Norton Personal Firewall 2003, Anyone?

Discussion in 'other firewalls' started by Straight Shooter, Feb 13, 2003.

Thread Status:
Not open for further replies.
  1. :rolleyes:

    On a whim, I downloaded the 15 day trial of NPF 2003..

    I have been using it now for 3 days...

    Has anyone used this? It doesn't seem too bad! No slower or faster than ZoneAlarm Pro... Not as configurable, I grant that to ZAPRO.. but not a bad firewall, overall...I think...

    What do you folks out there think? Yeah, I admit, I had to dig down to configure it my way, but it seems to do the job. It passed every test at www.pcflank.com ... I thought that in itself was amazing enough :cool:

    Has anyone else used this? Let me know.. I respect everyone's opinions!!!

    Thanks
    "Shooter"
     
  2. WYBaugh

    WYBaugh Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    122
    Location:
    Florida
    Straight-shooter,

    I have been using NPF 2003 for a couple of months now and I really like it. I trialed LNS, Sygate and Outpost for awhile but had issues with each one when attempting to access my VPN connection and then using Citrix into work. NPF worked 'out of the box' and I have had 0 issues so far running it. I know Norton is a bad word here, but I would recommend it to anyone.

    Bill
     
  3. Yeah, but I just found out that NPF won't let me update TrojanHunter, and their is a long discussion on their boards about this, so I guess I'll stay with ZAP...
    Or the New Outpost, if and when it EVER gets released!
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Straight Shooter

    Performance wise, NIS should run without issues on most systems.

    If I read you right and you feel ZAPro is more configurable, I would tend to disagree with that. Although not easy to find your way around the interface to get to the meat and potatoes, once you get there, I think you will find NIS offers more flexibility when it comes to customizing rules.

    Symantec's trend has been to make NIS more friendly for new users with automatic configuration options. Some experienced users find this trend and interface a pain, but can still wade through it and tweak and customize their rule set and options.

    You may find the automatic rules, while generally OK, a little too liberal (and a lot of unnecessary rules). I always recommend disabling Automatic Rule Creation in order to be prompted by the rules assistant (Internet Access Control) for applications wanting access to the network. This still allows for the option of automatic rules, or you can customize your rule at that time (as well as later).

    NIS2003 is more "stateful" than previous versions in it's packet filtering, has stronger proxy filtering (too much so as there are some issues with it), Program Launch Monitoring (works fine) and Program Component Monitoring (could be a little overwhelming for some users).

    ...just some initial thoughts.

    Regards,

    CrazyM
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Can you determine from the logs (check them all, including content blocking) what is being blocked/not allowing the update?

    Regards,

    CrazyM
     
  6. After testing NPF, yes, I have to agree with you.. It is more configurable than ZAP.. However, it won't let me update TrojanHunter, which I am going to answer another post for that issue.. All in all, I like the Firewall, and I can set it up to any level I want, but, you're welcome to read my next post..
     
  7. Here is a link to TH's web post someone was so kind to send me.. It seems like this issue was already "beaten to death..."

    http://www.misec.net/forum/?board=TrojanHunter;action=display;num=1044529832

    Well, what can I say...?

    You'll be a hero to a lot of folks if you find a workaround to this!
     
  8. ReGen

    ReGen Registered Member

    Joined:
    Jan 7, 2003
    Posts:
    61
    Location:
    Scotland UK
    Nothing at all is logged. You have to disable NIS "Security" for the liveupdate to work. Disabling just the fire wall or other individual parts has no effect.
     
  9. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Well the only thing I can think of is that the latest version of NIS still has unresolved issues with the proxy server and how it handles certain pages/sites. I posted a question to this effect in the thread you quoted.

    Regards,

    CrazyM
     
  10. Ferry

    Ferry Guest

    Well I tried it for a while and it's nice, but it doesn't allow one to replace a program with a newer version and keep your rules for that program (it doesn't seem to have anything asking 'x has changed, would you like to allow it') so you have to create your rules EVERYTIME you update a program. Then there's the fact that you can't make an UDP loopback rule, disabling the 'general' TCP/UDP loopback rules and creating an UDP loopback rule only (I don't want just about anything to get out using my local proxy) really messes things up, NIS'es proxy services keep on asking about TCP loopback even though you create one for those services only...back to Kerio for me :)
     
  11. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Ferry

    The option to update the SHA1 hash for an updated program was something that was suggested to Symantec back when some us were testing file authentication when they first introduced it in v2.x The orphaned rules that get left behind can realy clutter up the rule set unless the user goes in and does some house cleaning. What I normally suggest to users is to delete existing rules for an application before a known update to help avoid this.

    Symantec's (NIS) use of it's own proxy server for filtering is implimented a little differently. They refer to it as "transparent". You will still be prompted for any application trying to access the network and be required to make rules for it, regardless of whether it goes through the proxy or not. Thus you do not need to worry about the loopback/proxy issue. If you were to install and use another proxy, then the loopback rules would come in to play. So if you are using only the transparent proxy which is part of NIS, the loopback issue is a non issue.

    Stick with what you are comfortable with. Hopefully the above clarifies things a little for you :)

    Regards,

    CrazyM
     
  12. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    I've been using NPF 2003 since the beta release ;) and the final version ( retailed release )

    Works great over protection, block ads and stuff. No issues here, program his stable, I had no trouble to update Trojan Hunter BTW... for some reason I don't know..... :doubt: i'm sorry for the people that have trouble with it. I use NPF2003 has a backup for WinXP Pro ICF & LNS. ( Best of all is the Ad removing features including that I like most ) :D
     
Loading...
Thread Status:
Not open for further replies.