Ghostwall vs CHX.. Is it even worth comparing?

Discussion in 'other firewalls' started by redZ94, Feb 18, 2008.

Thread Status:
Not open for further replies.
  1. redZ94

    redZ94 Registered Member

    Joined:
    Jan 16, 2008
    Posts:
    1
    Just wondering if either of thees guys are better than the other. I currently run ghostwall and i'm thinking of running CHX just for the granularity in rule creation. Are they basically the same performance wise? Any reason to use ghostwall over CHX in my case?

    Thanks
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Ghostwall = user-friendly, low-latency.
    CHX-I = SPI engine and control over other protocols.
     
  3. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    IMO, they are not quite comparable. Ghostwall is a stateless firewall, while CHX is a totally different beast. The actual level of CHX SPI/DPI can be commented only by someone who actually performed tests personally (some members here come to mind ;) ), since this is not explained in detail in CHX documentation. As for the lightness, they're the same, Ghostwall being a tad lighter iirc. The difference is in few 100's of KBs. Yes, CHX offers rare granularity in packet filtering and is one of few firewalls which can be controled remotely. But Ghostwall is still in development, (as a free app has a low priority with developers), while CHX is pretty much dead, which could be a problem in the near future with the increasing utilization of IPv6 protocol.
    If you explicitly need to filter TCP flags, ICMP by type & code then use CHX. Otherwise stay with Ghostwall.
     
Thread Status:
Not open for further replies.