App Control Only Firewall?

Discussion in 'other firewalls' started by psych, Nov 8, 2005.

Thread Status:
Not open for further replies.
  1. psych

    psych Registered Member

    Joined:
    Nov 7, 2005
    Posts:
    9
    on and off reader, first time poster.

    i've been through quite a few firewalls, and have settled on 8signs for quite some time now. it's just so refreshingly simple compred to the bloat of all the majors who seem to be morphing into anti virus/trojan/firewall suites now.
    i prefer to keep it s simple and separate as possible, since the jack of all trades is the master of none.

    i've been using 8signs for quite a while. learning mode on, and just adding entries to set certain ports to be open/closed.

    however i'd love to add some form of application/component control to this.
    ie even though port 80 is open, have application x blocked from sending/recieving through it. or if i find a suspicious application, block it from all network activity till i can determine if its safe. i know appliction control is dubious, sice most firewalls give the web browser free reign over port 80 at least, so if it were hijacked that's you compromised, but surely some control is better than none?

    can anyone recommend something to use in conjunction with 8signs, that is lightweight? or failing that, a lightweight firewall that could meet my needs?

    if that's the case, jetico looks like a suitable candidate to me.
     
  2. Arup

    Arup Guest

    The only true app control minus SPI firewall was Agnitium's Jammer but sadly they have killed that one.
     
  3. psych

    psych Registered Member

    Joined:
    Nov 7, 2005
    Posts:
    9
    does it work well? i'm sure it's still available by "alternate means" not sure about the legalities of doing so though. however if it's not available to buy, they they're not losing out, are they?
    that aside, would you recommend running it in conjuction with 8signs?
    i'm sure a trial verison is still available somewhere.
     
  4. Arup

    Arup Guest

    Works very well, don't know why Agnitum took it off, all you can find now on the net is patched and cracked versions, most of the cracks are infected so watch out. It also had a very good registry protector as well.
     
  5. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    You could go with Look'n'Stop. You can turn off the packet filtering and just use the app control. Personally I like LnS alone, but another packet filter could possibly add better SPI. I've considered going this route just for the heck of it.
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    If you're going to consider the LnS route, then you might as well consider ZA also, as you can turn off the internet filtering completely and just use it as app control also. Either free or ZAP version work well. And the free version is just that, free, so that beats LnS.

    Jammer was the best solution, but as Arup mentions above, all that's available now anywhere are cracked .exe's, most of them infested with viruses and crap. Agnitum had it on their site up till about 3 months or so ago. Sadly, it's just not available anymore in a clean form. Not to mention that even if you did find a clean cracked version, who's to say what the heck it's doing behind your back anyway. So that's not the route to go.
     
  7. FatalChaos

    FatalChaos Registered Member

    Joined:
    Aug 6, 2005
    Posts:
    98
    sounds basically like a something that would get you past trojans/leaktests. Try stuff like ProcessGuard, KIS w/o firewall, Tiny w/ Firewall turned off? If you need something free then just go with antihook free.
     
  8. Velnias

    Velnias Registered Member

    Joined:
    Jul 14, 2004
    Posts:
    32
    You can use Jetico PF fot app control only. Just remove packet filtering.
     
  9. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    I have jammer 1.95 on the january 2002 (185) pcplus super disk , that you would be welcome too if you pm me.Im not exactly sure what operating systems it works on though , as in the htm page it mentions if u like jammer 1.95 to upgrade to jammer 2 which works on all OS (see attached file) any way if you want it let me know.
     
  10. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    I have jammer 1.95 on the january 2002 (185) pcplus super disk , that you would be welcome too if you pm me.Im not exactly sure what operating systems it works on though , as in the htm page it mentions if u like jammer 1.95 to upgrade to jammer 2 which works on all OS (see attached file) any way if you want it let me know.
     

    Attached Files:

  11. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    heres pic 2....
     

    Attached Files:

  12. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Out of curiosity i just intsalled it , and this version does not have application filtering as far as i can see.The registry monitor seems to only monitor machine run and user run keys......its probably not worth you installing it , however if u want it let me know.
     
  13. psych

    psych Registered Member

    Joined:
    Nov 7, 2005
    Posts:
    9
    i've just started looking for a site to download jammer 2 from, and unfortunately, it looks like they all seem to refer back to agnitum.com where of course, the file doesnt exist any more.

    ellison64, thanks for the offer, but you're right. from the second post, it looks like app filtering was the big reason they wante dpeople to purchasee v2 :(

    however, this may mean that jammer2 may be on some of these free dvd's tht have been given away. and probably, with the option to "upgrade" to outpost...
     
  14. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Psych - I have Jammer here, a clean copy, if you really want it, then PM me with your email address and I'll send it over to you. Keep in mind though, that it is a 30 day trial and will stop working after that, so it's usefulness may be limited. But at least you can check it out...
     
  15. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Yes to be honest i dont think its worth installing , and it was discontinued in favour of outpost 1 which is still free by the way.It had a few bugs but im quite fond of that version .(Just dont click update if you install it.)Good luck in your search.
    ellison
     
  16. NoHolyGrail

    NoHolyGrail Registered Member

    Joined:
    Nov 14, 2005
    Posts:
    46
    The free Primedius Firewall Lite seems to only have the application control feature enabled. Would this be what you're looking for?
     
  17. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I'm using NetVeda Safety.Net just to outbound protection...
    The inbound are disabled...
     
  18. Arup

    Arup Guest

    NoHolyGrail,

    Good suggestion on the Primedius Lite, looks like thats all we need if behind router or using CHX or 8Signs.

    Thanks for the suggestion, gonna check it our now.
     
  19. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Wasn't Jammer only able to work with Win98, if my memory serves me right?
     
  20. Arup

    Arup Guest

    Jammer 2.0 works with 2K but not XP.
     
  21. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Tried out the Primedius Firewall Lite but it failed to catch my time sync program NTPTime, which runs as a service and connects out to port 123. Don't know why it doesn't catch that one as it seems to work on other internet traffic, i.e. port 80 stuff with browsers, and email on 110/25.
     
  22. Arup

    Arup Guest

    Yep, tried it out, also hung Opera while setting access permission, no good.
     
  23. NoHolyGrail

    NoHolyGrail Registered Member

    Joined:
    Nov 14, 2005
    Posts:
    46
    Thanks for testing it, guys. I also noticed it doesn't seem to be catching services. I was going to ask if it might have simply been built-in permissions for necessary Windows processes...but now it appears to be a bigger hole.
     
  24. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    On mine, it's either missing services or UDP entirely, not sure which it is. The time sync program uses port 123 UDP and it's also a service. Further testing would be needed to narrow it down more.
     
  25. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    It's probably worth a mention (since no-one else has yet done so) that the just-released AppDefend beta does offer "network access" control (see the AppDefend v1.000 Public Beta and other threads in the AppDefend forum for more details).
     
Loading...
Thread Status:
Not open for further replies.