The best free firewall?

Folks are always searching for some tool or other that is “best” for a particular job, especially firewalls and AV's. This isn't a bad thing of course because we all like things to be as automated as possible. Time availability and knowledge level also influence the choices we make.

That said, before you go looking for tools to effect a solution, it's important to understand the problems.

The internet contains no dangers unless you go to where they are. This you can do yourself, from choice or inadvertently, or allow someone to bring it to you through a system or other vulnerability. Many, some would say most of these risks can be mitigated by the use of other tools and common sense before even considering how “good” (or not) a particular brand of firewall might be.

DNS filters (ClearCloud, Comodo and others) plus site ratings software like WOT (even with all its faults) will go a long way towards providing the protection users expect or think they are getting from something else before even bringing “it” into play.

As indicted in other posts, the most effective solution is always going to be the one you can understand and work with.

It's equally important to define exactly what sort of protection you want. Seems little point to me for instance in using privacy controls and then plastering your personal details all over social network sites.

 

In my opinion using any type of firewall is a very bad move. You Have to trust that they will catch everything and often you have to configure rules for them to work the way you do. I got fed up with all of this and most of them are resource hogs.

A firewall is like a baseball catcher. You throw a ball at him and he catches it. If he misses the ball, you get infected.

I use a sandbox. A sandbox is a totally enclosed environment that provides a buffer zone between your application and your hard drive. Think of it like a closed in titanium cage. The app runs inside this cage and nothing is able to access your hard drive on the outside of the cage. If your catcher were inside the sandbox cage and he misses the ball - no worries - the ball still cannot get out of the sandbox to your hard drive.

The one I use is Sandboxie. They have a free version and a paid for version. the free version only lets you have one sandbox but that's o.k. because you can run tons of apps inside this one sandbox. The paid version lets you have multiple sandboxes. this is for folks who really need to run different apps in different sandboxes to help keep data separate. Sandboxie uses very little resources, much less than even minimal firewalls.

In 6 years there has never been one documented instance of anything getting out of the sandbox to infect a computer because Sandboxie failed to work properly.
I use the free version.

For more info go to: http://www.sandboxie.com/ and do a search on this forum for it. Other Sandboxie users here will tell you the same.

 

I have recently used OA free. Subsequently I changed AVs and am using an internet security version. OA free worked well for me, and if I were to use a stand alone AV I would go with OA again.

Regards,
Jerry

 

Ah...if only that were true. There's been a few examples of Sandboxie being bypassed/leaking which tzuk has had to fix. I specifically recall the printer spooler bypass. No software is perfect, but Sandboxie is darn close.

 

For 64-bit, SBIE has weaknesses, even according to Tzuk himself.

 

The "best" security program is subjective. Each have their own criteria & setup.

 

And, how exactly would a firewall prevent an infection? Care to explain?

 

I thought this was self explanatory. A firewall will stop a virus from infecting the system, by not letting it through - by not letting it get into the system where it can cause harm. At least this is my understanding of the job of a firewall. (assuming the firewall is configured properly)

Of course this assumes that the virus is incoming through an inbound internet connection. A firewall will not stop a virus that is placed on the target system from an outside source (DVD, Floppy, USB Stick). A firewall will also not stop a virus if the user downloads a program that he lets pass through the firewall. All purposely downloaded software must then be scanned by the user with anti virus software to ensure safety. However most people only download files from trusted safe sources. Most unexpected virus attacks are done through open ports that allow a virus to sneak into the system through the web. Some virus's sneak through the firewall by piggybacking onto software that is allowed by the firewall, others mask themselves as software that the firewall thinks is o.k to let pass. -as I understand it.

A good sandbox offers better protection in that the only software that gets to the user system is the software that is deemed clean by the user and allowed to pass through. This decision is not left up to the firewall to make thus the user is better protected.

 

For 64 bit every security software has the same weakness as Sandboxie. It's not a Sandboxie problem/limitation , it's a Microsoft problem/limitation.

Source: http://www.sandboxie.com/index.php?NotesAbout64BitEdition

If you search the web and Wilders about "Kernel Patch Protection", you will find lots of info about how this problem effects all security applications. I have seen it suggested that Microsoft needs to release a good SDK for this so devs can work to overcome these limitations.

Perhaps Microsoft doesn't do this on purpose so only they can have the best security software?

There goes my suspicious nature again.

 

i am in agreement with bellgamin on this one (a rarity, as we have found ourselves clashing in the past)

 

There is no single best firewall. The best firewall is the one that is compatible with your system and software, matches your skill and ability to configure it, and fills the specific need you have. More features and/or a built in HIPS doesn't make a firewall better or more secure. If you're running a separate HIPS such as SSM or Defense Wall, a firewall with another HIPS could be undesirable. The same applies to firewalls with integrated HIPS vs a separate firewall and HIPS. Both setups have their good and bad points. Check the specific features that are important to you. As an example, I won't use a firewall that doesn't enable me to specifically control loopback traffic. Some firewalls do it well, some not at all. Take a long look at what you need, and pick what best fills that need.

 

With out a doubt.

 

Considering Matousec's tests and the ones you find in YouTube I have to conclude that Comodo and Online Armor are in a different league.

I've heard a lot of good opinions about Privatefirewall and I'm sure it is a good product but... consider this video http://www.youtube.com/watch?v=5r1iWuaJQf8

Regards,
Jose.

 

Youtube's so-called "tests" are done by amateurs with statistically insignificant data bases and inadequate proficiency with the apps they purport to test. They are entertaining to watch at times but so is Sponge Bob.

Much as I detest Matousec's commercialism, those tests are far more meaningful than shill's videos.

 

You've got that totally wrong Bellgamin....Spongebob is entertaining to watch all the time.

 

I find the plots are a bit too *deep* for me at times.