Better Inbound Protection

Discussion in 'other firewalls' started by glentrino2duo, Jun 17, 2006.

Thread Status:
Not open for further replies.
  1. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    Jetico or CHX-I
    Which of the two offers better INBOUND protection?
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    If configured fully/correctly, (personal opinion) I would say CHX-I
     
  3. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    I second that, CHX-I is incredible at inbound filtering.

    Alphalutra1
     
  4. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    Thanks! I think I'm going the INBOUND only firewall route. I like Jetico for it's great application rule-based filtering but if I could have a great INBOUND protection, IMHO, I have not have that much of a need for an OUTBOUND firewall. "The best offense is the best defense" :)

    Stem and Alphalutra1, could you kindly take a look at my other post regarding CHX-I setup: https://www.wilderssecurity.com/showthread.php?t=135736
     
  5. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Jetico is very powerful, lite on resources and have a very good application control, but I think that none other firewall have the power of the CHX for inbound...

    On this area you can't think like that!

    Even if you have your inbound completely stealth, you could have problems if you allow every program on outbound...
     
  6. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    So, can I use Jetico for outbound only?
     
  7. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Yes you can, but you have to disable the Network packet filter.

    Stem is the right man to help you to do that on Jetico... ;)

    You can also try the great AppDefend.
     
  8. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    Sorry, I forgot to mention that I'm only looking into free softwares... :)
     
  9. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Comodo Personal Firewall seems to have a great future, but I don't know if we can disable its inbound protection...
     
  10. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    I've tried Comodo. I like it overall but it can get unstable at times, at least, in my machine. I like the stability that Jetico gives me but from what I can see, CHX-I offers the best inbound protection possible. I guess you're right that it's also a good security practice to have an application control which Jetico offers in a great way, and easy on resources also. Actually, while I'm still deciding on this, right now, I have them both. Seems to be no problem but I know I should turn off the Network packet filter of Jetico to avoid future conflicts. But how? :)
     
  11. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I'm not using Jetico, so you have to wait for the Stem help... ;)
     
  12. Melih-Comodo

    Melih-Comodo Former Poster

    Joined:
    May 10, 2006
    Posts:
    70
    Glentium

    Can you pls help us identify the problems that led to the instability you had in your machine so that we can fix it pls

    thanks
    Melih
     
  13. dukebluedevil

    dukebluedevil Registered Member

    Joined:
    Sep 14, 2002
    Posts:
    177
    To setup Jetico firewall working only for application filtering and have another tool for packet filtering such as CHX-I. You have to remove JP Firewall packet filtering driver bc_filter.sys from Windows system directory (for example, for Windows 2000/XP it is WINDOWS/System32/Drivers) and then put it some where else for safe keeping just in case you want to restore it in the future.
     
  14. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    I wish I could and would be glad to do so but I don't remember the exact details as I've been using Jetico for more than a week now. I do recall though that when I tried running certain programs, the usual dialog box asking whether I want to allow it or not would hang and I can't even move my mouse or is not moving smoothly on the screen and the keyboard is not working. It would take several minutes before the system regains 'composure' and I can move the mouse but most of the time I had to pull the plug to restart the computer.. :( On some occassions, since I leave the computer overnight (I don't even turn it off for days at a time), I just find the computer restarted. I guess a BSOD happened while I'm gone... BTW, it's a fresh install of Windows XP. But I believe it's a promising firewall. I would not mind considering again in the future.

    @dbd:
    Thanks! Will try that ASAP... :)
     
  15. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,186
    I wonder why you say that?
    I mean, for inbound protection, any firewall would do?
    Why is CHX-I better than others?
     
  16. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    How about the built-in Windows XP/sp2 firewall...:rolleyes: :cautious: is it also a very good inbound protection if coupled with ProcessGuard to protect it from possible termination/modifications? o_O :ninja:
     
  17. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    As the question was a choice between "Jetico" and "CHX-I", I chose CHX-I.
    Jetico has very good inbound protection, due to its TCP/IP filtering. CHX-I extends to this by adding rules for Payload/trigger events, conditional/Scheduled filters etc.
     
  18. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,186
    Nothing to say something real is added to inbound protection, just features that don't mean a thing?
    So can you say CHX-I really protects better than other firewalls?
     
  19. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    One advantage of CHX, that is also a disadvantage, is the fact that is not an application based firewall.

    It's more configurable than any other firewall, extremely fast, but has some security problems like it can be easily disable if you are an admin account.

    One thing that I don’t like in CHX, is the fact that if you have to a rule to allow a port, that port will never be stealth…

    I’m trying to make a plugin for it, to detects when the services of CHX are disabled, but now I don’t have much time for that…

    I’m also waiting for the new version of Jetico PF and a more stable Comodo PF(with a new installer).
     
  20. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    They may mean nothing to you, but this thread is not about your understanding of TCP/IP filters.
    Stay on topic
     
  21. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    Thanks everyone for all the information and assistance..

    @Melih-Comodo
    BTW, I did install Comodo, along with Cyberhawk, two weeks ago to a friend's computer (he's on dial-up). I chose Comodo-Cyberhawk combo because IMO are more user friendly for the ordinary home user. He doesn't seem to have a problem. My only complaint is that, on setup it tries to connect to the internet to download a file for the installer (oh, did I say he's on dial-up?) which I think is not good because I don't want to connect to the internet without a firewall installed. I think it's quite unusual because most firewalls can be installed offline.

    Now back to my topic: :)
    I haven't got the time to test Jetico (w/o network filter), as my application control, and CHX-I, for inbound, combo but will do that within the week...
     
Thread Status:
Not open for further replies.