Jetico Personal Firewall vs Privatefirewall (vs Simplewall vs Windows Firewall Control)

Discussion in 'other firewalls' started by Lexor, Nov 29, 2017.

  1. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    A three step process starting from the left of the attached image.

    In my case nothing special, other than I feel HIPS is probably overkill to keep a pc secure. I'm currently, however, taking another look at Jetico on my Win7 laptop.
     

    Attached Files:

  2. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    It's good to hear that's already build-in option.

    I understand this your sentence as: "AppLocker should be enough for everyday use, but if I want something better and have a time to configure it then I should install JPF" - am I right?

    Oh, I am very curious about your new findings. Is it also 64-bit version of Win7?

    Here is your old note about replacing the default jpfconfig.xml file with a "custom" one during JPF's first installation - is it still valid? Or maybe current version of JPF does not require such "magic" any more and does not cause such "troubles" as you posted four years ago?
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Didn't even know that PFW monitored this much, seems they added things like "Set Sniffer", which seems to work about the same as SpyShelter's "Internet Security" module. In theory this should interfere with banking-trojans and data-stealers that are trying to hijack the browser and other tools like email-clients. To answer your question, it definitely monitors more than Jetico.

    https://www.spyshelter.com/internet-security/
     
  4. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    Yes it is hard. And every firewall with HIPS uses different words - OnlineArmour, Outpost, Private ...
     
  5. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    @Rasheed187: If I understand correctly, this "Set Sniffer" event in PFW can be set only for log.

    BTW: SpyShelter application (in its Firewall version) was also on my list of "maybe"s but it is no more because of one reason: they stopped selling their lifetime licenses. At this moment, the only form of payment is "one year long subscription" which I personally "hate" with passion.
     
  6. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    As I said HIPS module in PFW...it means DSA "on steroids"...not only detects specific listed action but detects abnormal behaviour of process also. It's similar in detection to ThreatFire that normaly uses behavioral analysis (5 levels) and on advanced settings can give additional control of registry, system files, host file, outgoing connections or port listening...or actually whatever you want.
     
  7. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    @ichito: It seems that this ThreatFire app is also no longer developed but it's free to use. Do you know if somebody has already tried to use it together with Jetico Personal Firewall? Do you think if it still works fine as a "replacement" for SpyShelter or these "steroids" from DSA? Or is it just "too old"/unpractical at this moment?
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I don't exactly know what they mean with this, probably you can not be alerted about it, it will auto-block it. That's how it works in SpyShelter, but I never really fully understood the details, haven't got a clue if it will successfully block the latest banking trojans. On the other hand, I just saw a video on YouTube about PWF alerting about "network traffic interception", which is the same as Set Sniffer. And I posted the link to SS only for info, I agree with your comment.
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    While I can understanding not liking the one year subscriptions, a lot of the good companies have figured out they can't stay in business without them. All the best companies software I use have switched to that. Fraid that's life.
     
  10. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    During my googling I've found some Russian forum with a long thread about Jetico Personal Firewall. It has over 700 posts but one of them is very interesting (for me, at least) - it is a table with "most secure rules" for svchost.exe service with explanation for each of them. This is the first such table I've seen so far so I thought I will share the link with you.

    I did an automatic google translation of this post from Russian for English - the result is in attachment below.
     

    Attached Files:

  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    It's just one's personal preference based on what they think they need to secure their machine. For some people just keeping their O/S and all their software up to date and running as a Standard user may be enough. I use AppLocker because it's available to me and I like how easy it is to set up, as well as how effective it is as a whitelisting approach for executables and dll's.

    Yes 64 bit and so far nothing out of the ordinary or unexpected with Jetico.

    yes that's still valid.
     
  12. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    Sigh... As I will be first time user and have no "backed up version" of configuration file I think I'll try to follow the steps mentioned by @0strodamus in the next post of that other thread and I hope they will "help me":
    BTW: I was trying to find this info but no success - does JPF offer any protection during boot/shutdown phases? Like "block any connections till OS will be ready".
     
  13. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,058
    Location:
    United Surveillance States
    I'm not. I moved on to GNU/Linux a few years ago now. I hope you're successful getting JPF to work for you. I remember it being a very capable firewall.
     
  14. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    yes I think Ostrodamus' steps should work well for you.


    I'm not sure, I can't remember.
     
  15. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    I dusted off some very old Windows 7 notes and made slight revisions in Post 19 above
    https://www.wilderssecurity.com/thr...windows-firewall-control.398284/#post-2723828

    Regarding Set Sniffer. Far as I can reconstruct 3yr old notes, Set sniffer was an activity of Private Firewall, logging itself, when it was looking at new connection attempts and/or new processes triggered by whatever it was looking at. The last two lines in the list I posted are NOT settings. I saw them in the HIPS logs and threw them into my old table, with the (LOG) indicator, when I was learning. Whether it's similar to SpyShelter, I can't tell.
     
    Last edited: Dec 9, 2017
  16. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    Thank you for your reply. As I understand you were using JPF till "the very end of your use of Windows OS". During installation I'm going to follow your steps I quoted above - do you have any more tips for "first time user" like me?
     
  17. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    Sigh and here "my hopes got crushed" as this kind of answer is "the most common one" I'm finding everywhere and I can't find any other.
     
  18. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I did some digging around and found this 2007 post: JPF v2 beta progress. ..from @Stem, which seems to indicate Jetico does start early in the boot process.
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Lexor

    You are getting these answers because people have moved on. I was curious after seeing this thread, so I downloaded and installed the Jetico firewall. Took a look and let Macrium restore it away, and went back to PrivateWall. It's another old timer, but it's simple and does work.
     
  20. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    I don't know user who tried Jetico and TF as a combo...I think it could be hard to manage and some features would be duplicated. I like TF very much but honestly I should say that it can't be the replacement of PFW and especially of SpyShelter...TF is unfortunately a bit outdated and doesn't fit to current landscape of threats.
     
  21. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    939
    Location:
    Land o fruits and nuts, and more crime.
    Switching back and forward on firewalls since EIS, PW seems very nice on 7 64.
    Yes, the icon looks pre-school, just a minor thing.
     
  22. Lexor

    Lexor Registered Member

    Joined:
    Nov 26, 2017
    Posts:
    43
    Location:
    EU
    Thank you for your test, Pieter. Just to make sure: is PrivateWall in fact Privatefirewall I mentioned (for example in first post of this topic) or is it something completely different? Can you tell me also what's your OS?

    I would like to ask you one more question: have you done any research before installing Jetico Personal Firewall or it was your "uprepared, short-term installation"? I am asking this because I read everywhere "the hardest part of JPF is its first installation ever". JPF is not "a simple firewall" and gives a lot of pop-ups. I spent a few weeks reading different topics and posts before creating this thread - the most important one for me is 30 pages long "Jetico making me crazy." (just look at that name!) as it is a great source of knowledge about JPF thanks to @Stem and his very detailed explanation posts. Here is a quote from one of his post in that topic:
    I know that @Stem also tested Privatefirewall (as his posts are also in this thread) and (it seems) he liked it too but I do not know his "final opinion" (if JPF is still "better than any other"). Unfortunately, @Stem is offline here on this forum since few years so nobody can ask him directly.

    Now, why I'm writing all this? In my opinion Privatefirewall is indeed a good firewall and it is more friendly to its user than JPF, but after reading that many posts about JPF I have an internal feeling that if I overcome all difficulties at the start then JPF could be better for me - that's why I'm still undecided and that's why I'm still looking for an experienced person who tested both firewalls for a longer period of time.
     
  23. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I'd always trusted @Stem's opinions on firewalls more than anyone else's. Too bad he hasn't posted for a very long time :( He felt that the most important aspect of a firewall was how well it filtered network packets. He liked how Jetico did that and he also had high praise for Windows firewall.

    BTW, I mentioned using Groups of Applications in order to better organize and manage the rules. I've attached some screenshots. You can even use wildcards if you like, but then doing so, at least too much of it, will jeopardize security of the process filtering. Having said that, the Windows System directories are protected directories, so only elevated malicious processes could write to them. If you run as a Standard User with UAC at max and don't get tricked into elevating any malicious requests disguised as legitimate ones, then it's highly unlikely those directories will ever get compromised.
     

    Attached Files:

  24. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    For what it's worth, I haven't tried JPF. However, I have used PrivateFirewall for about 4 or 5 years now. It has performed extremely well for me -- very reliable and extremely light on resources -- never have had any kind of intrusion that it hasn't prevented. As you probably know, it's no longer being updated, but that's not a problem for me. I don't need the latest and greatest as long as it does what it's supposed to do. In fact, I'm still using Win XP, so I'm absolutely fine with 'old school.' :). Of course, it is a HIPS type of firewall, so if you haven't dealt with that before, it may take a short time to get used to it -- and to get it 'trained.'
     
    Last edited: Dec 10, 2017
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Yes what I use is PrivateFirewall 7.0 I run Win 7 x64 pm all my machines although I do have a Win 10 image. I spent very little time looking at Jetico other than installing it. I don't think it's worth a big time investment as basically they are history in a sence. Reading Stem's old posts is also a history lesson. So much has changed.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.