firewall??? show me an easy one

Discussion in 'other firewalls' started by tiluid, Mar 7, 2005.

Thread Status:
Not open for further replies.
  1. BlackSwan

    BlackSwan Registered Member

    Joined:
    Jul 13, 2003
    Posts:
    104
    Well, I'm very pleased with my current security suite (which BTW includes Kerio 4.2 beta 3 - a version which has caused many people problems, but has worked miraculously well so far on both my other computers), but, with all due respect, I believe it's always worth giving something a try... if nothing else, just to form an accurate personal opinion before passing judgement.

    BS :)
     
    Last edited: Mar 8, 2005
  2. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    ***"Frewall ? ? ? Show me an easy one"

    For ethical questions, i can just recommend free ones:

    In alphabetic order:

    -Kerio,
    -jetico,
    -sygate,
    -zone alarm.


    ***About Filseclab.

    I've tested it 6 month ago.

    This firewall (free) is not better or worse than the others free firewalls.
    I'm agree with BlackSwan that we have to give it a chance, and that we have to test it before any comment.

    But i also understand Ghost's opinion.

    After testing many firewalls, i'm always cautious and circumspect with any new or no well known firewall with great marketing: it's often a source of diasappointment ;) .

    One of the better Price/Efficiency report for a personal firewall is Injoy.

    It's really a powerful firewall with advanced features and technology (NIDS filter driver, Deep packet inspection, little IDS/IPS, monitoring, etc....):

    http://www.fx.dk/firewall/

    WARNING:

    *Only the pro version is available for trial (and not the personal one),
    *Do not install this firewall if you're a beginner,
    *do not use this firewall with Zone Alarm.

    There is an online manual for more informations:

    http://madcow.fx-services.com/fx/htmldocs/firestart/

    Regards
     
  3. tiluid

    tiluid Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    41
    Location:
    Bulgaria -> Sofia
    Thank you guys!

    Thanks for all your posts! :)

    I heard that my present firewall (Kerio 2.1.5) have bugs, and Arup said that it fails Leak Tests,...hummm,... so lets try another one!

    What about Sygate?

    Does it have bugs, did it pass leak tests,...

    Where can I find a good tutorial?
    (Is it rule based?)

    Are paid firewalls better than free ones?

    I am ready to learn more! :D
     
  4. Arup

    Arup Guest

    Re: Thank you guys!

    Kerio is pretty good if you combine it with BZ's rules and know how to set them for your particular system. Leak test is not truly a test of a firewall's capability but rather an exploit which any wise person would not commit, if you run Kerio with Avast and Perv, you have yourself the best combo, Sygate is also very good and free but if you run proxy, there is problems with it.
     
  5. tiluid

    tiluid Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    41
    Location:
    Bulgaria -> Sofia
    Re: Thank you guys!

    I dont know if I have proxy.
    When I tried "ShieldsUp" test it said: "Your Connection to Our Web
    Server is Probably 'Proxied'"!

    It also said: "The "reverse DNS lookup" of your connection's public IP address is: proxy.bol.bg" (bol.bg is my provider)

    Is that means that i run proxy?

    How can i find out?
     
  6. BlackSwan

    BlackSwan Registered Member

    Joined:
    Jul 13, 2003
    Posts:
    104
    Exactly. :) As promised, I gave it a go and now I'm back with the "report". :p

    Well... Filseclab is quite lightweight, but not as much as Kerio. On my Win 98 SE test PC, it caused no other problem except for the disappearence of a couple of icons from the system tray - but that was only the first time I restarted the system after install. There was also a very slight lag in the desktop icons loading. Both these problems went away when I shut down the PC and rebooted.

    What I found annoying was that nag screen about getting "signed up". They ask you to give an awful lot of personal information for this "sign up". I guess that if I had no other choice in free firewalls, I'd eventually live with the nag screen rather than give away this information. :rolleyes:

    On the up side, I liked the configuration interface - pretty straightforward and simple. I'd be willing to recommend this firewall to someone not very comfortable with advanced customisation. If they ignored the nag screen or had no problem providing their private info, I suppose they'd be happy with it. :p

    To sum it up, I will agree with kareldjag - Filseclab is no better or worse than other free firewalls. I personally prefer Kerio, but I definitely wouldn't reject Filseclab either. Nag screen aside, it's a simple application doing its job discreetly. If you take a look at the Readme file before installing, they do warn you in advance that it may cause incompatibilities and you may even lose your Internet connection if uninstallation doesn't go well. Neither happened to me - it worked fine during the 5 or 6 hours I kept it on the PC, and uninstalled without any problems.

    I think I'll keep an eye on this firewall - who knows, there may be some more improvements in future versions.

    EDIT - Oh, and I also agree with Arup about Kerio with Avast being a powerful security combination. I'm using it on 2 out of my 3 machines and it's been working great so far. [​IMG]

    BS :)
     
    Last edited: Mar 8, 2005
  7. tiluid

    tiluid Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    41
    Location:
    Bulgaria -> Sofia
    Well but tell me about the proxy?
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I tried it briefly. It seemed to work ok with proxy software. Ran a test at grc.com and it showed ports 0 and 1 "closed" but not "stealth". Not a big deal. But I wonder why. I did see a bug or two, minor. It's an interesting little firewall, but nowhere near as good as something like Kerio or Jetico IMO.
     
  9. Arup

    Arup Guest

    Kerodo,

    Got full stealth at Shields Up, PC Flank, IT Sec as well as Hacker Whacker, you have to keep the security setting on high. Did you turn the firewall on by right clicking on the taskbar icon and clicking on start?

    Thanks for the report Black Swan, good to see that there is another alternative in the Free firewall group that works. As you can see, Sygate free as well as the latest Kerio free are not without their troubles, Kerio 4 free has also taken off support for ICS and that is truly unfortunate.
     
  10. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Kareldjag-

    Please explain to me why you can only recommend free firewalls for ethical reasons. Do you have a conflict of interest? Then in the same message you recommend Injoy. It could be great for all I know, but it is not free.

    There is a bit of a strange mix of firewalls being discussed in this thread. Quite a few of these are not so easy. You want easy, get ZA or Sygate. Kerio is elegant, but no rule based firewall is easy. Without the BlitzenZeuss rules Kerio would be really difficult. Jetico is even more complex than Kerio. While Jetico is functional, it is not really finished yet.

    Correct me if I am wrong, but I think that both Filesclab and Injoy are not application aware. There is nothing wrong with this per se, but these sort of firewalls are usually not recommended for home systems due to the general lack of control over what software gets installed.

    I may as well recommend CHX-1. Its free for non commercial use, is powerful and has no application layer. It is elegant, perhaps the most elegant one out there, but it is not an "easy one". It is one item of software for which you absolutely must RTFM. They pretty much tell you that on the first page of the fine manual.
     
  11. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I'm not so sure the high security setting will stealth the two ports for me. I've run into this closed port status on 0 and 1 before with another firewall, SecurePoint I believe. I could create a rule to block port 1 and get stealth but if I blocked port 0 then my internet connection failed completely.
     
  12. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    Diver, Filseclab is app aware. I can't comment on Injoy. I did try Injoy once but it wouldn't recognize my network card and aborted the installation (and hosed a few things), if I rememeber right.

    Filseclab appears to be small and light, but it's a little rough around the edges, if you know what I mean..
     
  13. Arup

    Arup Guest

    For a novice looking for a free solution, Fiseclab appears to be quite good, supports ICS, it is ap- aware although there is no DLL fingerprinting and is truly light on resources.You also get a nice bandwidth meter which can be configured so you dont need a seperate DU meter ap. Instead of installing Kerio 2.15+Prevx, you just need to install one app therby consuming less resources, for those who are into total control, nothing comes close to Kerio 2.15 and I really mean nothing.
     
  14. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Arup-

    Why exactly is Prevx such a good mate for Kerio 2.15, and are you talking the free or pay version of Prevx.
     
  15. Arup

    Arup Guest

    Well the free one provides basic IDS, nothing advanced, I tried SSM, after installation, there was no shortcuts on the desktop or start menu, had to be started from the installation folder itself, made the system crash and on every reboot it would pop up with the expiry nag screen.

    Couldn't find any other free IDS solution except Protowall but then that is not for beginners.
     
  16. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    Been trying out Look N Stop 2.05p2 here tonight, and I have to say I'm actually pretty impressed with it. The troubles I had in an earlier version are gone, and it works fine with Avast now also. It's very nice. I might consider buying it if it does well here... Very light too. It's using only 6.5 megs ram, no cpu.
     
  17. MushfiQ

    MushfiQ Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    131
    Kerodo, hows Look n Stop considering that its a rule based firewall as well & what are the major pros & cons comparing it with Kerio 2.15 ? Would appriciate a feedback....Cheers :)
     
  18. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    K-

    No CPU? What is your 'puter running on, vapors? :)

    OK, give us the report in the morning. I just set my entire lan up as static. It seems to eliminate some buggy router behavior. Let's see if it is running in the AM.
     
  19. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    There's No conflict of interest.

    And i did not recommend Injoy: i just said that it's a good firewall for a little price (efficiency/price report).
    I think that a personal firewall has to be less expensive than 50 dollars/euros.
    And Norman or Norton for instance are really expensive and are just classicals firewalls.

    I have an "AT", 2 AVs (with and without signatures) ........ and i've never tried to recommend them.
    I just try to be objective, independent and neutral (like consumers guild).
    But it's sometimes difficult.

    In that case ("show me an easy firewall"), i recognize that Injoy is totally out of the topic (paid and not easy for beginners).

    Finally, we have answered to Tiliud's question and perhaps it's better to follow the discussion on another thread ;) .


    Regards
     
  20. LouKaNiKo

    LouKaNiKo Registered Member

    Joined:
    Mar 8, 2005
    Posts:
    13
    I vote for outpost.
    Install, it auto customizes based on the applications you have installed, and basically you can tweak settings or forget.

    I would have to say, once of the easiest i have used.
     
  21. ChrisP

    ChrisP Suspended Member

    Joined:
    Jun 6, 2003
    Posts:
    447
    Location:
    UK
    Just install BlackICE and forget about it...
     
  22. tiluid

    tiluid Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    41
    Location:
    Bulgaria -> Sofia
    I made my decision!

    I made my choice!
    I'll stay with Kerio 2.1.5 with BlitzenZeus's rules. I found it easy just to load the new rules and to continue surfing.

    Thank you for the help and your comments. :cool: :)


    Sincerely yours: Tiluid ;)
     
  23. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    This thread is very much appropriate to my dilemma just now. I run Outpost Pro with hardware router firewall and do like the security of both plus other layers.

    My neighbours who are very new to computers full stop are only using the SP2 firewall with a router I installed for them at the weekend as they have just got a broandband connection. I have told them the realities about having a sofware FW (they are in their 70's) although they very basically understand I am not too happy they are not 100% positive about me installing one for them (to be truthful it will be me who has to cope with the initial Q&A's)

    I have used Sygate Pro and know there is a free version but it did not always agree with my router. Outpost Pro works fine for me with my router therefore this is one I was considering for them. I hope they would get used to it eventually - they do not have a super powerful computer - would OP put too much load on their setup and is it necessary to have the Pro version or would the free be adequate for very novice users?

    They still think SP2 + router is enough and off course I am the only one who is encouraging a firewall as any other friends tell them they do not need a third party one :(
     
  24. Arup

    Arup Guest

    Thanks to Kareldjag's previous posts I found Winsonar, which is among the best freeware IDS one can get, scans all your ports and kills unknown processes before they can spawn. Combine this with Kerio 2.15+BZ+Winsonar and you have yourself a very good and free system protection. Who said best thing in life are not free?
     
  25. MushfiQ

    MushfiQ Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    131
    Arup, What is Winsonar though? Could u put a link plz..would love to try that with Kerio ;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.