, I guess no company is generous enough to make a nice, fast, secure, and easy firewall for novices...
Thanks anyways.

 

I recently tried Webroot's, and it made the rules itself. Learning-mode is quite simple, and it has DSA built in. It's a HIPS for added security that is off by default. You could leave it that way. Are you behind a router by chance

 

I test-drive a lot of firewalls but don't normally use one full-time. Other than the AV, I use this.

 

19monty64, Thanks!
Yes I'm using a router.
But it's second-hand, so I don't know if I should trust it.
ThreatFire looks nice, but I heard it is something called HIPS, which I have no idea what it is, and how to use.
This laptop I'm using is getting the signal from my router(wireless).
Does router guarantee safe security for wireless internet too?
I think I'm still going to give Webroot Desktop Firewall anyways.
Thanks again, 19monty64!

Oh, btw, is Webroot Desktop Firewall using their own technology? (OP, ZA, etc??)

 

As member WSFuser suggested in the link posted above, LnS might be a good firewall for u. I found it quite easy to use when i tried it some time ago and very light,

https://www.wilderssecurity.com/showthread.php?t=175766

There's also a very good tutorial on how to set it up,

https://www.wilderssecurity.com/showthread.php?t=83498

As u can see, the LnS forum is hosted right here at Wilders.




snowbound

 

Yes, ThreatFire is a HostIntrusionPreventionSystem, but it's a quiet one. It alerts you based on malware-like activities. The first time I used it I uninstalled after a few weeks because I didn't think it was doing anything. To the Webroots question, look here.

 

Many thanks to snowbound and 19monty64,
I better give WDF and LnS a shot.
I wonder why LnS doesn't do very well in matousec firewall leak-test,
while there are so many people using it.
I bet it's a nice firewall!
Thanks again to both of you!

 

I do not understand what you want. Do you mean a firewall with automatic rule making or 1 popup per app?

 

Sorry, I think I'm maybe... demanding too much.
A firewall that anyone, especially novices have no problem using.
If there is any...

 

If your second hand router is working,then its OK-so enable NAT.
Check out the instructions for the router.

Then use a good HIPS like Threatfire-thats all you will need -for better gaming speed!

If you feel insecure and can sacrifice bit of performance then as Monty said ,WDF but without any further HIPS -or Filesclab-light,simple plus Threatfire.

http://www.download.com/Filseclab-Personal-Firewall-Professional-Edition/3000-10435_4-10421598.html

Edit-Wrong-Filesclab wont run under Vista.

 

What about Onlione Armor Free? The free version runs in Standard (simple) mode, and I believe the free version automatically allows trusted programs to access the internet.

 

Online Armor is currently at first place in the matousec firewall leak test results. I higly recommend it too. Using it also with kaspersaky.

 

For a start ensure that your wireless security is adequate,otherwise theoretically anyone so inclined ,driving past can break into your network.

My setting for this is WPA2 preshared key.

Secondly,as its wireless,you are probably going to get more network latency than if you were directly connected.

As i said, just enable NAT and use a HIPS

There are a lot of light firewalls out there,but if you are serious about gaming,installing one is only going to slow you down even more on a laptop,most of which are relatively underpowered.

 

Thanks for your kindness people.

To. boonie, ultragunnerdcl:
OA Free sounds nice, but I'm using Vista... I heard OA Free is not vista compatible.

To. Hairy Coo,
Thanks for your tips, but I have no idea how to enable NAT... However, I did make a password to access into my wireless signal... How do you enable NAT? Do I have to go into 192.168.10.1 or 192.168.0.1?

 

OP using Vista -- Online Armor not compatible with Vista yet.

 

Cannot help as each make of router is different,but if you can access the router,you probably can adjust the settings without too much trouble

Otherwise,you will have to get a copy of the instructions-they will tell all .Do a Google.

The first thing is to enable max. wireless security.

 

So what?

"It should be noted that leak-tests probe only a few features of personal firewalls. If a firewall passes all leak-tests it does not mean it is perfect, bug free or secure in other aspects! " (Matousec)

 

Dear Hairy Coo,
Hi, I am using a router,
but I have no idea how to enable NAT...
only thing I did when I got the router is to make a password for my wireless signal coming out of my second-hand router...
Isn't NAT suppose to be turned on automatically from the moment I got the router?
Sorry, I'm really a beginner on this paticular subject...
And thanks in advance...

P.S in my country, for the router setup, I have to goto http://192.168.10.1

 

You don't in the sense being discussed in this thread

A router employs NAT - network address translation - to route (hence the name router) packets from the WAN (Internet) side to the LAN (Local network) side. It accomplishes this by acting as a local DHCP server on the LAN side using a private (i.e. not Internet routable) address space (typically 192.168.x.y, but there are others).

Assume you have 1 or more PC's connected on the LAN side. From the WAN side, all requests for information are sent to the same WAN IP address which was issued to you by your ISP. The router is the hardware device that keeps track of which PC gets which packet sent to the WAN side and also aggregates all LAN side requests to be sent from the same WAN IP. In a nutshell, that's the address translation part of NAT. Although it is not functionally needed for just 1 PC on the LAN side, the mechanics are exactly the same, as is the translation from an Internet routable public IP address to a non-Internet routable private IP address.

If you've purposely reconfigured the router as a passive switch, then it does not act as a DHCP server, does not actively route, and does not employ NAT.

Yes, out of the box. You must actively reconfigure whether or not it acts as a DHCP server to "turn off" NAT, but then it is not functioning as a router anymore either.

This is not country dependent, it is router dependent with typical address spaces starting at 192.168.1.y or 192.168.100.y

Blue

 

Ohm

Looks like I may have mislead you regarding enabling NAT,thanks Blue Zanetti(due to my fiddling around with my router settings).

Here is another description of NAT and its usefullness.

http://www.billion.com.au/forums/index.php?act=ST&f=9&t=1226

I would still try to make certain that your wireless security settings are OK.

You now have to decide whether just to use NAT and HIPS,or whether you still need a software firewall.