Recommend me a free, pure and light firewall

Recommend me a free, pure (without HIPS), light firewall with inbound/outbound control, please.

 

The main feature in a firewalll is his security, not his lightness. You should choose a power firewall like Comodo or Online Armor and disable the HIPS. So you'll have lightness and protection.

 

Windows Vista & Win7 inbuilt firewall

 

Windows firewall, Kerio 2.1.5, Sygate.

 

True but for all i know there are not any tests regarding inbound protection.Stem has made some useful threads involving arp spoofing i belive ,but of course there must be more ways to attack a computer,and he's a single man you need something like Matousek with resources ,but for Inbound and not leaks.
To my knowledge there are not tests like this,for all i know windows built in Firewall could do a better job then the ones you mentioned.
I understand that what i wrote may sound silly but i would like very much to see such tests and be contradicted.
A router takes care of inbound but many peolple don't have one.

 

Comodo (with 'firewall only' option)
Outpost 6.5 free (you will have to manually rename in safe mode the driver 'sandbox.sys' to something else for example 'sandbox.sys.bak'; you will find it under the directory 'c:\windows\system32\drivers\' )

Panagiotis

 

I agree. The 'lightness' of a firewall need not detract from it's strength as a firewall. Indeed, as you say, how do you test for explicitly the effectiveness of an inbound firewall? Using industrial strength firewalls may provide more 'bells and whistles', but are they any better at the core, which is restrict inbound solicits? Outbound, that is another matter. The classic firewall would only say block outbound port to x address. The industrial strenght firewalls are IMO more about application control than just being a firewall. Which leads the them not having the feeling of 'lightness', but not to say more secure.

Sul.

Edit: Kerio is pretty lite. Softperfect is lite. Old sygate is lite. Old outpost is lite. DSA is lite. Threatfire 'might' be considered lite if it were only a firewall.

 

Another One, free, without HIPS and light is Rising Firewall 2009Free Edition(RFWFREE09)

 

pc tools firewall , but disable enhanced security verification.

 

You can try the freeware Look n stop lite firewall. But don't know if it has the same SPI(statefull packet inspection) engine as the paidware, which btw also has application filtering.

You can go to the looknstop forum for the firewall rulesets how to's. Using the enhanced ruleset will give you perfect stealth at grc's. Haven't yet tried the look n stop lite, though. I have only tried the 30 day free trial of the paidware. And it is extremely light. After the 30 day free trial, application filtering is disabled and you'll have the internet packet filtering still functional(don't know if this is still true today).

To know more about SPI>> http://forums.cnet.com/5208-6121_102-0.html?messageID=2369588#2369588

direct download link for looknstoplite: http://www.soft4ever.com/LooknStop/En/LooknStop_Lite_Setup_104.exe

look n stop free trial: http://www.looknstop.com/En/download.htm

 

ghostwall http://www.ghostsecurity.com/ghostwall/ there is no rising firewall free not exists......

 

Here is: http://rsdownload.rising.com.cn/for_down/rsfree/rfwfree09.exe

 

I also recommend Kerio 2.1.5 or Sygate Personal Firewall.

 

zonealarm firewall free

 

The problem with the type of tests you're looking for lies in one simple fact. The test results are completely dependent on the rules the firewall is enforcing. More often than not, it's the ruleset that's being tested. Most rule based firewalls will allow or block exactly what you tell them to. In general, the default rules that they start with are quite loose and need to be matched to your setup and needs. Every firewall has its own design and its own methods of rule creation and enforcement. With many rule based firewalls, the order the rules are in will greatlly influence what it allows or blocks. What ends up being tested is how well the user understands internet protocol, the firewall they're using and their ability to configure it. That makes standardized testing very difficult to set up.

Testing aside, the single most important criteria in choosing a firewall is its compatibility with your level of knowledge and skill. Most all of the firewalls that are considered to be lightweight require that the user understands what they're doing. They're light partly because they don't come with automatic rule creation components. Without a basic knowledge of internet protocol and the needs of the software that's asking for internet access, you won't be able to write effective firewall rules. It's a compromise, and the price for lightness is usually paid for with user skill.

Kerio 2.1.5 is a light, effective firewall in the hands of a user who can write firewall rules. Very well designed interface. It works on XP and older systems.

 

Yes good points you've raised becouse when it comes to firewalls it's hard to say what should be the standard configuration.Maybe we should ask hackers
Still some test for basic attacks that most firewalls claim and have rulesets to protect from but you have to take the vendors word that indeed they do will be great.

 

A standard configuration is not possible. There's too many variables that can't be accounted for with a default setup.
Examples:
DNS rules should specify the IP addresses of your DNS servers, allowing DNS traffic to and from those IPs only. This would defeat malware that alters your DNS settings to point to a compromised server. There's no way a vendor can specify an IP address, but if they don't allow DNS traffic by default, they'll get buried in complaints about their firewall killing users internet service.

ICMP ping. Some ISPs use ping to see which customers are connected. If your system doesn't respond, they assume it's not using the IP and make it available to other customers. If the vendor blocks that ping, the customer has connectivity problems. If they allow it, they get complaints that their firewall is weak because it doesn't pass a stealth test.

Services are another example. SVCHOST is involved in everything from DNS service and Windows Update to printer sharing, time service and remote access. It's also one of the most often exploited processes on a PC. Block it from connecting out and you break all those services. What traffic should be allowed by default, to or from where, and on which ports? Any default setting is a compromise. The best a vendor can do is block certain ports that are commonly used as attack vectors and hope the user will read the help file if they need them enabled.

Unless the attack comes from within, hackers rarely defeat the firewall itself. The vast majority of the time, they find weaknesses in its configuration that allows them in. Any firewalls default configuration is full of those weaknesses. The only way to eliminate them is to match that firewalls configuration to the needs of your system as closely as possible, then block all the rest of the traffic. Unfortunately, most users don't know how to do that and aren't going to invest the time it takes to learn how. This emphasis on leaktests, built in HIPS, etc convinces users that they're safe and leads to their neglecting the core of the firewall, its traffic controlling rules.

 

+1

 

Thanks guys for interesting answers and sorry for the lack of my answer about that, but I was recently very busy .
I have one question about Softperfect to Sul. Softperfect doesn't have an application traffic control if i know well? So i think i also should using the classic built in firewall on Windows XP, shouldn't I? I would like to say that I also used LUA+SRP.

I also thinking about Jetico v1 with disable HIPS protection or Rising Firewall, hmmm...

 

I used Jetico 1 for over a year until I decided I wanted more sophisticated HIPS in addition to the "pure firewall" only. (Jetico does have some limited HIPS like features which got me started in that direction originally.)

Jetico 1 is a good firewall, but does require a bit of setting up.


|||

 

The main question is "what do you need a firewall for ?"

 

^
For data theft protection.


For XP, use ZoneAlarm Free or Rising Firewall 2009 Free.
For Vista/7, use Vista Firewall Control.

 

Hello,

Sorry I missed this post for so long.


I may be only a single user with no web site, but please believe, my tests/results are not based on simple tests or what is expected. I do go deep in what I check/test, however, I do not explain everything, simply as it may confuse.

Specific tests can be put forward, I have many, but on its availability on forum is another subject.

- Stem