about ideal firewalls. Does It really exist?

Didn't others already have this more or less? I'm thinking specifically of ZoneAlarm Pro with it's "OS Firewall" and the newer Tiny with all it's registry and system protection. Others like Outpost have been heading in this direction also. So certainly Comodo is nothing new really...

To me, a firewall is pure packet filtering, nothing more added. I prefer it simple, doing that job alone. The rest can be done with extra added apps if wanted or needed...

I think Comodo will eventually reach the same point of bloat and overcomplexity that has ruined many other previously good products... it seems to happen to them all in time, sad...

 

Jettico I has all sorts of HIPS features in it. It would give a warning when I tried to print a document with Open Office on an attached printer.

The first time it is run, PCTools throws off a shower of warnings for non internet connection activity. The problem I have with this kind of behavior is it has no intelligence. Its up to the user to decide what is OK. They are so sensitive that weeks after installation new warnings keep coming up so the point is never reached where it is a simple matter of saying no to everything. I don't know how anyone could set this kind of thing up for a non technical user, let alone roll it out in an office with many machines.

 

COMODO Firewall Pro (the current beta) is the first security software that provides all of the protection Tiny did back in 2005 (exept for the Snort support). There are many HIPS out there, but they are all lacking something in various ways.

What you just said about COMODO was said by tons of users about Tiny when the developers started implementing more features than just the network firewall - look at Tiny now (it's users wish CA left a home version).

If you install with Clean PC mode this will not be such an issue and that point aside the COMODO Safe Database will be much larger when the final release is out. In the meantime you should make use of the Safe File Submit Button

 

Safe file submit button. Where is that?

 

More hidden than in the last version

If you disable Defense+ in COMODO Firewall Pro, install some things, enable Defense+ then you will see this if answering yes to a prompt

 

I added all the avira antivir files program files manually and submitted them so they will be added to the database now?

 

Question: Definition of a basic firewall?

 

Yeah, not sure how long it will take though

 

Define basic

 

As most members here know I've been searching for this very thing for a very long time. It is a similar search to tilting at Windmills. So far I have tried a series of SW all having a FW component.

Here is the list I have tested:

1. Windows XP (not ideal)
2. Norton ( not ideal)
3. McAfee (not ideal)
4. ZA Free (not ideal)
5. ZA pro (could be ideal)
6. Webroot (not ideal)
7. PCTools P FW (not yet ideal)
8. Comodo V 2 (not ideal)
9. Kerio Per FW (almost ideal)
10. OA "Suite" (being tested now)

Do you see the pattern here

For me there is yet to be found an ideal FW.
It depends on my and your definition of ideal, if it includes in and out control, has a HIPS attached or not etc. Thing is there are too many and the vendors add features to appease their marketing bosses. Sometimes it is better to ignore marketing or every FW will evolve into a suite which if allowed to form ad hoc will be like the horse designed by a committee and emerging as a camel. All due respect to the animals mentioned

If you believe in your check list in post 1 use it to filter out the ones that don't do those items, pick one on trial and test it on your set up.

That's the best I can do for you today.

 

Hi, Escalader:

Which version of Kerio Personal FW did you refer to ?

 

Hi Perman:

It was the one from the learning thread 2.1.5.

Which FW are you using these days? Just curious a fatal flaw!

 

Hi,

For my FW, it is like a musical ride, on and off with different ones. Starting with ZA pro then McAfee Desktop, OA free, just tested OP 2008, now I am back to SunBelt Kerio 4.5.916. Reason for changing are varied from product to product, until one that would cause me the least headache. McAfee Desktop 8.5 is the one that cooperates with my setup homogeneously. I left it because support will not be there after Oct.31. Sunbelt Kerio 4.5 has taken over, so far so good, easy to use and configure , although its leak test is not up to the bar yet. I do hope it will continue to develop. Take care.

 

Hi, buddy,
I found one which it's really ideal. It's the firestarter within the linux system. FYI I use the kurumin linux together with windows xp. This firewall is the only ideal in my humble opinion. Best Regards.

 

Hi carioca:

Interesting, must admit I've never heard of it.

Can you provide a link for this tool?

 

Hi, of course. Kurumin linux it's a brazilian portuguese distro of debian linux.If you want to see the kurumin linux you may link at the http://www.guiadohardware.net/gdhpress/kurumin/. But I suggest you link at the http://forums.debian.net/. You are going to find it in english. Other distro, which is also very easy it's the ubuntu at the http://ubuntu.com
FYI the firestarter it's the firewall of the linux (kurumin debian). First I had used the live cd and afterwards I installed at my machine. It's wonderfull . You forget the windows because its lightness, security and fastness. You may believe try to see the live cd first. This you don't need to install it.Best Regards.

 

Packet filtering firewall

 

In those terms i would assume no app control. On a "higher" step app control.
"leaktest features" (so i don't have to come up with a technical term) while potentially good, are not about filtering packets, but detecting behavior that could change the content of them (?).
That's it for today, i'm getting a blank, bad day..

 

I guess the ideal firewall does not exist in Windows, only Linux.

 

The ideal firewall is the one with no bugs. Good luck trying to find it!

 

That's why I wear pointed shoes, so I can kill the bugs when they get in the corner.

 

Greets.

This topic is so widespread on the net, there should be a website called www.whatfirewallisbest.com. And I can certainly sympathize with it. After all, who is not concerned about thier finicky OS becoming unstable from a bug, or worse losing data.

The real question IMO should not be which one is best, but what do I really need based upon my system and skillsets.

Take for example my system and skillsets.

A. I have customized (tweaked) my XP install to close every hole I can find. (this is especially true of services lol)
B. I use alternate browsers, IM, mail clients etc that are not AS targeted as the big ones. (ie. Opera, Firefox, Kmeleon, Miranda, Calypso)
C. I practice Safe-hex in multiple positions ie. use Sandboxie or better yet VMware when I need to go to some 'nefarious' website. VERY careful on how I handle my email.
D. Live behind a router that is properly configured.
E. Co-inhabit my system with Avira Personal (my choice)
F. I know what I am installing, and always use sandboxie or vmware to install a new app. I also use InstallRite to see just what it is doing when it installs.
G. A firewall that I am comfortable using that lets me dictate what is happening ( as in, what program can go online, what cant. what lan ip is allowed to communicate, what one isn't )

Is this paranoid? lol, maybe. Let's just say that I learned that the only way I am going to keep my stuff safe is if I know what is going on. And the easiest way to do that is know what my software is doing.

Now, let us propose a different skillset and system.

A. a Dell computer with all the normal Dell installed bloatware, probably patched up.
B. standard usage of IE, Outlook and messenger (maybe Firefox or yahoo IM)
C. Possibly living behind a router
D. Probably using Norton or McAfee, but not necassarily up to date
E. Windows firewall is most likely running.
F. I surf where I want and read any email that I really want to.
G. Applications and utilities are installed if I think they sound good.
H. I use Kazaa or something similar.
I. I do not know anything about: hosts file, dns, ipconfig, ip routes, ports, services, scripts or safe-hex.

That is a totally different vision there. Now, which firewall do you propose to use for each skillset? Does one cover both?

No way. While some firewalls are "better" in this test or that, IMO nothing will keep you safe like knowing what is going on. I am sorry, but I don't think there is a security product made that will truly protect those less technical skillsets.

Suppose you had my skillset. ( not to say it is that great, but I do have a clue as to what is going on ) You may not even find a need for a firewall. Or some other app.

Personally, after years of being online and learning all that I can about networks and security, I have dumped all of the apps I used to use for the most part. And I have tried most of them. Simply put, my precautions for safety are reliant upon pre-emptive strikes. Vmware or sandboxie, alternate browsers, etc. Spybot, adaware, etc etc no longer help me. Uber AV or firewalls no longer entice me. I just want an application that is stable, fast and with a small footprint.

Heck, I still use Outpost v1 Free. It may not pass every test know to man, but it does do exactly what I want it to. Ask me about a new app and allow me to choose what to do. I also use v2 but dumb it down a bit.

If I have not done my pre-emptive strikes, then I do stand a chance of some malware getting in. I may find my system likes to BSOD. I might even find that I have more spam than normal.

I just think that a lot of peeps fall for the hype associated with the whole AV/Firewall/HIPS agenda when they are more than competent enough to not really have to worry about it.

And for those who don't know enough or don't care enough to know enough, well, maybe they need the uber all-in-one suite to help protect them.

I beleive that most peeps who spew out technical mumbo-jumbo in a forum such as this probably already know enough to get by with the essentials: a basic AV and firewall. No matter which firewall, just the one that they feel the "best" at interfacing with.

This concludes my post for the week. Cheers.

Sully

 

ZEGENIESTUDIOS is a site that uses a checklist scenario to help in your search for the right choice of Linux-distros. One should use the same criteria for security searches, like Lava-Lite dot com. By the time it's designed, finalized, translated, loaded onto the web and properly advertised....we'll all be on Linux and won't need the service! But it was a thought...

 

diver, I do really agree with you. This is exactly what I meant. now I'm using the guard dog in my linux. it's very perfect and it doesn't cost a dime! this the reason I shifted to the linux (debian distro). Security doesn't cost any fee! Best Regards.