only OUTBOUND protection with LEAST resources consumption (RAM and CPU)

Hello, this is my first post in thisTopic (other firewalls) so please forgive me if this thread was previously discussed

I'm tired about firewalling in XPsp2. I DON'T want hips nor ANY of other 'functionality' actual firewalls provide too: that slows down my system, my web browsing, makes CPU stress and makes the computer fans loud noisy --> I hate'em <-- (but still consider them a must, damn it!)

What I want, instead, is a SIMPLE application that just let me control OUTBOUND traffic and ONLY THAT, nothing more nothing less.

Last month my avast! antivirus subscription ended and because lately changes in that AV code I found nasty glitches so I decided to drop it for another solution (after three loyall years) and I'm now very happy using NOD... in fact I love it: sure it have some things to improve but overall I find it excellent. avast! of course still is a GREAT antivirus solution, but NOD stands two steps ahead of it and the lot more out there, name it KAS (or KIS), NAV (or NIS!), BitDef, Panda, McAf, NORMAN, F-Secure, etc., name it and NOD will kill it. I only found so good like NOD the Avira antivirus. When I talk about 'so good' I say: way lot faster scan of infectable file types and way lot less resources consumption (RAM and CPU cycles). Of course this is MY point of view so you may be well right if you differ with me: that's because there's a lot of solutions out there, no one fits for all but sure one will fit for you. SPEED, SIMPLICITY and SECURENESS is my premise: JUST GET THE F*****G JOB DONE (I call it reliability)

I also was using SpyBot's Teatimer some time ago to protect registry but hell! I hate that peaks from 02 to 30 from time to time, I LOVE to see every process that need to run all the time in background at 0% cycles consumption because Adobe's apps, Corel's apps, Nero, Roxio and DVD apps among others will take care themselves make CPU run at 100% when running . So I'm running now the RegDefender from Jason (Ghost Security) which I found great at this time - please tell me your experience with it. I run too Windows Defender, SpyBot and Lavasoft's Ad-Aware manually from time to time to rid off any potential unwanted malware (WHICH I NEVER FIND because my safe computing practices, I think); I update SpywareBlaster from time to time too.

I have installed Harden-it and Secure-it from YASC computing -both free- to tighten up Windows networking. Them both makes some tweaks to the system so they don't need to run all the time in background.

I complement proactive protection with DropMyRights to lower all internet based apps rights every time I can - for example at this time I can't find a way to run Outlook 2007 with dropped rights, any solution welcomed!

My main browser is Opera (9.2 at this time) which I find delightful and have a copy of OperaUSB and Firefox 2.0.0.4 portable for backup browsing in another partition on another HD - specially because I do a partition backup/restore from time to time with Acronis TrueImage 10. I installed IE7 because it's tabs system (improved over IE6) with the IE7 pro 0.9 plugin because some sites still need IE to show up. I must say IE7 still is the worst browser on earth -at least the XP version, I haven't tested the vista built-in version yet-: it is slow, have tendency to crash and quit to Windows (that's why I coupled it with IE7 pro plugin) and the tab system is awkward like Firefox one... the ony good thing I found about it is the QUICK TABS feature; Microsoft seems to be a really good research company with passion to make wrong and stupid things, I will never understand them. For last, as I said above all this browsers have a shortcut version with DropMyRights.

At this point I need to say I HAVEN'T gone thru ANY SINGLE malware incident in about -how much? 3, 5, 10 years??- a long time.

AppDefender was a good tool but since it have problems when Fast User Switching I desperately need any other application to control network access.

Some hours ago I tested brand new NetLimiter version 2 but when testing with www.GRC.com it shows few flaws AND the net limiter function didn't function as described: I setted Opera to download at a maximun of 10 kb -just to check this function- and then launched it only to find it takes a moment or two to take to the 10 kb limit but then it would download at normal speed...

I will now test Comodo FireW 2.4 and Sunbelt's Kerio latest build but I'm really looking for an app like AppDefend - hey, nobody codes anymore in assembler? seems every soft these days is coded with Visual Fox and even RADs!!!

I want too to test this OA firewall that I read in another post, anybody knows where to find it? I think I will need to post in it's thread because I can't find it anywhere on the net... by the way, Google while being very cool is becoming less functional all the time when providing query after query the same answer links, it would be great if them refine the algorithm to show different answers from time to time

I hope anyone can help, these forums are great with lot of capable people!

My specs are: P4 2.4 HT Prescott (1mb cache) with 1 giga ram on a good Gygabyte mobo / WinXPsp2 updated / running in background: RegDefend 2, NOD32 2.70.39, Klipfolio 4 (love it), cFosSpeed 3.19, Dachshund Software HARE, Anticrash and Zoom, O&O Clever Cache 6.1.2332, Suitcase 11 - At boot time: AdobeReader 8 quick start and some drivers needed by sound and video card.

I also use Tweaki... for Power Users 4 (a little cryptic but powerfull) and TuneUp 2007 to tweak OS to best exent possible. PerfectDisk 8 makes it part too -instead Diskeeper or O&O Defrag-.

Applying all that I run my computer just as fresh as when Windows was installed - well actually a little closer, you know! and I didn't need to reinstall the operating system for about 2 years and that's cool because I think -because Windows sucks- every user should format and install everything again after a year or so to keep computing at peek level.

Take care people!
Best regards!

 

OA2 is at the site below-

http://www.tallemu.com/

I believe there is a trial available, one firewall only and the other firewall+av.

There may be some issues downloading as the site is being updated. If so just post something in the user forum.

http://support.tallemu.com/forums/index.php

 

You can try Proxy Firewall.

You can also try AppDefend. It is a HIPS but you can disable all its features except for the Network Access protection.

 

A light outbound only firewall? You could try Jetico 1 and either amend the rules to allow all inbound, or delete bcfilter from the system 32-drivers folder, You can also disable the process attack table, leaving only outbound protection. There were not many apps that ran as light as jetico on my comp.

 

Yep appdefend is super light. The current free version is actually fully functional even after the trial period ends, the only slight annoyance is you'll get a pop up about it after every reboot.

Prosecurity free also gives you outbound control, you can also configure that to only monitor outbound connections to make it easy to use.

 

tnx for replaying!

AppDefend is indeed very good but as I said it has problems with Fast User Switching.
I did finally found the website for Online Armor 2 so I'm gonna try it. I will try Jetico 1 too. Where can I find Prosecurity?

Thanx again guys!

 

The ProSecurity homepage is here.

 

This might be safer than DropMy Rights:
http://red.caek.org/?p=16

Drive imaging programs work good for this. You can restore the first image you made right after install (or any subsequent image you saved) in a couple minutes instead of formatting and re-installing everything.

 

Creating a low resource usage outbound firewall is easier said than done. Take for example the Windows Firewall in Vista. Sure, it has low resource usage and it protects outbound traffic. But, it has no leak protection. Meaning, it's useless.

 

Ok, but if installed software is checked 100% and you know exactly what you have on your computer and don't do stupid things like opening email attachment's that said I LOVE YOU or INCREASE OR PENIS, CLICK HERE I don't see why the need for a leak protection. The only scenario I can think off is if the already installed appz have some kind of backdoor for leaking info to home, in that case it would be nice to punch the bastards iwho coded the app in their face and fit a legal action agains that company for malware practices.

 

Thank you very much! WSFuser

noway, I already have that kind of image made with Acronis but a collateral thing is if you made any drastic hardware change -like adding or taking out a hard disk, changing video card, etc. I fear image won't work at all anyways.
BTW, excellent useful site, I'm checking it, thanks a lot.

 

Hello.

(not quite sure if I understand this fully) Actually, that's not correct. You can see here the results of leaktesting Vista firewall, so it does have leak protection. You can argue that these (not so bad) results are mainly due to the presence of UAC and not the firewall itself, but every other leak-proof firewall uses some type of process control as well. As the subject of this thread is "outbound only", I'm not surprised too see recommendations on using some kind HIPS rather than the software firewall. I will now say what I said a few times before - a firewall is a packet filter and that has nothing to do with leaking.
But even if Vista firewall didn't have any leaktest capabilities (like XP's) that still wouldn't make him useless. There are many good firewalls without leak-proof capabilities...

This has been discussed before on countless occasions. The weak point of leak protection is that it leaves the user to make the final decision. Unlike AV or AS, which automatically detect a threat and perform adequate action, a HIPS (firewall) prompts the user to allow or deny the given process. Now, the problem is does the user know that the process wwdth.exe using iexplore.exe to connect to 111.222.333.444 is a legal or malicious one? It's all fine when you go about trying different leaktests, but what happens when some real-life threat occurs? I had Photoshop CS3 installed the other day, and after a few minutes, my HIPS (SSM full) warned me about a process "1hidedefault.exe" trying to run. It sure did look suspicious to me and as I couldn't find any reference to this process anywhere on the net, I decided to tell SSM to block it forever. No side effects. It is probably quite harmless, but I'm still not sure about that. And the question is will I ever find out the truth... Leak-proofing applies a simple logic - shoot first, ask later.

Cheers

 

Wow The Seer, thanks for the intensive Firewalling 'n Leak Protection Intensive Curse =)

I absolutly agree with you in your experience with CS3 and SSM and that's why HIPS are still useful only for experienced users and not the common user - like my mom or my girlfriend or even my friends who use PC for graphic desing and autio edit.
I recognize too that any aplication still can connect to internet and phone home using some leaking technic, so I was very wrong when wrote

sorry for the shortseeing.

Anyway, I like very much AppDefend because it's lightness but now I'm testing real firewalls (I mean programs conceived to acomplish that function) I found it didn't catch lot of connections

I think I'll will wait for Comodo 3 launch and see what happens.

Thanks for everybody posting in this thread =), to me it can be safely closed now!!

Martín
(Mar del Plata / Argentina)

 

YES, very very good!

Mike

 

Hmmm, if you have a second old computer available, this might be a solution for you: http://www.alcatrazplus.de/

Unfortunately, its a beta version and the site is only available in german. It works via the installation of a "Linux-Bridge" between your LAN and your Router, which filters the outgoing traffic.

 

No I haven't it but I recently downloaded CoreForce 0.95, Neoava and other similar HIPS and low level firewalls that I will try and then post my experiences. I'm excited about them because they all have very little footprint on my PC -3 megs or less and never exceeds 0% cycles =)

Sadly, Comodo almost dead when I tried to launch emule xtreme mod, utorrent, opera browser with 30+ tabs open, outlook 2007 and winamp

Thanks a LOT for your kindness and time for answering.

Cheers!
Martin