Ad Filtering

Claire, thanks for the advice. I have not installed LnS yet. Is the enhanced ruleset built in or an add on? Any specific tips would be much appreciated.

 

mdvu:

Actually, OPP uses almost as many resources as ZA and has similar memory leak issues. I change FW from time 2 time, and am currently using ZA. I like its ergonomy, if only they would correct their resource usage bug...

rerun2:

Well, leaving the "controversial" ad/script-blocking option aside, wouldn't that be - logically - everyone's ideal firewall?

Any ad-blocking routine has its flaws & drawbacks, be it a browser-feature, or integrated into a FW, or even a seperate app. Personally, I'm quite satisfied with ZA's ad-blocking performance. Any ad slipping though is an extremely rare event.

The ideal solution would perhaps be a FW-plugin, as in Outpost. Since ad, script & cookie blocking are only "minor" features, there is no harm in having them built into the firewall - this certainly won't turn it into an overbloated "multiware" in any way.
But one thing's for sure - if a firewall such as LnS were to take the lead over the others, eg. by having unrivaled outbound protection and CPU usage efficiency (it seems to be already the case for the latter criterion), then I would resort to a seperate ad-blocker, as LnS has no such feature.

But that's the whole point, comrade - for I don't know either!! (cf. read my prev. statements, and my other post you so kindly pointed to). You see, trends are fickle, and making one's choice depends also on the context. For example, I have quite a positive opinion about ZA (among others) for its ergonomy, leak prevention and ad-killing features, and despite blatant flaws such as its CPU-hogging bug. But I've had word recently that Zonelabs is about to merge with another firm, can't recall the name. But history has shown (cf. Atguard & Symantec) that this may not be of good omen concerning the quality of future releases of ZA. It may not even have extra anti-ad & privacy options that it has now. Other FWs such as Sygate & LnS might on the other hand integrate such extra bonuses into their products, who knows.

Products evolve. So do users' stances...

 

If you are using the trial version you click on the "Internet Filtering" tab and click "Load..." By default it should bring you to the look 'n' stop directory (if not browse to the location from which you installed LnS too) and from there you select EnhancedRulesSet.rls and open. You should then click Apply . If you decide to stick with look 'n' stop and you become more familiar with how the rule set works, you may even try Phantom's rule set http://www.wilderssecurity.com/showthread.php?t=17909 . The look 'n' stop forum is also very helpful, as is http://www.wilderssecurity.info/ . Though I believe the Look 'n' Stop - Alternative Homepage is not completed at the moment.

heh indeed it would be for most people ... though some may question how realistic that would be

Very true... and that sounds very reasonable to me.

Take care and best wishes in your pursuits .

 

... by definition of an 'ideal' - something that cannot be reached. I once referred in another post to such a firewall as "the Holy Grail"

 

Firewall that does popup and banner blocking? Why? Doesn't have sense at all. Might as well expect your firewall to do word processing.

 

Well,
- firewall blocks unwanted net traffic while the user surfs on the Net
- adblocker blocks unwanted popups while the user surfs on the Net

A striking similarity, don't you think? Not to mention that adblockers also have - for mos - the ability to block malicious web bugs, to cite an example. Which is more than I can say about FWs and Word Processors.
In fact, I reckon that firewall & adblocker would go pretty well together - and am certainly not the only one to think so.

Nah, this apparent relation that both Firewalls and Adblockers have to Network security must be a figment of my imagination... Damn! This is a cause for concern, for as there are countless users out there who share my opinion, this must be a mass hallucination!

 

So anything that has to do with surfing on the net has to be handled by the firewall? Wow, why not expect your firewall to browse the web for you too? or maybe it's the "blocking" action? So it must "block" viruses and "block" spam too?

Privacy concern, blocking web bugs. Different matter.
If you want to include privacy in the package, your firewall would also need to be configured as a annymous proxy, do secure erasing of your tracks, and more.

Yes you must be. Look up the definition of firewall sometime, you will find it very enlightening, I bet.

Countless number of people are idiots, besides, i'm guessing here on Wilder's people are drilled with the idea that using mutiple apps are much better than using one (at least that what's layered defences seem to mean to some people). E.g people prefer to use a dedicated anti virus + antitrojan compared to one that does both (eg KAV), people prefer to use a leaky email client + stuff to handle web-bugs/malicious content etc and do spam filtering isn't of one that is inherently secure.

so I would guess your view is the minority one here.

 

I definitely don’t share your opinion and never will.
Ad-filtering or web-filtering in general should be kept a separate code from Software Firewall main code. My observations with Software Firewall vendors implementing Ad-filtering technology and so forth into their product were just unacceptable, to me anyways. Besides I’ve observed in most cases using products that covers a specific aspect normally has knack, like Ad-Muncher.

This is just my opinion; we are all entitled to our opinions. You like sandbox, perfect. You prefer anything dealing with security be joint forces that you.

 

If you'd but taken the trouble to read this thread:
https://www.wilderssecurity.com/showthread.php?t=17293;start=30
(which Caratacus pointed to in this present thread), you would have seen that I too oppose integration of MAJOR applications (eg. Firewall, Antivirus, Proxy client, etc...), into a "bloatware" package, and that I too advocate the principle of 'layered defense' - I personally use an AV, an AT and a FW. And , as I said, ad-blocking & privacy certainly won't bloat up a firewall. I also agreed with Klaus that adblocking as a plugin would be the perfect solution. But I hate repeating myself, thank Microsoft for cut & paste...

Re-read my sentence carefully sometime, you won't find it enlightening, but at least you might understand what I meant, I bet - firewalling & adblocking both relate to networking, I didn't say that a firewall (in the strictest sense) had built-in adblocking by definition.


So you see, my point of view is a perfectly legitimate one, and so perhaps is yours, but it's not up to you to brand users who share mine as 'idiots' - unless you're part of the club...

 

First, if you expect me to read every post on this board, you should at least take the trouble to register.

Second, what is MAJOR or not depends on your point of view. Someone could very well, argue that antiviruses, antitrojans, spam blocking belong in a firewall, using the very same argument above. This tells me your arguement demanding for adblocking is flawed! The only way to avoid this problem is to stick to the strictest defintion of a firewall.

Really, yet you bemoan the fact that some firewalls don't have adblocking. Sure sounds to me you expect it to be in there.

And has for the "relates to networking" , but
by your definition everything relates to networking.
Emailing relates to networking. irc relates to networking.

A firewall is usually defined has a packet filter and works on packets, to filter adverts and popups, the firewall has to work on a higher app level, for that, a proxy would be a much better choice.

If you want content filtering (that would include spam filtering , poup and banner filtering), you are better off with a seperate proxy server for each protocol.

Let me be clearer, the fact that you had to appeal to numbers as evidence that your argument has merit, doesn't impress me.

It shouldn't impress you either.

 

Maybe, but one thing's for sure, antivirus software is much "bulkier" than an adblocker. You get antivirii on store shelves - along with firewalls. Can't say the same about adblockers.
Second, AVs are "critical" apps - and if U integrate a firewall, AT and AV into one product, and if this app gets terminated, then all 3 vital layers of defense are brought down. On the other hand, no virus/worm or trojan would try to shut down an ad/cookie blocker...

So my argument stands

No I'm not lamenting about it, I'm just saying - as I did in the other post - that it would be a nice little bonus to add, nothing more. Perhaps you also read that having such extra features was my least important criterion. Nevertheless,it's an option I'd greatly appreciate, esp. as a plugin.

Now who said it was meant to?

BUT I TRIED TO, @%$&#!
In fact I did register (under another name, now I can't even use this name for my posts, it's marked as "taken").
And here's what happens:
whenever I browse the forum, at first - obviously - it says 'Welcome, Guest. Please Login or Register'. Then I log in using my name & pass. The login seems to work as I'm welcomed by my name.
Now here's where things go awry: if I do as much as click on a thread link, or try to start a topic, or do anything that opens a new page, then I I'm back to the same message: 'Welcome, Guest. Please Login or Register'.

In short, I can log in but whatever I do thereafter seems to log me out! How d'you explain THAT?

 

Exclude blocking wilders cookies and you wont have any problems...

 

Better check if it's your firewall blocking the cookies LOL.

 

LOL!

 

OK, problem wuz, I never got a warning about cookie being disabled when I tried to login (and remain logged in).

Besides, I already have session cookies enabled, which so far has worked in all other forums.
Which ones are needed here? Persistent cookies? 3rd party cookies? Private headers? And what data do they contain?

And if I do succeed, any way to turn my guest name into a login name?

 

Enjoy

 

Private headers?

 

Counter-LOL, Phantom's screenshot indicated a session cookie, and my FW is NOT set to block them.

 

I see you are humour impaired. Never mind.

Turn off all privacy settings in ZAP, and try again. If it still doesn't look at your ie settings.

 

LOL

 

So is your sight, then...

Nope, it's OPP for me this week, but not for long - leaving the leaktest cheating aside (cf. AWFT) privacy settings don't allow for as much fine-tuning as in other FWs. In ZA, I think I'd have to enable session cookie and something called "persistent cookies".

As for my browser (ie. IE) it is set to block only "3rd party cookies used without the user's consent", whatever exactly these are...

 

Let me try again. The remark I made was funny (and I guess I'm not the only one who thought so), independent of what your problems were ultimately caused by.

If you don't get it, never mind.

Nope, it's OPP for me this week, but not for long - leaving the leaktest cheating aside (cf. AWFT) privacy settings don't allow for as much fine-tuning as in other FWs. In ZA, I think I'd have to enable session cookie and something called "persistent cookies".

As for my browser (ie. IE) it is set to block only "3rd party cookies used without the user's consent", whatever exactly these are...
I would recommend, trying to figure out exactly what your problem is, rather than randomly switching from application to application, without understanding what exactly is happening. You seeem to have picked up the right buzz words (though some like "privacy header" for cookies appears to be purely a ZA invention), but when it comes down to it, you can't even do something that the rankest newbie can do , that is log in.

That's pretty funny, if not for the fact that's it sad.

 

what a coincidence - so was my answer meant to be.
So I guess YOU didn't get it - forget it...

Now now - let's not be hasty in making unfounded statements. If you thought I keep switching from FW to FW just to be able to log in (LOLOL), then think again: that's the least of my worries 4 the moment.
Firewalls are available for test out there and that's exactly what I'm doing right now (gets pretty boring staying with the same FW, don't you think? ), at least until the "perfect" FW is released - according to my criteria of course - one that will comprise all the benefits of the others, minus the drawbacks.

The problem is, my login name could not be used for my guest posts (because I'd get a msg that the name was already taken, obviously) and vice-versa. I wuz hoping the admins could turn my "guest name" (which I prefer) into a new login name.

So you see m8, I figured long ago how to login, without even meddling with the browser
C4 yourself:

 

Damn! I hope I didn't spoil all your fun...