What Firewall is best for personal home use? And, what is it going to really do for me? Will it protect two PC's? I have one PC that connects via Dialup and another networked to it. Will the Networked PC be protected as well? I am using Win98 SE on both PC's. I did try one Firewall two months ago. Seemed to work OK, except when I uninstalled it,is caused BIG TIME problems. I read alot about Zone Alarm and Sygate. Or should I just finally upgrade my OS?? Thanks
hard to answer your question, it all depends on your needs, what you mean by "personal use", popup blocking or referrer blocking, just network and application filtering, spam filtering, etc... free or buyable version ? All of the firewalls have their strong points and their weakness, none is "the best". Nearly all of the firewalls 'Pro' version have a free edition, less powerfull, but it let you have an overview on the product, i would suggest you to try them. About two PC chained on the network with the first having the Internet connection, the second will be protected from inbound traffic coming from the Internet, but won't be protected from malwares calling home, so i would suggest to install a firewall on both computers. regards, gkweb.
And no need to upgrade your OS, no need to do that, except for Microsoft stopping support in a while (don't hold your breath). But even that need not be a reason to upgrade. There have been no new w98 vulnerabilities the last two decades, why move over, but to end in Microsofts strong embrace. Windows 98 has no protection whatsoever, but by using a decent firewall and good virus protection, a W98 system can run very smoothly. Says who? Every piece of software is vulnerable, even the most secure Windows ever has some holes. And since Zonealarm runs on Windows... ZA is good, no question about that. But there are other firewalls too. If you like the interface: go for it. Update regularly the software and you should be okay. If you don't like the interface: drop it and try some other software firewall. But take care: uninstalling ZA may not be enough. You must remove every trace of it in order to be able to try another firewall.
Meneer GREAT POST! MISSUK EVERY firewall made can be bypassed. An zone alarm is no exception. Had to mention this since you are of the thought that zone alarm has some special value that offers you some sort of special protection against trojans...it does not. If you like ZA use it but do so understanding that its not a trojan or anti virus scanner.
Hi Chas - here is a review of firewalls ... perhaps this might help you make a decision. http://www.firewallguide.com/software.htm Bear in mind, no freebie will have all the features that a paid version will have. I am currently using ZoneAlarm Pro which I paid for and am quite satisfied it is doing a good job. I used the free version and found it would allow malware, etc. to write itself into the program control and send itself out. In the paid verson, I have ZoneAlarm password protected so nothing can write itself our access the internet without my permission and password. There is Sygate which is free and some people that use it find it works well for them. I used Norton too when I had Win98 and found it let me down on a couple of occasions. It boils down to what best suits your needs and what you are comfortable in using. Hope this helps.
well two or three weeks before i have downloaded some trojans from the iran hackers website which shuts down the firewall only two firewalls got shutt off kerio and sygate but i have tried many times to shut the zone alarm and outpost firewall by trojans but i never got a success
I realize we are going a bit off topic but here goes: I use Proces Guard free edition to protect my Firewall. Is it just protecting the settings and can the FW still be bypassed by "whatever". I am talking only about the inside>out direction because outside>in is stealthed by other means. Gerard
Gerard What a great question for the folks over at Diamond......Wayne or Jason will understand the issue quckly........an for your benefit this is not anything new.....many of us use special means of protection of the firewall An like Paul said..its not in away bashing
Since your system is not visible from the internet, there are no threats that can be directly directed at your system. That's nice. So lets look at the inside. A Windows based firewall is an application running on top of the OS. If the OS gets compromised (by whatever means), every application can be considered compromised, even a firewall. Even de Windows XP firewall... it's part of the OS, but it's the Windows OS... Most Windows systems do not get compromised out of the blue. It would require a user with admin authorization, or an application that exploits a bug. Such an application could be started by installing untrusted software (where do you get yours?) of by a user opening a malware mail. These are inside threats. And yes they are a risk for any tool. Preventing the exploiting of holes can be done by patching and patching again and again... Protecting your system with all kinds of tools makes life a bit easier (you don't have to worry about most technical failures), but still the user has some responsibility too. My protection: I use a linux firewall in front of my lan. I love it: it's free and its safe. And yes, I changed vulnerable software too. And yes, I'm the user
I am just getting into this so take me a with maximumu two grains of salt--I tried Zone Alarm for about two weeks, and a TroHor got in on me. Now, I was using their free edition which does not give you updates, if you watch closely everything it says on the downloads, it says updates are not available with the free edition. That may mean not automatically available, and there is some way to do it manually. If there is I couldn't figure that part out. Just today I noticed something shut down the ZA, so I immediately jumped off line, and went on a house cleaning tour. Didn't find anything, but I unloaded ZA--fool me once shame on you, fool me twice shame on me. I dwnldd free Kerio and it messed up my cookie arrangement--I couldn't get into my MSN mail boxes, and I could not see how to get rid of the blocked cookie function. I tried dropping the cookie standards and rebooting, I tried adding MSN and it wouldn't take. So, I got rid of Kerio, and dwnldd Sygate. Everything seems to be going along nicely. Still getting requests to allow that RPCSS (Distributed Comm Services), and I do not feel right about it, so until I hear from you guys I am blocking it manually. Tha's all I got, hope it helps. //Donn
As Paul said, software firewalls can be bypassed on outbound by some Trojans specifically designed to do so. (The AntiTrojan app developers will confirm that, based on previous discussions I've read.) What the firewall makers have done (especially as a result of some of the various leaktest demos out there) is make it more difficult for Trojans to do so with various tricks, like piggybacking, etc. But it's not impossible. Also, the trick of shutting down the firewall in order to bypass it is another way. I believe perhaps most firewall vendors have introduced some measures to counter that, like ZA blocking internet connectivity if it is shut down incorrectly. But still it's not impossible for specially designed malware to either do so or bypass in some other manner. ProcessGuard protects the apps you've designated from being shut down by malware, or so I understand. But in the case of firewalls, while it protects the firewall from being shut down, it doesn't address those Trojans that are designed to operate at a level where these commonly used software firewalls cannot detect them, so they can still bypass the firewall. At least, that's been my understanding from previous discussions. Such a question could best be answered in the Diamond forum here at Wilders. This is why so many people emphasize a strategy of informed users using safe computing practices and having a layered defense...such as AV, AT, firewall, etc. But to respond to the original poster, there are various decent firewalls from which to choose. The key is what do you find easiest to use and works well with your systems and needs. ZA (in various flavors) is often recommended because in default install mode it's easy and offers protection. Sygate is another, Outpost also. These have free versions you can try out. (Kerio 2.x is good also, but I believe that the user really needs to do their homework to set up secure rules sets which is why I don't usually recommend it to people unfamiliar with such things or not going to spend the time to learn. I'm not familiar with Kerio 4.x so can't say how that is.) But when you uninstall any firewall, be sure to read any specific instructions the vendor offers regarding how to uninstall. Some firewalls require to be shut down in a specific manner prior to uninstalling and then a clean up to make sure no bits are left behind in the registry, etc that may result in problems. So reading the manuals, help files, any dedicated support forums that may be available is a good way to go to try to avoid issues not just with uninstalls, but setting up the firewall, use on a LAN, etc.
Bitguard is an easy firewall to use. It runs at the kernel level and has it's own protection. As mentioned, there are many good firewalls out today. My favs are Sygate, Outpost, Look & Stop and Bitguard. controler
Donn, just a quick comment. If you're using a properly configured firewall, and a default ZA install should be so, that should provide protection against intrusion from the internet through youir PC's ports. It blocks them, shutting the door (so to speak) on that manner of intrusion. BUT firewalls are not anti-trojan apps. A firewall will not in itself keep a user from downloading a trojan disguised as something else and executing it. (Especially if the user is file sharing on P2P networks.) Or getting malware on your PC via browsing questionable sites if your browser security settings are not high enough. (And currently IE's default internet zone settings are not high enough to prevent spyware and malware intrusion via the browser.) Or opening an email attachment that is malware. So there are various ways of getting malware on your PC. A firewall typically only prevents such intrusions via open ports. Hence, again, this is why many of us repeatedly advise having a layered defense against malware. And the #1 defense is an informed user. Learning what the threats are, how they can happen and what practices minimize or increase the risk of having one's PC compromised. Then what software may assist us to protect against this given our particular practices, needs and wants.
Hello I can also tell you running SP2 RC1 set to default will show all ports stealted on GRC controler
Adding my two pence worth I've found outpost pro(paid for version not the free)to work well,but can be a little difficult to configure,took a while to get Windows update to work correctly without disabling active filtering!
