A six-firewall review.

Discussion in 'other firewalls' started by spy1, Jul 3, 2002.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
  2. zzz7

    zzz7 Guest

    this is getting really old with the same comparisons over and over......3 of those apps are crap and ''SYGATE and OUTPOST......2 of the best aren't even mentioned!!!!!!!

    I'd like to see a factual poll done by the actual users of these .......only 2 on that list would rate high.......
     
  3. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    There seems to be a huge pool of "professionals" out there that are totally out of touch with reality.
    Whenever I see a study start with how great Norton and McAfee is, I instantly know that study or article is a waste of my time.
    I guess society has always been like that. Look at the success of McDonalds and Burger King in the US and even overseas (for me).
    Hell, people listen to Opra. I don't understand. o_O
     
  4. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Sy-GATE! Sy-GATE! Sy-GATE! Sy-GATE! Sy-GATE!
     
  5. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    LOL, Tiny isn't in the same class as ZA! True but perhaps backwards.

    Perhaps becauseTiny didn't offer "protection zones and modes" and other rhetoric that keeps people from learning what the he!! a firewall actually does. Once again a rating system based mostly on what product is the most n00b freindly. Oh and Tiny wasn't preconfigured to allow IE to do whatever it wanted, oops!
     
  6. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Even XP's FW was mentioned !! LMAO !!

    nuff' said !!
    bill
     
  7. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    No comments!! :D

    Ciao,

    Smokey
     
  8. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    ;) Just a friendly question. Why don't we do a comparison of our many firewalls? At least to set the record straight for those who are out-of-touch-with-reality! :D
     
  9. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Not a bad idea, in a way, P_S!

    Or maybe simply the things that we have problems with as regards our firewalls?

    FI, even though I liked L'n'S enough to purchase it (penny-pinching miser that I am! <g> ) , and feel totally confident of its protection of me when I'm on the Internet, it irritates me no end that it won't hold its' permissions for several of the programs I use here - I have to constantly chase those programs around with the cursor, authorizing, then closing the other little message that comes up to get them to work - when they do. I know it's because something about those particular programs must be violating the "Advanced" ruleset, and that I need to get into the individual settings for those programs in the firewall and make changes - I simply don't have the time to mess with it!

    It would be nice if they'd just put an 'Exempt Program' box in there somewhere, something that just lets it by-pass all the rules. Pete
     
  10. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,351
    Location:
    The Netherlands
    I have no such problem with LnS.

    Did you already post a question at the LnS board?

    [edit] I am running Win98 SE, by the way.
    I do seem to remember a thread at the LnS board of someone's settings not being retained in Windows XP, however [/edit]
     
  11. controler

    controler Guest

    Isn't it wise then to use a product by a company that sells both protections? Norton has antivirus and firewall (@guard)
    And they both play well together. :eek:
     
  12. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Root,
    Well, as you probably know, I've been using NIS/NPF since version1.0 and have no problems with it. However, there are factual inaccuracies in the statement about NIS/NPF in that review which lead me to believe that the author really did a rather superficial review.

    I'm not promoting NIS/NPF; indeed, I've been very critical of much of the invocation, but (at least for the moment) I will continue to use it.

    I think there's some merit to doing an independent firewall evaluation here at Wilders, but this is not as easy as it may seem. It would take considerable time to set up the criteria to be addressed and then comprehensively evaluating the extent to which each PSF (in particular) satisfied that criteria. Let's take 'intrusion detection', for example (which seems to be the latest rage). Different PSFs do different things and the evaluation criteria would have to adequately reflect that (not an easy task, by any means).

    And, I also suspect, it would be essential to specify the build of the PSF and the OS on which it was tested, as well as the basic configuration of the PSF. I don't think it does much good to simply compare 'default' configurations, inasmuch as the different vendors (and different end-users) have different ideas as to what is most appropriate.

    Well, let's think about it. I would suspect that the first thing to be done is to set up some (unweighted) evaluation criteria. We could then proceed from there.
     
  13. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    No. I think it is wise to use a product because it performs best for you. :)
    My firewall, Outpost, plays quite well with any AV I try to use.
    I loved @Guard. Why did Nortons have to add so much fluff to it? It more than trebled in size. Sorry I don't remember the exact size @Guard was.
    Then McAfee turned around and did the same thing to the other great firewall, Conseal.
    You know, I almost cried when I saw what those two companies did to two of the finest pieces of software around.
    Love Norton if you want. It's certainly your choice. I will forever despise those two companies for what they did, out of greed, to two of the best firewalls ever produced.
    I realise everyone doesn't see it as I do, but I am not by myself. Wouldn't be any fun if everybody used the same programs anyway. :D
     
  14. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hello there Mr. Morris, I guess we were typing at the same time and I just now saw your reply.
    I know there are a lot of faithful Norton users and McAfee users as well. I am sure they use those products because they believe they work quite well for them.
    I can only go by the experience I personally have had. I get called to work on other peoples computers a lot. Not because I am a professional, it's just that I live in an area of the OZarks where sunshine has to be piped in. :) I seem to be the only person around here that knows anything about computers at all.
    Anyway, I have found a lot of people have McAfee installed and even on the ones that have updated databases, McAfee has missed some of the most common viruses around. I have also seen Nortons, with current databases miss some very common viruses, most notibly the WM.Marker virus, I think is the name.
    I have come to the conclusion that AVs to some degree behave differently on different configurations of Windows. I know other people have very good results with NAV.
    Now, when it comes to firewalls, I do not have any similar experience at all. In the first place, most of the world doesn't know a firewall from a firefly. I have seen a lot of posts on different forums where people were having this issue and that issue with XYZ firewall. It seems here again, the configuration of the machine any firewall is installed on has everything to do with how well it will perform. I think it is going to be impossible to say any given firewall is the best in any circumstance.
    Being a big supporter of Outpost, I know it is an excellent firewall for most. I also know it is not the best firewall for everybody.
    I am sorry my post sorta wandered all over the place. But that's what happens when you start thinking about the ins and outs of setting up some kind of criteria for judging firewalls. Being a mod at Agnitum one thing I have learned is there are a million different configurations of OSs and other programs out there, and it is amazing how many different setups will affect performance of firewalls.
    I suppose in the end, it's as always - we are just going to have to agree to disagree. :)
     
  15. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Hey, root, could we drop the Mr. Morris? (It confuses my father. ;) ) Joe or Joseph works just fine.
    Can't say yea or nay to that. It's been eleven months since I saw my last virus here. I'd like to think that's because I'm very careful in what I do; but, really, it's more likely a matter of plain, dumb luck.
    Interesting; I'd never thought about that, but I suppose it's possible. I know Symantec definitely uses somewhat different drivers for NIS/NPF on different OSs.
    Yeah, @Guard, the moderator of the Unofficial AtGuard Users Forum, spent a great deal of time trying to drum that into my thick skull once upon a time. :D Unfortunately, the lesson didn't really 'take' until I'd gone through the experience with different machines using different Internet hookups and different ISPs.
    Agreed. Once upon a time (I think it was in the old GRC newsgroups) I laid out something like seven primary determinants of what might be 'best' for a given user in a given situation. Combine the various combinations and permutations of those determinants with the variety of PSFs out there today, and the decision matrix becomes rather awesome. (And tomorrow, a couple of the vendors will release upgrades, so you get to start all over, once again! :p )
    Where'd we disagree? I, too, think it would be a gigantic undertaking.
     
  16. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi Joseph. Please excuse the name thing.
    I really am convinced that AVs must work differently on different configurations. My experience with several AVs has caused me to wonder why anyone would use an AV that performed so badly. That, over a period of time and a lot of "discussions" has convinced me that different setups must affect the performance of such programs.
    As for the disagree part, I was just referring to the fact that people, including you and me, are going to disagree about what's the best firewall, AV, AT, etc.
     
  17. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Oh, that's what it was! ;) That ain't no big thang. I got over my Ford vs Chevy syndrome a few years ago.

    Still, it might be nice if we could identify functionality in the various PSFs that's present in one but not in another.
    For example, AG/NIS/NPF only handle TCP, UDP, ICMP, and IGMP. I think Kerio and Tiny can handle more.
    Do any of the PSFs yet handle IPv6 protocols?
    Possible combinations and permutations of some potential settings (for the rules-based firewalls) seem to differ from one vendor's products to another.
    AG/NIS/NPF (historically at any rate) has not explicitly identified TCP flags; ZA does. And there's a similar issue with the codes associated with the various ICMP Message Types.
    Who's got an integrated, on-demand packet sniffer and who doesn't?
    AG (and I think Tiny at least) has time-settings available on when rules were in effect; NIS/NPF does not.
    NIS (but not AG or NPF) allows one to link rules to particular OS User Accounts (in Win XP); does anything else?
    For novice users, what are the implications of simply going with default vendor-provided configuration settings?
    To what extent can an advanced user further customize the PSFs from the various vendors.


    Stuff like that, if fairly done, could be a real service to people looking for information on which firewalls best support their personal needs.
     
  18. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Agnitum tried to make a comparison of features that was accurate, but I think there may be a few errors on it yet.
    http://www.agnitum.com/products/outpost/compare.html
    Protocols handled by Outpost:
    TCP, UDP, ICMP, IGMP, RAWSOCKETS, GGP, IPIIP, ST, CBT, EGP, NVP, TMux, HMP. RDP, IRTP, NETBLT, SDRP, GRE, ESP, AH, MARP, MEP, SKIP, ICMPv6, VMTP, MOSPF, OSPF, MTP, IFMP, PIM, IPPCP, VRRP, PGM, PTP, SCTP.
    Next version is going to add:
    1. New logging system
    2. Protection against all known leaktests (dll injection, application
    commandment etc)
    3. New LAN settings dialog (autodetection of Trusted LAN)
    4. Rules are loaded before any appolication starts
    5. ICS support for XP
    6. Fast user switching support for XP
    7. Statefull inspection that will toggle on or off for applications like FTP.

    So, the above can be added to what is already listed at the Agnitum Outpost comparrison page. That's why I love this firewall so much. This is @Guard on steroids.

    NIS(?) is @Guard + fluff (parental controls)(How many predefined rules trying to cover every instance of use??)

    IMHO :D
     
  19. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    except windows of course. The os will always be able to phone home with a software firewall.
     
  20. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Root,

    Well, I just spent the last hour composing a big, long response to your posting above. Unfortunately, the site crashed when I tried to transmit it and I don't have a backup copy or the inclination to try to rewrite it from scratch. Sorry.

    Don't know what's wrong here; my browser crashes continuously on this website.
     
  21. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Joseph, I'm sorry to hear that. I know how frustrating that can be.
    Perhaps I should have left off the remark about NIS. I can understand it if you like the product. I did use it for awhile, I think NPF 1.0. If I remember correctly, it had it's points.
    I enjoy discussing the strengths and weaknesses of various security products. I learn, and try to apply the knowlege to my job at Agnitum in helping them make a better mousetrap.
    Wish I could help with the browser crashing, but I can't think of a thing that would be site specific here. Hope you get it sorted out. :)
     
  22. Raygun

    Raygun Registered Member

    Joined:
    Apr 24, 2002
    Posts:
    31
    Location:
    The Beach!
    Hello all. I was happy to see a review like this and thank you for bringing it to my attention. I'm no firewall buff, hell I barely get these things running. I do however run them because I know there value when it comes to my PC.

    I would like to point out after someone said shouldn't you use a firewall and virus software that play well together. I think this would be a very bad way to choose your product and would suggest rather then the performance you have between the two is the overall performance on your system with any one of these programs.

    That all being said I have had probelms with the two top listed firewalls in this review. Are you surprised? I doubt you are..

    First, Norton doesn't want to play nice with other software, a list to extensive to bother going in to I would just say that although I do believe Norton to be a good firewall I would suggest making sure early on that you can run your software with it installed so as not to have to remove it after you have extensive time in the product.

    Second, Mcafee has let their support go to hell. Earlier this year they acctually had an update that left many Mcafee users without working virus protection. I was one of them and went through hell trying to just get to the proper Mcafee division for my product. This could also be looked at as Mcafee was handing off the buck. Now that they have started a product line that is run totally from the web they seem to have let the users that acctually install their firewall hanging. I had been useing Mcafee for several years and left them earlier this year due to their lack of commitment.

    I now use the folowing and feel pretty darn good about these right now, although I continue to read about them all.

    BlackIce Protection 3.5
    PC-cillin 2002 (has pop3 & real time support)
    Trojan Hunter
    Ad-Aware
    System Purify 2002
    Windows XP PRo (w/firewall turned off, along w/a grip of useless services turned off)
    I also set my system so nothing calls home, how dare anyone think they have the right to call home with out asking me? I even use BlackIce file protection to block a couple programs that M$ thinks is ok to have call home with out my consent. (ie. wmplayer for one)
     
  23. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi Raygun. Even though BID now filters outgoing traffic also, I still believe it is something less than desirable. I wish I had bookmarked a couple of articles I recently read on it. It just dosen't perform well.
    In my opinion, and that's all it is, (I know), The firewalls people should consider using are Outpost, Sygate, Kerio, Tiny, and Look N Stop. I know you didn't ask, but I hate to see people put their faith in BI. I don't think it deserves it.
    Now, what is System Purify 2002? Never heard of that.
     
  24. Raygun

    Raygun Registered Member

    Joined:
    Apr 24, 2002
    Posts:
    31
    Location:
    The Beach!
    hmm, I hear you. I have heard many others voice there concern with BI. However, what can you do to my system while I run BI that you can't do with those you mention? I'm very tempted to just give out my IP and let you have a go so you can put your concerns to rest. I think you would find BI does well enough so you couldn't do a damn thing to me, and with out all the tinkering you firewall finatics like. Although that in it self is something I can understand, being able to fine tune your firewall is something that could be very apealing.

    System Purify 2002 can be found at Clipper Soft
    http://www.clippersoft.net/systempurify/overview.htm

    I, unlike the average intrusion watcher, feel I have a better experience on the web with cookies. Therefore I use a program to clean things up regularly. That is where System Purify 2002 comes in. It has many options when it comes to deleting temp files and cookiesand the index.dat files on your system. It's just one thing I use to clean up after doing anything I want on the web with out limiting myself!
     
  25. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi Raygun. BI has always had an excellent IDS, that is not the issue with it. I use a firewall as backup protection against trojans and call home type applications. I really have very little concern about coming under a DDoS attack, or anything like that.
    I will see if I can find the article I read last that expounded on BIs strengths and weaknesses.
    Please understand, I have no intention of trying to get everyone to believe that the programs I use are the only good ones or the best. However, when I see people putting their faith in security programs that I have reason to believe do not live up to their promises, I simply pass on my concerns so that I know the other person is aware there are people with concerns about the product in question. I also enjoy debating the pros and cons of various programs, as I have learned a lot that way. I have, in the past, changed programs I used because I found out someone knew something I didn't.
    Let me see if I can find an article or two that I came across to show you why I am concerned.
    Please do not take this as me thinking I know more than you do, or me telling you I know best how to protect your computer.
    I'll get back to you when I have some more information.

    I see that system purify is something like Window Washer, which is what I use to do the same thing.
    Thanks.
    :)
     
Loading...
Thread Status:
Not open for further replies.