DefenseWall's inbound/outbound firewall any good?

Discussion in 'other firewalls' started by CoolWebSearch, Jan 22, 2013.

Thread Status:
Not open for further replies.
  1. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    Can it replace all standard firewalls like ZoneAlarm, Outpost Pro, Jetico, Comodo and provide equal inbound/outbound protection for my computer?

    Does it close and stealth all ports?
    What about GesWall, can it do it?
     
  2. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    stealthing ports is just a marketing gimmick...as long as they are closed.
    I always thought defensewall was a HIPS and not a firewall although i maybe wrong.:eek:
     
  3. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,695
    Location:
    Zagreb, Croatia
    http://www.softsphere.com/

    There are two editions: first one comes with a firewall and the second one is "traditional" DW as we know it.
     
  4. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Geswall cannot. It's not a firewall.
    Here is a quote from Defensewall site.
    "Inbound Firewall protection of DefenseWall works as follows: it considers a listening port of a trusted process as a potential source of attack and therefore blocks it. Only "untrusted" processes are allowed to be connected outside. In case of an inbound attack, an attacker is routed to the sandbox. In the corporate environment, DefenseWall automatically opens ports 445, 136, 137, 138, and 139. However, the untrusted processes can't connect to these ports. All of this minimizes potential harm from the malicous code being spread by exploits. If you have a HTTP/FTP/SMTP/proxy server, they should be added to the untrusted applications list as a potential source for vulnerability exploitation and thus a source of infection."
    So I don't believe it "stealth" ports but does block and route Inbound and Outbound traffic.
    As we talked about this before, I would consider DefenseWall since it is actively supported and updated.
     
  5. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    Well, tell that to Kees, he just doesn't think DefenseWall is more secure even though, GesWall is outdated. However, I have to mention that DefenseWall does provide more complete protection than GesWall, but also I'd dare to say it does provide even more complete protection that Sandboxie as well, although I used SBIE for a very long time.
    Kees says that GesWall is specialized for Windows-NT systems (XP).
    I don't know if SBIE has any "firewall" functions and can it rival standard firewall functions...
     
  6. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    I'm not saying that kees is wrong, he knows infinitely more than I do. All I'm saying is that If I was choosing one over the other I would choose DefenseWall. Looking back at some of MRG's testing, DefenseWall passed everytime. I hate to quote tests but DefenseWall is very strong and still being developed.
    SBIE doesn't have any firewall functions. It's a sandboxing program. It isolates programs from the main system. You can start internet facing programs and restrict their access.
    All I can say at this point is try Geswall and see how you like it. You can ask 20 different experts questions and get 20 different answers. The last person that decides how it runs is you.
     
  7. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    You're right, no hard feelings, ok? But one thing bothers me, can GesWall protect computer from infected removable drives or not, or I should use outbound firewall protection?
    My main problem is I'm looking for the needle in the haystack, this is I'm very annoying person, I admit this.
     
  8. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    You're not annoying and no reason to apologize. Your just determined to find the right match for you needs. If anyone can sympathize its me. I'm not 100% sure but I think you can untrust drives, whichever your USB might be.
    Do you have the paid version of sandboxie? If you do then you can sandbox all your drives from E: down to drive Z:, isolating any USB devices.
    If you need outbound protection and just want to keep things light, take a look at the windows firewall control thread in Other Firewalls.
     
  9. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Yes, it can. With minimum number of popup windows.

    DefenseWall do not stealth ports, it's a marketing crap. And it do no close all the ports. It open ones that belongs to untrusted processes as an attacker, in case of successful penetration trough open port just puts into untrusted zone restrictions (in Adaptive Automatic protection mode).
     
  10. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    Big thanks for your answer, Ilya. It's good to see you here.
     
  11. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    Ilya, I need your help about something, it's always impossible for me to see the distinction between DefenseWall HIPS and DefenseWall Firewall, I tried both, and I couldn't see the difference I mean in both versions you have inbound/outbound firewall and HIPS shown.

    So if I want to surf the internet without any other inbound protection, would I make a mistake if I install DefenseWall HIPS? I mean it seems to me whenever I use either of these products I can't tell the difference between firewall and HIPS?
    Would I make a mistake if I install and use both?
     
  12. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    Just for the record, that reason why I'm so persistent is because I have 3 computers, 2 are old one is fresh new with windows 8, on this new I have DefenseWall installed to protect me, the second computer has a router firewall plus windows xp firewall (the one that I try to find a solution for it) is for my family, no pop ups needed, and the third is just for testing, that computer is used only once in a week, even less.

    The main problem is with the family's computer, they hate pop ups, but I think I'm very close to solution, I'd use only Sandboxie and disabling auto-runs for all removable drives is the solution for protection from infected removable drives, of course I did disable auto-runs before this.

    I'd use DefenseWall for my family, but inbound protection is totally unnecessary since it has router's firewall, so Sandboxie is the solution for infected removable drives.

    The only thing that really tortures me if I want to install Malware Defender (not the Strong Malware Defender which is rogue antispyware program, I almost had a heart attack when I found about this), but since Malware Defender has a firewall should I need to turn off Windows XP firewall, so that I can avoid conflicts between 2 firewalls?

    And how much resources does it consume?
     
  13. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi

    The first step for security before thinking of any av/hips/firewall is SYSTEM HARDENING (registry, TCP/IP stack, system files, services etc.).
    For instance, Teredo tunneling has been eneabled by default on most Windows versions
    http://technet.microsoft.com/fr-fr/library/cc722030(v=ws.10).aspx
    This is just an example of default settings...
    Less career opportunities for threats (mostly malwares) begins by mitigating potential security risks.

    DefenseWall with or without firewall provides a high level of security with a minimum of user interaction...and is always an excellent choice.
    It would be more interesting to use a protocol analyser/sniffer, instead of looking for the Graal of firewalls.
    It has been demonstrated by some malwares that they can use their own TCP/IP stack, and communicate via covert/encrypted channels that bypass most modern firewalls.
    Prevention by system hardening or /and HIPS is more important than detection by the firewall or the sniffer.

    Rgds
     
  14. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    That's strange, there should be no network connections control support for HIPS edition.

    What do you mean with "any other inbound protection"? Other of built-in into OS one?

    You can't install both, It's one product with different editions.
     
  15. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,211
    I forgot to mention that on this old computer I'm behind router that's what I meant by "any other inbound protection", but I use DefenseWall Firewall for my new computer where there is no router protection just Windows inbound firewall, I'll take your word that DefenseWall Firewall is equally good as other firewalls-I don't see any reason why it wouldn't be.
    I'll stick with DefenseWall personal firewall, just in case.

    I presume that Windows 8 firewall works well with DefenseWall firewall?

    P.S.: Regarding the distinction between Defense HIPS and firewall, I might be overlooking something, but every time I uninstall and reinstall new version of DefenseWall HIPS, I disable its HIPS, including both inbound and outbound firewall before I uninstall it. so how come DefenseWall HIPS is also a firewall?

    I don't know why is that? I thought DefenseWall HIPS should not have built-in firewall?
    Well, if you don't believe me you can try it (I did this last week, and I was a bit confused I have to admit), but most likely I'm missing something, it hard for me to say exactly what it is.
    But that's nothing to worry about, at least for me, on webpage it's says you can either download DefenseWall HIPS or DefenseWall Firewall, I decided the second choice.
    It really isn't issue if you ask me (but like I said I am most likely overlooking something).
    Cheers.
     
  16. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    It's no need to take my word. Just download any reliable test kit (from Matousec for 32 bit apps, for instance) and see the results by your own eyes.

    Yes, that's correct.

    Yes, it should has their network connections control functionality switched off, but the way it's working (with or without network connections control) depends on type of license also. If you have a license key for PF edition, even if you install HIPS one, DW will be working with network control on, as PF edition.
     
  17. wrathchild

    wrathchild Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    170
    Location:
    Neoplantesis
    @Ilya

    Did DefenseWall filtering packets? Is it fully configurable packet filtering firewall?
     
  18. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    No, DefenseWall controls network connections only.
     
  19. arsenaloyal

    arsenaloyal Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    507
    Ok, Is packet filtering planned for a future version on the firewall edition then ?
     
  20. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Nope. I see no reasons in this functionality. This won't save people from getting infected with malware. Currently, only migrating to x64 is in the plans.
     
  21. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    617
    Location:
    Wembley, London
    :thumb: I for one am liking this news!
     
  22. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,915
    Any progress?
     
  23. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    I have a clear plan on what should be done there. Resources are in need...
     
  24. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,695
    Location:
    Zagreb, Croatia
    Don't you have some cousin in one of many oil companies there?
    :D
     
  25. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    Best of luck with your plans.Hope it all works out,:thumb:
     
Loading...
Thread Status:
Not open for further replies.