Which firewall to choose

Discussion in 'other firewalls' started by Sadeghi85, Dec 20, 2009.

Thread Status:
Not open for further replies.
  1. BILL G

    BILL G Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    80
    Location:
    MN USA
    I have ran ZAF VER. 5.5 + Avast for years with no problems. I haveZAF VER 9.1.007.002 + Avast since 12-26-09 and have no problems. I am not running the Toolbar.
     
  2. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    491
    I have Windows XP with 1 meg of memory. Memory consumption IS important. That being said: PCT Firewall works just fine with NOD32. So does Zone Alarm. In fact it works better than any other firewall. With Avira I use OutPost Pro. It works great. I gave up on Avast I had this installed in an FDISR snapshot along with Outpost Free. It worked fine but then suddenly the Combo started to block FDISR from copying snapshots. I got rid of the Snapshot. I don't need that. Outpost Free works just fine with NOD & Has low memory consumption. Comodo, I tired this out recently. Firewall w. Defense Plus. Errors all over the place FDISR was giving me errors & might not have been loading right. Not only w/Comodo but also with every other snapshot. I restored a Shadow Protect image. NO more problems. But Comodo is out. My suggestion is that if you just must try out Comodo make an image of you OS First. I'm really glad I did.
    I am starting to think that finding a workable firewall solution is trial & errror. Not every combo will work for everyone. What ever you are using & works keep. I am going to stop Tweaking.

    I am starting to agree with FAJO ZoneAlarm Pro is good with most AVS. I think the latest version would work fine with Avast . I may try this out some time agian but only when they release a new version.
     
  3. davhag64

    davhag64 Registered Member

    Joined:
    Jan 18, 2010
    Posts:
    25
    I may Try the avast again and zonealam Pro, should I run the Super Antispware with that?
     
  4. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    491
    Avast has Spyware protection. I would not load too many Security Apps at once. Super Anti Spyware would be adding protection you probably already have with Avast. Using the free version might be an option just scan your computer once in a while. You may not even have to install SAS. Just put it on a USB Key it seems to work fine for me there.
     
  5. BILL G

    BILL G Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    80
    Location:
    MN USA
    I run OD Scans only with Free SAS + MBAM.
     
  6. JohnnyDollar

    JohnnyDollar Guest

    I disagree, your product has to have an effective HIPS component to be able to pass a lot of the matousec tests.
     
    Last edited by a moderator: Jan 18, 2010
  7. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Correct
     
  8. nhamilton

    nhamilton Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    61
    With controlling outbound traffic.

    A lot of the new test, ok you do not need to pass them, same with keylogging.

    But, if I can load a driver, then all bets are off, if I can kill your firewall I can send anything. If I can run through a trusted app, then I can send traffic.

    The aim is if you say an app can not send data, then it does send data then you are not controlling outbound traffic
     
  9. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    its not the firewalls job to stop a driver from loading, thats what we have other products for, NOW i dont have a problem with a firewall having a HIPS, but i DO have a problem with matousec because its giving people the impression that those products are testing purely FIREWALLS, that is what most people assume, if u want an example of how bad this mis-interpretation is, just go over to Remove-Malware forums and look at the posts of Dieselman, ull understand why i think its such a problem for people to assume a firewall with a HIPS is a good FIREWALL...
     
  10. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814
    Agreed. People seem to think HIPS = Firewall now It's quite sad, because all HIPS is really is a branch off AV's. And in all honesty if I wanted hips I would turn UAC back on at max. There is a reason I have it disabled. o_O
     
  11. JohnnyDollar

    JohnnyDollar Guest

    Agreed, well at least they changed the name from "Firewall Challenge" to "Proactive Security Challenge", so it's a little less misleading now although it hasn't helped with the confusion any.:doubt:
     
  12. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Firzen:

    It's not so much a FW + a HIPS is equal to a bad FW. Maybe it's just wording.

    I have a pretty good FW (I hope) and a HIPS. So that's fine.

    But if my FW fails (nothing perfect) to stop a bad packet carrying a bad exe then I hope that my HIPS and/or my AV will prevent execution from occuring and altert me etc etc.

    Are you saying this matousec site is adding HIPS catches to FW catches and claiming them as FW only? If so that IMHO is worse than misleading. Please explain for me.:cool:
     
  13. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i have no problems with FW's including HIPS, but i have a problem with how people assume a firewall ranked well on Matousec (because of its HIPS component) then it means its a good firewall, one of the worst examples of how bad this mis-interpretation has gotta, on the Remove Malware forums, if u search some of his posts ull see one of many with me how he says "look n stop is a bad firewall, look at matousec's ranking" and continueing on to say, that unless it is ranked good on matousec, then its not a good firewall. thats what i mean.

    people assume a firewall ranked well on matousec is a good firewall... thats not the case, it just shows its a good HIPS, nothing more. and people cant seem to distinguish the difference.
     
  14. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Yep, you are right. And worse still once you post the clarification for them here or there it is all you/we/me can do. Some are destined to swim in their own sea IF they refuse to learn, look for quick and dirty solutions, silver bullets etc etc.

    What I try to do is help 3 times if that fails then like baseball they are out.
     
  15. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i tried to help and clarify... but him being a mod, my facts wer over shadowed and ignored and then got me banned, but w/e ill let them continue on ther path of false information...
     
  16. nhamilton

    nhamilton Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    61
    I think matousec has done a good job with a lot of the tests.

    How the rank/rate a product is where most peoples complaints are.

    I would love to see more firewall comparisons based on the packet filtering capabilities, can you block allow certain packet types, can you stealth the pc, how do you handle ARP, how good is your IPv6 filtering, how well do you detect proxy applications, what is the processing overhead, what is the processing overhead under high usage (eg with torrents)

    I would prefer to do a lot of different speed tests and be able to compare firewalls on those, maybe do an overall score, but what was the score in each section .. still have leakability and killability as one of the sections
     
  17. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i agree.
     
  18. JohnnyDollar

    JohnnyDollar Guest

    I also agree. Firzin you were banned over there just for debating firewall testing? Or did it get a little ugly? On a lighter note, firzin your spelling is awful.:D
     
  19. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    There are other stupid things as well.

    He does not provide any evidence about the practical relevance of his tests, like the technique from test x is used by widespread Malware x, y and z.
    Therefore even the conclusion 'on top HIPS' = 'good HIPS' can only be meant related to his HIPS tests, but not related to Malware. That would be a purely hypothetical conclusion.

    The next thing is, that his testing method with a single file for every test is no way suitable for behaviour blockers, like Mamutu or Threatfire.
    They should kill a program because it creates an autorun (new tests) and does absolutely nothing else o_O
    Or the ECHOtest ("ECHOtest finds out whether the tested product filters ICMP traffic.")... Mamutu and Threatfire should be punished because they are not able to filter ICMP traffic. o_O

    Matousec is just a vehicle for some vendors.
    For maximised advertising effects they are willing to subject to his rules and to build their programs around his leaktests.
    There is a really significant line for the new tests...
    "The vendors are now given five weeks to review their products' protections. The tests with the new version of the suite and new rules will start after that."
    http://www.matousec.com/info/

    Well, bow down before the one you serve or so. :rolleyes:

    Cheers
     
  20. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    im just lazy wen i type. :D
     
  21. JohnnyDollar

    JohnnyDollar Guest

    Well it's working.:oops: It seems to have had a propaganda like effect in the security forum community.:gack:
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.