Do I need to say goodbye to Sygate PFP?

Discussion in 'other firewalls' started by zoso, Aug 9, 2006.

Thread Status:
Not open for further replies.
  1. zoso

    zoso Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    18
    Hi there

    I've been running Sygate Personal Firewall Pro for literally years now without any known problems, although only having a basic knowledge of potential leaks, I appreciate that ignorance is bliss!

    Is there any reason why I should consider removing this and change to Comodo or Jetico, both of which I seem to have read good things about? In short, does Sygate do everything the competitors do or not?

    Any replies would be appreciated.

    Thanks!
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    well Sygate is a application-based firewall, which grants or denies complete internet access to an application. many other firewalls like outpost and kah are rules-based and let u restrict applications to certain ports, protocols, outbound/inbound, ip, etc. this increases security a bit.

    also, sygate lacks many HIPS type features found in firewalls like jetico or zonealarm pro. if passing leaktests is important to you, then u should look for a different firewall or consider using a separate HIPS.
     
  3. zoso

    zoso Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    18
    Hi and thanks for your help.

    I am a single home user with Broadband and that's it. Do you think I would have need of a rules-based rather than application-based firewall?

    Also, do I need to worry about leak tests with Sygate - I'd always thought it was pretty secure in that area anyway?

    Thanks again!
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    its a personal preference. as long as your computer is stealthed that should be good enough.
    again its a personal preference.

    if u already have a separate HIPS like prevx1, processguard, or appdefend then u should be ok.

    even without HIPS, if u surf safely, a good firewall and antivirus should be sufficient.
     
  5. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,521
    Location:
    USA - Back in a real State in time for a real Pres
    No. Absolutely not. I'm running Sygate Personal Firewall version 5.5 b2710. Tested & it's in stealth mode. SPF is a trouble free, dependable part of my multi-layered security setup.
     
  6. zoso

    zoso Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    18
    That's great guys, you've given me the confidence to stay put.

    Thanks again!
     
  7. lasu

    lasu Registered Member

    Joined:
    Mar 19, 2005
    Posts:
    43
    hi zoso,
    just my 2 cents worth.
    ive used spf for yrs but switched to kerio 2.1.5 not too long ago, with help from the mods here, but the other puter here still has spf and ive added System Safety Monitor as suggested here in this fw section. (ive looked for the thread but cant find it for a link, sorry). so far i like ssm w/spf. no drag on resources and no difference in bootup time. its abit of a learning curve but not too hard IMHO.
    all of this is as WSFuser said, personal preference. what ever you feel comfortable with;-).

    L
     
  8. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Signed, agreed etc. Works really well, even if it is the free version :)
     
  9. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    I think Sygate is still a good and acceptable Firewall. ;)
     
  10. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    If you just normally browse and use an email client, skype in internet etc., using SPF free with an antivirus and maybe spywareblaster immunization should be just fine.

    If you install a lots of games/programs from various sources, maybe a simple packet filter firewall then not enough.

    I run a light setup, SPF 5.5 or kerio 2.1.5 (not installed at same time!) with an Avast antivirus as resident running security programs only.
    I wrote a little chapter to my sygate guide about local proxies:
    http://www.kotiposti.net/string/SPF_eng/SPFGuide.html

    One has to also go to some lengths with kerio 2.1.5 to exclude a local proxy hole while still having loopback enabled for all the programs:
    http://www.dslreports.com/forum/remark,16592654~mode=flat

    I have been thinking of trying SSM or like, but I had not so good experience with Antihook. All maybe for my oversensitive CPU :p Most people don't need too much security, but bliss is an ignorance is not for me.

    Anyways, Kerio 4 was a BIG disappoinment. Tried 2 times/versions, both it was lacking in response. No log same time as rule window, logging response failed to log all I put it to do and should have done. BSODs

    Some might find a good fw with never ones.

    But I stick to the old and trusteds, SPF or kerio 2.1.5. Last one not for someone not wanting to get more close with packet handling, as it is a pure rule based fw, Sygate allows them also with advanced rules, but clumsy. But as an application based packet filter with some extras it is a good one. And you have a pro version i think, so it has some added protection for IM chats spoofing etc., nevermind if the IDS is not updated.
     
    Last edited: Aug 10, 2006
  11. zoso

    zoso Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    18
    Guys - thanks again for your input.

    Jarmo - I'm checking out your Sygate info, thanks a lot.
     
  12. pcalvert

    pcalvert Registered Member

    Joined:
    May 21, 2005
    Posts:
    203
    I have used Sygate Personal Firewall, and it's decent. However, its default behavior is to automatically give server rights to all applications that you allow. It's a bad practice, and it's why I've decided not to use that firewall any longer. Sure, you can always can go in later and disable it, but it's a bit of a nuisance. The worst thing about this behavior is that the average user won't bother (or won't know) to go in and disable server rights for things that don't need it.

    Phil
     
  13. zoso

    zoso Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    18
    Thanks for your input. I discovered from a third party yesterday that it's possible for a screensaver (.scr) file to 'phone home' - I'd always assumed that only .exe files were able to do that.

    If he's right, this effectively means that I have to go Advanced settings and create a rule for all the other kinds of files for all my programs, which will take ages.

    Is he right?
     
  14. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    Very well written Phil, I agree with you 100%. It is a total nuisance to always have to go and untick 'Act as Server'.

    Zoso, I am not sure about that since I have never downloaded screensavers and also they are many times malware.
    You could be a "guinea pig" and install processguard free. I really think it will work well with Sygate and provide a more strict application control. I run it currently with kerio 2.1.5 and it works nice with it. Since Sygate has no HIPS, it should work just fine ;)
     
  15. zoso

    zoso Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    18
    Jarmo - thanks for your help, I'll check it out.
     
Loading...
Thread Status:
Not open for further replies.