Need a good firewall -- not a crapwall

Hmm.... FireWall... gone berserk

Or was it having possess of "kneejerk reflexes"?

One tip to share with you folks, who got that kind of crappy-FWals ...next time when you're typing fast and the firewall suddnly responded with popups... (now follow my instructions carefully):

- stand up from where you sit, and give your PC table a quick but hard kick (sorry if you're wearing slippers thou... it hurts, you know, it hurts)!!


Note: punt, intended.

 

And the winner is....

Kaspersky Anti-Hacker?

The Bookies would have cleaned up on that one.

 

,.- I pretty much agree with you about the absurdity of the interface to most firewalls. I can't stand using firewalls that have me click a dozen times to set something up.

Another annoyance is how much a firewall now tries to do. I can't say bloatware, but being able to turn modules off is a must in my book.

I have tried every firewall I can find, even really obscure ones. I do it in a vm machine. I can't say I have tried them all, but I'll warrant that if it is on a list that google can find, I have tried it.

I started with Outpost when it was v1. I used it all the way up till about 6 months ago when my new C2D intel board/cpu hated it. I started (again) searching for a replacement. Honestly, nothing I tried seemed as intuitive or informative with such few steps as Outpost's interface. I have my own set of preset's that are totally tweaked, so all I need to do to install is some basic system settings.

After trying even more firewalls, a few that I recall to work well were Jetico, R firewall and comodo. LNS, ZA, Kerio, Sygate, Tiny, etc etc all worked OK. But in the end it came down to the user interface for me. IMHO none of them can compare to Outposts.

Now, I have had issues with Outposts filter driver. Many of them. Usually it is attributed to using Opera or Firefox and having a lot of tabs open and a lot of caching going on, or downloading too much. I searched for older versions and settled on v2.1 I think it was. Not too much bloat (just a wee bit), so far stable on my rig and still uses my presets etc with minor tweaking. The only thing I wish was different on that older version was to turn logging off on a rule basis. But I live with it.

Hmm. So, everyone likes a firewall really, for the "feel" it has. Some firewalls give better protection that others, but mostly it is how comfortable you feel you can use it.

Personally, I don't really need a firewall these days and find myself more and more disabling it or shutting it down. What!! Yep, I have been working on an unattended installation of xp for some time now, and have been using every trick known to the web to neuter winblows into submission. All kinds of reg files or utilities or what have you to stop the endless supply of holes. I use Avira and on some installs Process Guard depending on how soon I think I will be reformatting. I reformat dozens of times a year, mainly because I have a good arhiving system set up so I can wipe at will and I have a great unattended dvd that makes installing a breeze. I usually put Outpost on but like I said disable it a lot because now that I have been using vmware, I test new apps in there first and decide on what steps I need to take from there (usually Outpost is installed in the vm, but I have tried most of them. How else will I test the firewall or know if a new application is mischevious?) Network wise it may be router rules, or maybe hosts file or re-routing in winblows route table.

So, what happens when you perform a clean install, use a decent AV and then use software that you know and trust, if you don't have a firewall? Well, nothing. If your OS has the holes plugged and you care to learn what to do and what not to do. I can't say everyone should do this, but then again, I test everything before I let it run wild in my system.

This has been a most interesting thread that I have thoroughly enjoyed. It is amazing at how many peeps post on forums that have a great amount of knowledge. I seem to always learn something reading topics such as this.

I will now go back to my coding and lurk. Sorry.

Sully

 

You can run without a firewall as long as you don't have any *vulnerable* apps or services holding ports open. That's pretty much it in a nutshell. I wouldn't recommend doing that to anyone, but it certainly is possible to do without harm. I have done it for a period of a few months before. Nowadys though, I stick with my router and have no worries...

 

In between testing the "latest-greatest" I run without a sw-firewall too. Outpost and Filseclab are 2 of my faves.

 

Yes,Filesclab seems a forgotten firewall,light ,simple,fast and tiny footprint,which I used for a long time in conjunction with Threatfire.

For me it was flawless and three updates on the still active site are available

 

Just installed recently and was surprised to see the updates for version 3. (I've always wondered if 2.5 would get purchased.) Filseclab and a "smart" HIPS make for a solid combo....

 

Precisely. With a good router properly set to safeguard inbound issues, a software firewall is really only needed to keep applications you don't want phoning home, from doing just that. I would say though that the average user, who does not want to be bothered with learning all things computer, just wants to get his mail or view her webpage. Having worked on countless peeps computers, and seeing how they actually use firewalls, I am of the opinion that most current firewalls are really of no use to them. Quite simply, if they have a router, AV, not use IE and practice some common sense in what they install or mail they open, are for the most part as safe as if they had a firewall. That is, due to not understanding nor desiring to understand what a firewall is asking.

I do know what is on my computer. I know what ports it opens, and for the most part understand just where it is headed to. Point in fact of how simple it is to not use one (although I do like to use them when I do important stuff like coding) is Prevx v1. The original one. After v2 came out (or whatever version it was, R2 or something), they must have taken the update servers offline. A nagging "cannot find updates" kind of thing came up. I still used it for the registry etc defense. A simple hosts file inclusion of the sites it was trying to update to fixed that issue. No firewall needed. Other times I have routed a certain address to like .255 on my local, effectively going nowhere.

I totall dig apps like Outpost and PG, but fail to see the importance of them using applications like VMware or even Sandboxie. Couple that with a modified OS that is as tight as I can get it, and it seems redundant. You can bet though that if I am working on a project of importance, all that stuff will go on and never come down. But mostly, vmware takes care of it for me. Offline OS with access to the host which has access to the net. For me, the best investment I ever made.

Oh and Filesclab is an ok firewall. Tried it more than once. Not as nice of an interface as I like though.

Sully.

 

Nope, it ain't pretty! It has a lot of pre-set rules that get tossed out too. Being able to import rule-sets is pretty handy. I don't have it installed right now but I keep a copy of the rules for whenever I re-install.

 

What-you dont like that purple!!

For wont of anything better to think about in the wee small hours of the morning before Sparrows Fart time,have considered the name may be an Asian joke by the developer and it really is called FILESCRAB

Monty-the rulesets for it-did you write them or are they available on the Net?

 

Did them myself. Dump the pre-sets 1st, then open all apps and let rules-wizard create the rules, then use this as a guideline to tighten the rule-set.
P.S.-thought it was called FIRESACRAP lol

 

No further news from ",.-" so it looks like Anti-Hacker is o.k.? I notice no one has 'had a go' at ",.-" over his nomination of Kaspersky Anti-Hacker, so I'd like to pose a question;

How would Kasperky's Anti-Hacker 1.9 stack up against the pack if it has ProSecurity* as a partner? (Or would K's A-H 'pro-active defense' have a 'domestic' with HIPS applications?

 

Thanks-good one

 

"No further news from ",.-" so it looks like Anti-Hacker is o.k.?"

I have stopped using it because of the inadvertent creation of allow all rules (but I may go back to KAH if I find nothing else).

In the meantime, I have tried Outpost 2008. That's a supercr*p wall. It completely ruined my computer (created bluescreens and broke certain applications like MS VirtualPC).

Thereafter, I tried Outpost 2.7 (as recommended by mercurie). The GUI is better than the KAH GUI. Resource usage is o.k. No bloatware. I am not so sure yet whether it is really stable. Had some issues with a game called The Witcher. But this could also be a bug of the game. It will take more time in order to figure out whether OP 2.7 is fine.

 

My suggestion would be to get a copy of 2.1. There is a link in the outpost forums for old versions, and I think you can still find them at filehippo. I updated to the new versions numerous times, but really don't like them that much.

2.1 does do component monitoring, which can be annoying at times. Another quick tip is once you have your rules made up, always set the policy to 'block most', as it not only stops asking questions, but also help with latency for some reason. I used to run in 'rules wizard' a lot, and found myself constantly disconnecting from CoD2 because of network connectivity problems. I also have a teamspeak box up using Outpost free, and all my mates were complaining about being dropped. On both of those boxes, setting the policy to 'block most' fixed it. I also used to set my log file size way down, but on 2.1 you either get logs or you don't. You can stop the logs by renaming one of the .dll's but I don't remember off-hand which one.

Also, I think it was paranoid2000 in the outpost forums who has a pretty good secure configuration guide for outpost.

There are 2 plugins that I also use which you may want to check out. One is Blockpost, which gives the ability to block 'net blocks', something that I wish winblows could do on it's own like the way the hosts file works. The other is httplog, which simply shows what websites have been visited. Quite handy when you want to know where you have been or where an application attempting to go.

You can also edit the .lst files in outpost. One is a preset so you can EASILY set up your rule presets and when your app comes up, the wizard will find the .exe and automatically propose you choose that rule. The other one I use is for lan computers, but it is nice to open a text editor and work easily.

The ad portion of OP works well too. I think Agnis is what I looked up to get a pretty good list of ad keywords and such.

All in all, for being only a firewall it works well. Uses about 14mb on my process list, which I find acceptable. Couple that with the other things that it CAN do, but at your discretion, and I find it hard to beat.

good luck.

Sully.