Firewall support

Discussion in 'other firewalls' started by djg05, Apr 17, 2005.

Thread Status:
Not open for further replies.
  1. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    I have been trying out various firewalls to find a replacement for Kerio 2.1.5. So far LnS seems to be favourite but looking at their support forum there seems to be little input from the developers and appears to down to one volunteer to support it.

    Reading around there are faults with it that have not been addressed as yet. On the other hand Jetico seems much more willing to get their program running from others I have spoken to.

    What do others think?

    Please do not move this to LnS forum for the reasons stated above.
     
  2. Arup

    Arup Guest

    Jetico is very good with support but still has issues yet to be resolved, why not check out Sygate as well, if you are not running a proxy, it is an excellent alternative, has good SPI and many other features as well.
     
  3. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    well... Jetico people haven't replied to me once, and I've mailed them twice over the same problem...
    plus the firewall has so many problems and the developers seem to relish creating difficulties for novices... waay too many problems have been noticed... almost every second user has a different roblem, and the solutions are either NOT forthcoming, or related to obscure tricks or weird conflicts.
    Kerio 4.1.3 is a possible solution... slightly heavy though.
    But undoubtedly, outpost has the best support... www.outpostfirewall.com is a volunteer run service where the developers lurk around.
     
  4. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Just exactly what is wrong with Kerio 2.15? The support for it is good over at DSLR. Jetico is not finished yet. The latest version of Outpost has issues, prior versions caused some users BSOD's. Many posters over at DSLR continue to report troubles with Kerio 4.x.

    IMO, LnS has reasonably good support. From reading its support forum, a number of important issues are being addressed with beta drivers, which is much to the credit of the developers. I would feel better about it if these improvements made it into a release version. The design is unusual and you may, or may not, like it.

    I have seen some favorable comments around here regarding Netveda, a free firewall. The widely used Zone Alarm also works quite well, even if it has a bunch of useless junk thrown in with it. Just turn the extra stuff off and forget about trying to make advanced rules.

    Yeah, I'm back, and its a hack....
     
  5. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    I tried Sygate some time ago and I dumped it because of their loopback rule. From what I have heard it is stiil there.
    To clarify - if you use a local proxy then any program using that proxy has carte blanche access - no checks are made.
     
  6. Arup

    Arup Guest

    As I said, if not running proxy, only then, Sygate becomes a very good option with no surprises.
     
  7. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Just think that Kerio is a bit old now and maybe not so effective against new nasties.

    Jetico looks interesting and I think worth watching.

    Outpost - expensive and yearly licences

    LnS - don't know. Read elsewhere by a poster here that it still had issues to resovle which were not being looked at. Also their support on issues I have have not had any response from support and remain as problems, so I may have to abandon it.

    Netvada - don't know

    Zone Alarm. Tried early versions of it and got rid of it a long time ago.
     
  8. Give NetVeda a spin.....I've used it for a few weeks now...and no problems
    They have a online forum....and from what I've heard quick email responses.
    Arub uses it on his wife's machine I believe...also Clansman seemed happy
    with it.

    It's application control is quite good...and has many many features for a free
    FW.
     
  9. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Is the Safety Net & Safety Net Pro the same apart from the ' Report distribution to email account' or are there differences in the engine etc?
     
  10. As far as I know....they are the same...except for what you noted.

    It is pretty much ready to go out of the box....But take your time exploring
    it, and its features...as there is many of them.

    I feel the app control is right up there with the big boys.

    You get the choice of ...deny always...deny once...or deny always.
    that way...if you deny once, you can check online or in forums to allow or not.
     
  11. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Just to clarify here, there are no annual licence fees with Outpost. What you get instead are free upgrades for a year after purchase (and if you wish upgrade after this period, you can get a 50% discount for a further year). Outpost will continue working regardless of how old your licence is.

    As for expensive, try taking a look at Tiny's prices :) (though you do get a lot of other functionality thrown in with it). Note that you can get discounts on Outpost if you shop around and a few have been mentioned at the Outpost forum.
     
  12. clansman77

    clansman77 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    234
    Location:
    kochi,kerala,india
    yes i too second that netveda is very good indeed for a free firewall.right upto the big guys.as jw stated very good app control ,good filters,and out of box protection..
    the only glitch that i find is trhe interface needs lil tinkering to gets used to.u can do things in diff ways,and the interface is diff from most of the firewalls..
    try it you may like it..for me its a keeper..
     
  13. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Yes - apologies - take your point - read too quickly
     
  14. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Yes, Outpost will keep working, unless Microsoft manages to break it, and who knows what else, with the next service pack. So, there is a chance you might have to pay for Outpost and any other software with a similar licensing policy, again. Unfortunately, the more restrictive policies are proliferating.
     
  15. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Thanks

    Just installed it. See what you mean about the interface but you can find your way around it.

    Just tried
    http://www.diamondcs.com.au/index.php?page=apt
    to try and stop it and it survived all those attempts. Tried ShieldsUp then remembered that it all stops at the router firewall.

    I can at least now access my other computer without any messing around.
     
  16. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Can you elaborate on that? A port is either blocked or not. What new nasties are you referring to?

    thanks,

    ---
    Rmus
     
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,780
    If you want to keep updating to the latest version of Outpost, which is what most firewall owners want to do, then the chances are extremely good that you will be paying for it annually.. ;)
     
  18. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    I have been trying out Netveda and been looking at the tests here at
    http://www.firewallleaktester.com/

    It passed no 1 and failed nos 2 - 6. Didn't try anymore

    Put Kerio back and it passed those but failed no. 7 options 1, 2, 4, 5, 6
    http://www.firewallleaktester.com/leaktest7.htm

    Which is why I say I think Kerio ver 2 is getting old.

    I suppose it all depends how feasable those exploits are.
     
  19. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    djg05-

    If you are worried about leaks, then you should consider that a trojan could install a communications driver that would bypass any firewall. Just my take on how myopic leak testing is.

    Several of the guru's around here have said that all outbound application control is good for is preventing known applications from communicating out when you do not want them to. Leak testing is focused on unknown applications masquerading as known applications.

    This may be a minority position around here, but it is the accepted practice on the vast majority of all business networks to use firewalls that are not application aware, at lest not in the sense that leak testing is contemplating.
     
  20. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    It is a point of view and one that I am not able to make a judgement of. As far as trojans are concerned I have BOClean.

    I think you have to be aware of the possible threats out there and make your m/c as safe as you can. Of course it will never be totally safe.
     
  21. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    You are 110% correct.
     
  22. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I see your point.

    Feasible if they get into your system.

    I see that none of the firewalls passed all of those tests. And when one eventually does, someone will find another exploit to thwart it.

    I have to agree with Diver: "This may be a minority position around here, but it is the accepted practice on the vast majority of all business networks to use firewalls that are not application aware, at lest not in the sense that leak testing is contemplating."

    And his quote from Machiavelli:

    --------------------------
    Only those defenses are good, certain and durable, which depend on yourself alone and your own ability.
    ---------------------------

    has been my first line of defense for years.

    ---
    Rmus
     
  23. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    This is because business networks:
    1. can counter malware by locking down PC configuration (via group policies) to prevent any new software installation;
    2. seek to minimise support and maintenance costs by avoiding programs that may require user feedback (e.g. a "Should this application be allowed access?" prompt) or configuration updates after Windows patches.
    This not only applies to application-filtering firewalls but to other security software like registry or process monitors.

    For home users the situation is different so other approaches to system security are more suitable.
     
  24. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Fellow Creatures,
    There is a precentage of us who have the Lifetime license upgrade on OutPost, which solves the got to pay all the time problem. But the point is well made who knows if it will work with LongHorn or not. :(

    I am still contemplating NetVida to replace expiring Norton PFW 2004 myself on other machine.

    Diver is making some head way with me, paying for firewalls is really kind of a waste of $$ if you are behind a FW router and just want some application control. Get the free ones. ;) Oh, by the way by all means get a real time trojan killer. BoClean is my choice too. A must imo. :)
     
  25. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,780
    Didn't think of that mercurie.. quite true.
     
Loading...
Thread Status:
Not open for further replies.