App Control Only Firewall?

on and off reader, first time poster.

i've been through quite a few firewalls, and have settled on 8signs for quite some time now. it's just so refreshingly simple compred to the bloat of all the majors who seem to be morphing into anti virus/trojan/firewall suites now.
i prefer to keep it s simple and separate as possible, since the jack of all trades is the master of none.

i've been using 8signs for quite a while. learning mode on, and just adding entries to set certain ports to be open/closed.

however i'd love to add some form of application/component control to this.
ie even though port 80 is open, have application x blocked from sending/recieving through it. or if i find a suspicious application, block it from all network activity till i can determine if its safe. i know appliction control is dubious, sice most firewalls give the web browser free reign over port 80 at least, so if it were hijacked that's you compromised, but surely some control is better than none?

can anyone recommend something to use in conjunction with 8signs, that is lightweight? or failing that, a lightweight firewall that could meet my needs?

if that's the case, jetico looks like a suitable candidate to me.

 

The only true app control minus SPI firewall was Agnitium's Jammer but sadly they have killed that one.

 

does it work well? i'm sure it's still available by "alternate means" not sure about the legalities of doing so though. however if it's not available to buy, they they're not losing out, are they?
that aside, would you recommend running it in conjuction with 8signs?
i'm sure a trial verison is still available somewhere.

 

Works very well, don't know why Agnitum took it off, all you can find now on the net is patched and cracked versions, most of the cracks are infected so watch out. It also had a very good registry protector as well.

 

You could go with Look'n'Stop. You can turn off the packet filtering and just use the app control. Personally I like LnS alone, but another packet filter could possibly add better SPI. I've considered going this route just for the heck of it.

 

If you're going to consider the LnS route, then you might as well consider ZA also, as you can turn off the internet filtering completely and just use it as app control also. Either free or ZAP version work well. And the free version is just that, free, so that beats LnS.

Jammer was the best solution, but as Arup mentions above, all that's available now anywhere are cracked .exe's, most of them infested with viruses and crap. Agnitum had it on their site up till about 3 months or so ago. Sadly, it's just not available anymore in a clean form. Not to mention that even if you did find a clean cracked version, who's to say what the heck it's doing behind your back anyway. So that's not the route to go.

 

sounds basically like a something that would get you past trojans/leaktests. Try stuff like ProcessGuard, KIS w/o firewall, Tiny w/ Firewall turned off? If you need something free then just go with antihook free.

 

You can use Jetico PF fot app control only. Just remove packet filtering.

 

I have jammer 1.95 on the january 2002 (185) pcplus super disk , that you would be welcome too if you pm me.Im not exactly sure what operating systems it works on though , as in the htm page it mentions if u like jammer 1.95 to upgrade to jammer 2 which works on all OS (see attached file) any way if you want it let me know.

 

I have jammer 1.95 on the january 2002 (185) pcplus super disk , that you would be welcome too if you pm me.Im not exactly sure what operating systems it works on though , as in the htm page it mentions if u like jammer 1.95 to upgrade to jammer 2 which works on all OS (see attached file) any way if you want it let me know.

 

heres pic 2....

 

Out of curiosity i just intsalled it , and this version does not have application filtering as far as i can see.The registry monitor seems to only monitor machine run and user run keys......its probably not worth you installing it , however if u want it let me know.

 

i've just started looking for a site to download jammer 2 from, and unfortunately, it looks like they all seem to refer back to agnitum.com where of course, the file doesnt exist any more.

ellison64, thanks for the offer, but you're right. from the second post, it looks like app filtering was the big reason they wante dpeople to purchasee v2

however, this may mean that jammer2 may be on some of these free dvd's tht have been given away. and probably, with the option to "upgrade" to outpost...

 

Psych - I have Jammer here, a clean copy, if you really want it, then PM me with your email address and I'll send it over to you. Keep in mind though, that it is a 30 day trial and will stop working after that, so it's usefulness may be limited. But at least you can check it out...

 

Yes to be honest i dont think its worth installing , and it was discontinued in favour of outpost 1 which is still free by the way.It had a few bugs but im quite fond of that version .(Just dont click update if you install it.)Good luck in your search.
ellison

 

The free Primedius Firewall Lite seems to only have the application control feature enabled. Would this be what you're looking for?

 

I'm using NetVeda Safety.Net just to outbound protection...
The inbound are disabled...

 

NoHolyGrail,

Good suggestion on the Primedius Lite, looks like thats all we need if behind router or using CHX or 8Signs.

Thanks for the suggestion, gonna check it our now.

 

Wasn't Jammer only able to work with Win98, if my memory serves me right?

 

Jammer 2.0 works with 2K but not XP.

 

Tried out the Primedius Firewall Lite but it failed to catch my time sync program NTPTime, which runs as a service and connects out to port 123. Don't know why it doesn't catch that one as it seems to work on other internet traffic, i.e. port 80 stuff with browsers, and email on 110/25.

 

Yep, tried it out, also hung Opera while setting access permission, no good.

 

Thanks for testing it, guys. I also noticed it doesn't seem to be catching services. I was going to ask if it might have simply been built-in permissions for necessary Windows processes...but now it appears to be a bigger hole.

 

On mine, it's either missing services or UDP entirely, not sure which it is. The time sync program uses port 123 UDP and it's also a service. Further testing would be needed to narrow it down more.

 

It's probably worth a mention (since no-one else has yet done so) that the just-released AppDefend beta does offer "network access" control (see the AppDefend v1.000 Public Beta and other threads in the AppDefend forum for more details).