Firewall with ip ranges blocking

Discussion in 'other firewalls' started by trott3r, Jul 11, 2010.

Thread Status:
Not open for further replies.
  1. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    Hello,

    I have been trawling the forums to try and find a firewall that does ip range blocking with notification that auto disappears.

    So far i have tried:

    1) private firewall july 2010 no ip range blocking available (only single address)

    2) Online armour freejuly 2010 no ip blocking at all

    3)online armour paid for July 2010 =ip blocking range but no notfication

    4) kerio v4 july 2010 ip blocking ranges flakey? some work others dont? but NO auto disappear of notification


    5) sunbelt personel firewall same as kerio

    6) osss_security_suite_1_5 no range ip blocking

    7) LooknStop_Setup_207_VC2005.exe notification does not auto disappear

    :cool: DefenseWall_Personal_Firewall_v3_03.exe more of an application based firewall no ip addresses available

    9) ghostwall_setup.exe no ip range only 1 ip at a time

    10) iolo personel firewall no ip range blocking for all programs

    11) Zone alarm pro ip ranges=YES notificaion=YES notification timout/disappear=NO :(


    If i have got some of the above wrong please mention it since it can be difficult to figure out a new gui.

    So the main problem seems to be the lack of a feature which allows the notification to disappear after say 10 secs. Zone alarm for instance just stick around until you close it. BTW kis7 worked the way i wanted it but kaspersky will not allow me to downgrade my 2010 key to kis7 like it did last year so its now expired.

    Any other firewalls i might have missed then?

    thanks for your time

    Martin N
     
  2. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    What about running PeerBlock alongside your firewall of choice?

    It shouldn't interfere with your firewall (runs fine with OA at least) and either blinks in system tray or otherwise notifies you when blocking an ip. It's freeware although some of the block lists for it are not.
     
  3. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    As it goes i have been doing that but i keep hitting the enable/disable button by accident to only realise 30mins later that i have been unprotected.

    Thats why i want to add some of the primary baddies to a firewall as well gradually.

    I also like to be informed of things like "Malicious Software "MyDoom" Ports" been attacked by certain website or through other software. I do know that i am protected by windows security patches but its good to be informed if a website is bad.

    thanks for your time

    Martin
     
  4. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    @Martin

    Outpost Firewall Pro has the functionality that you are seeking (the pop-up disappears after a few seconds).


    Panagiotis
     
  5. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK

    Thats interesting i did try the 2009 pro version of outpost but couldnt not get it to notify me.
    Have you used this feature yourself?

    Either i have come across a bug or the way i set it up and tested it didnt work.

    thanks

    Martin N
     
  6. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    -If I remember correctly in 2009 v6.7.x it alerted, with a popup but was not always clear, if it was because of the ip blocklist or by the attack detection.

    -Yes, I tested it and works fine.

    -In version 7 the alert feature for the ip blocklist is enabled by default (but can be easily disabled). When enabled gives a popup for each ip block event. The popup remains for 5 seconds and then closes automatically.

    Panagiotis
     
  7. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK

    got it working now so it must have been me :(

    In version 7 are you saying it descriminates between whether the block alert was due to the ip blocklist or the attack detection list?

    It would be good if there was the ability to have a number of separate lists that can be checked on or off rather than one big list.

    thanks for your time

    Martin N
     
  8. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,572
    Yes, the alerts and the log entries are different for ip blocklist and attack detection list.
    Are you talking about multiple ip blocklists? It would be possible for Agnitum to add such a feature but it will have as a result higher ram and cpu usage from outpost.
    You are welcome. :)

    Panagiotis
     
  9. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    Yes i was thinking of multiple ip lists since its difficult to search through the merged imported one mega list that there is at the moment.

    As to cpu and ram usage well as long as the feature can be turned off people can decide whether its valuable or not.

    martin
     
  10. osip

    osip Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    610
    Why search through the merged imported one mega list ? Just add your own IP:s or web adress (click add and OP finds the ip by itself) to the ones in the list and it works perfectly. I personally feel that OP is the most effctive one in this matter.
     
  11. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK

    thanks for the suggestion but I couldnt get it to work if i understand what you are saying correctly.

    I added the host ip address and a name into the ipbloclist but it didnt find what i specified, only pops up a windows saying "the specified address range is already added"

    This is outpost pro v7.01 (3376.514.1234)

    thanks

    Martin
     
Loading...
Thread Status:
Not open for further replies.