Best Freeware Personal firewall ?

Thanks for the explanation. Makes sense.

I tried Outpost 4.x last week. Although it looked very nice and I liked the kinds of protection it affords, my computer had serious problems with it -- system freezes, a few BSODs (God, I hate those), and general crankiness. So I uninstalled it.

I'm running NOD32 and also SpySweeper w/ av turned off (both paid). The Outpost I downloaded a month ago just didn't get along with SpSwpr, apparantly. Since I'd already paid for the latter I opted to let Outpost go, even though I liked it very much.

I'm now running Sunbelt Kerio 4.3. No stablitiy probs. It has a HIPS, a NIPS, and a Behavior Blocker -- all stuff that OA, SSM, and other system controllers/protectors have.

One point though: the three Kerio processes combined burns *at least* 30 megs of RAM, and this has gone up to 115 megs when many (~30) tabs are open on my Firefox browser and T-bird is also running.

I guess that's for all the extra-curricular work the entire 4.3 app is doing (packet filtering, network monitoring, system monitoring/protecting, etc.).

My question: I'm using an almost brand new IBM T60p, dual core 2.00 ghz, with 2 gb of RAM. So, I'm not exactly starving for RAM or processor speed. Do you think this SunbltKer 4.3 is a better idea than purely dedicated coverages -- a simple firewall for packet filtering, another app for system monitoring and control, something else for behavior analysis??

I'm definitely going to keep NOD32, and I'm going to keep SpSwpr (but probably not in full-out mode). I also sit behind a D-link (NAT) router, hard-wired, but I do go out on the road a fair amount and use airport and other foreign connections.

What's your recommendation for my system protection from mostly internet-borne malicious vectors??


Sam


//

 

Yep, I'll confirm that. I've got this Sunbelt Kerio 4.3 firewall/system protection app -- because it is much *more* than a simple firewall -- running on my machine.

It starts up using no less than 29 mb of RAM under three separate processes, then it has gone up to over 115 mb when I run Firefox w/ many tabs open, T-bird w/ a big cache of emails, and maybe a few other things.

It is doing *much* more than simple firewall packet-filtering duty; it has a HIPS, a NIPS, and a Behavior blocker -- probably like OA, SSM, and others have, more or less.

My question, though, is: how much total RAM do you people use with *all* your firewall/system monitoring/system controlling apps -- not including anti-virus?? For example, if you run a simple firewall, like LnS or Kerio 2.15, or some other, plus SSM, OA, Cyberhawk, and/or others, how much total RAM are you using for this combined "layered" protection??

This seems to be the bottom line -- how much resource is necessary to get the desired level of protection??

Sam


//

 

I made a recent calculation yesterday.
With avast antivirus (that takes most) and kerio 2.1.5 and SSM 2.0.8.583 free my system takes 32 MB.
That was only a snapshot, since avast at times consumes RAM as it pleases, but not often. Above is the usual normal status.

I excluded SnoopFree since I uninstalled it after having found a conflict that may be not so serious with partmgr.sys in these wilders thread. Might add it back and then 4.4 MB more.

EDIT
Without antivirus, 15 MB or less.
I did try Sunbelt Kerio a few months ago, maybe 3. It did not take anywhere 100 MB, more like 35 MB, but it was unstable for me and unreliable in logging and alerts among other things. Maybe cause it was unstable for me, I never saw the memory usage grow as high, until BSOD and uninstall.

 

Curious about you system: how many mb of memory? cpu speed?

I have a theory that apps check to see how much system memory is available, and if there is a lot, the apps will access it; if there is less, they won't but (perhaps) page some of their usage onto the hard drive (?? Does this sound plausible??)

Sam

//

 

Well, I think avast uses at times memory available more. And if not available, could be satisfied with lerss. Some apps like firewalls are more steady, excluding your notorious Kerio 4, lol.

I have 512 MB ram, 2400 mhz amd athlon cpu.

 

If one is behind a router, GeSWALL combined with a good AV like KAV, Active Virus Shield, Avast, Nod etc. should be good enough protection.

 

People don't say good things about that "firewall"

 

I tried Geswall but it is hard to configure...It functions differently compared to others and for a novice users this will be hard for them...

 

Hello,
I would suggest Sygate.
Mrk

 

GeSWall is not hard to configure. In fact, you don't need to configure. Just read what they have to say on the website and the manual, and you'll see what i mean. And you won't read too much, don't worry on wasting time. It will be quick.

 

it wasn't so stable for me
with Kerio 2.15 no problemo

 

I like Sygate and still use it on two of my machines.

 

I wonder if that has to do with what apps and open connections you/anyone has at a given time.

For example, when I used Ker 4.3, at start up the three processes use about 7, 8, and 11 mb -- total about 26 mb. But when I open my email and web browsers, the total mb usage climbs steadily. With imap (one account) and pop (four accounts) open, and with twenty or so tabs open in my web browser, Kerio is using up 32, 37, and 46 mb of RAM.

She ran stable as a rock, but resource usage was way high.

I tried Comodo for the 2nd time, and with less restrictive settings on packet inspections my browsing speed was fine.

Then after reading about Jetico and seeing its results on the Firewalker test site, I decided to give it a whirl. So far so good. I haven't done much tweaking, but I set the default at "optimal protection" -- I hope that means what it says!!



Now I guess I've got to learn about making rules. (But *time* is an issue there.)

 

I tried Comodo Firewall and it didnt like AVG which I dont want to change.

 

with all do respect, I dont get Kerio 2.1.5, why ppl using something that its maker doesnt support it anymore.

 

Hello,

Why do you need official support? You still have forums all over the place where you can get help for any which product.

About RAM usage: Does it really matter if a program uses 15 or 25MB? In most cases, people today have at least 512MB but most likely 1024MB or more. So, using 1-5% of RAM is not that much, is it?

Mrk

 

People use those kind of basic packet filters cause they are simple and flexible. Time has also tested them and their faults are generally known. After kerio 2.1.5, there came that added feature, 'application behaviour blocking'.
It is a feature belonging to HIPS department. Causing possible conflicts with other HIPS like SSM or PG.

I can understand some people wanting a security suite, all in one program. But I don't like that trend. Makes programs imcompatible to run with each other, needs to stick to just one suite that never contains best pssible components. Or the freedom of choice. Or are just bloat.

In some extent memory usage is not an important matter, but it can show a sloppy design, memory leaks etc, as might be the case with Kerio 4.
I started to follow the threads when it was first Kerio 3 a short while as beta, then the memory usage grew in 4, always pushed new versions, and always the memory usage i think has grown.

Adding a new feature may also downgrade a product, as happened with Sygate. They tried to add XP SP2 security center recognization and pushed spf 5.6 free, never as pro. I have myself seen that as a firewall service should start before a user logs in, it did not with that beta. Avast network shield gave me an alert.
So a totally good quite basic packet filter was ruined and pushed out as a last offer that there still is available. One should have just been there and read all the negative remarks about spf 5.6 free.

So there is a very good reason to stick to old and goldies, if they do their job as expected. In a way a new version of a security product is always beta until it has been tested by a wide public user base. There are demands from users to keep security software makers to push out new program versions. And negative remarks if not, might be a case with PG or then something else. My point is just that latest is just not sometimes the "best" thing to use.

XP patched and antivirus updated, of course.

About leaktest passer suites:
Jetico 1.0 is not a complete firewall, needs a router since there is no firewall service. Gets reboot onto login screen by some reason, unprotected !
Comodo. Unintuitive GUI and rule making, logging not good, mostly a black box. Too many features and possible conflicts with HIPS's.
Never tried OP, but suffers from bloat too, IMO of course. Don't like suits.

To Mrkvonic:
Sygate still is a very good firewall if you are not running any local proxy software. Many antiviruses scan web traffic as a proxy, also more wide proxy software like proxomitron. And my comment for spf 5.6 being a bad relase stands.
SPF has 'antiapplication hijacking', meaning asking when another program than explorer.exe wanting to start an internet connecting application. But that feature is lost as all others for asking about outbound connections if ANY local proxy. First that local proxy needs to be allowed by you to internet, but after that the outbound protection is sort of lost, leaves only the logging from that proxy.
That thing could be taken care of somehow with a software HIPS like SSM free.
Sygate has also had for years a feature, 'DLL authentication'. I never liked it, cause too much noice in asking popups, but it basically asks if ANY DLL is to be downloaded from web to your browser etc or not.
Only there were no rules to edit. Suitable only to really paranoid surfers!
Works also I think even with local proxies.
SSM free does only ask for if something wants to hook windows, those DLL's, nothing more. So in a sense Sygate's one is more advanced, but to me it was too noisy, no more information given and only asking if a program is allowed to use that dll for you to answer your decision.

Still I wonder about msctf.dll since I have no ms office programs installed and it wants to hook for almost every program I run. It is now allowed in SSM, cause being tired of the popups.

I like kerio 2.1.5 as a packet filter very much, more than SPF, so no turning back I think to Sygate. https://www.wilderssecurity.com/showpost.php?p=826112&postcount=4
Anyways a firewall for me has to have no HIPS features, as I like to add them on my own

 

The setup that you have is more than sufficient to protect you against internet baddies imo. Sunbelt kerio firewall is very good imo, its easy to use and does its job well, if you've paid for it then use it.
I have a dell inspiron dual core 1.8ghz / 1gig ram running outpost 4, nod32, ghost security suite and ca antispyware 9 and it still runs very nicely, total ram usage for these apps would be somewhere around 80mb normally which is no problem for my setup. I also have a paid subscription to spysweeper but like you i noticed it had some conflicts with outpost so i removed it.