Good Windows Firewall thats free?

Discussion in 'other firewalls' started by chrcol, Jan 13, 2016.

  1. guest

    guest Guest

  2. Novastar 3d

    Novastar 3d Registered Member

    Joined:
    May 3, 2009
    Posts:
    65
    Outpost is hard to get used to or else I think it would be the best 2 way fw.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,894
    Location:
    The Netherlands
  4. SnowWalker

    SnowWalker Registered Member

    Joined:
    Apr 2, 2012
    Posts:
    283
    Location:
    USA
  5. jadinolf

    jadinolf Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    1,047
    Location:
    Southern California
    I just installed Tinywall a few minutes ago.

    I like it.

    Is that wrong?;)
     
    Last edited: Dec 2, 2016
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,448
    Location:
    Hawaii
    TW = V. nice BUT for even better security, make a system disk image every week, & retain each such image for at least 6 weeks.
     
  7. jadinolf

    jadinolf Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    1,047
    Location:
    Southern California
    O.K.

    I make a disk image every day, just about.

    I did have one problem when turning on one of the external drives that I use for backup. No USB sound and could not access the drive. Tried to reboot and nothing there too.

    Had to just turn off the computer and then turn it on again.

    Then I got the USB sound and could do the backup.

    Yes, my fingers are crossed

    edit: after considering your post, maybe I should just give up looking and use the Windows firewall.
     
    Last edited: Dec 2, 2016
  8. guest

    guest Guest

    Why not just Windows Firewall and learn how to use it then tighten it by creating custom rules...? All we need is shipped with the OS.
     
  9. jadinolf

    jadinolf Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    1,047
    Location:
    Southern California
    Good idea, guest.

    I have never even seen the Windows firewall.

    I'll play with it tomorrow.
     
  10. guest

    guest Guest

    Control Panel > Windows Firewall > Advanced Settings , then you can start creating or disabling rules.
     
  11. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    Windows Firewall does suffer from some disadvantages. It can't innately distinguish dynamic forking (hollowed processes), it doesn't have a self-protection mode, and a malware running a script like "netsh Advfirewall add allowedprogram- (Whatever)"- can essentially create a rule for itself.
     
  12. guest

    guest Guest

    Not the purpose of a firewall.

    To tamper it, one malware should be able to pass several Windows protections measures (not impossible of course), and obviously the user had to allow the malware on his system in the first place.

    AFAIK, suspicious rules aren't become invisible, if you are used to your WinFW rules, you can pinpoint them quite easily.

    My point is on a properly set and monitored system with a careful user, WinFW is good enough; but if not... even the most powerful security soft will be useless.
     
  13. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    Actually detecting dynamic forking is an essential component of Firewalls. Apps like WFC and Tinywall have no issue with it. And yes, you can certainly see a malware-created rule- but does this mean that the user must inspect the list of rules daily to verify?

    Windows Firewall does have a place (I guess), but there are easier and more elegant solutions available.
     
  14. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Stupidest advice from today I have read. I read a lot of them from you lately.
    With just vanilla Windows Firewall, you can only block what you know and even that I am not so sure how persistent it will be. Default deny, not that way!
     
  15. guest

    guest Guest

    noobiest reply ever... :D

    You clearly shows you never even tried custom settings and customization...As several times already, you oppose others without giving substances...

    go troll someone else, im not interested.


    AFAIK, aren't WFC being just a WinFW GUI?

    To me a Firewall is just something monitoring outbound/inbound connections; i don't need the extra-stuff ; now if we talk about IDS/IPS and other traffic analyzing it is an other topic.

    if a user is using a bandwidth monitoring tool, and he see weird traffic and connections, then at least he should check. it is what i do.

    in my case, WinFW's Policies are reset, all profiles are set to block inbound/outbound connections, then i disable what is unneeded...So no softs/processes should go out unless i made a specific rule for it, not even Windows Updates.
    Since Process Hollowing will never happen on my system; i don't see (yet) how something suspicious can even go out if it can't even take root on my system...and even if i feel something is wrong, i Rollback RX to a clean state with a reboot.

    Sure i don't deny the fact but you know me enough that i like challenges ;)
     
    Last edited by a moderator: Dec 3, 2016
  16. jadinolf

    jadinolf Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    1,047
    Location:
    Southern California
    Thanks
     
  17. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    978
    Location:
    UK
    Agree with guest.

    A firewall job is to filter traffic, nothing more, software that has extra features that is marketed as a firewall is basically adding bloat.

    Basically if malware has privileges to add firewall rules for itself then you have already lost the battle.

    WFC works well with its secure rules feature tho so it would remove those rules afterwards, however that functionality is above what a firewall should do.

    Oh and yeah I started this thread, I if you havent guessed did happily settle with WFC :)
     
  18. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    What guest was telling, he is making a windows firewall 2 way without any help from a controller. That is the stupidest thing anyone can do! And even more stupid to recommend it to others.

    It is NOT the way to go! Sure one can make all necessary, like copy from the TW rules etc. or elsewhere, but what paranoia it will cause to any security minding person?

    I guess next thing he comes to reply is with having some sort of front end GUI. Should be quite easy to program. But trying to reinvent the wheel is not what I recommend. It takes MUCH more than that to make a true controller like TinyWall or like I think WFC too is.
     
  19. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    Chrcol- Actually as you are using WFC and not WF you agree with me!

    With something like WFC if you run across a Pony or a python keylogger you will be alerted before your data is transmitted out without the user needing to add anything in the way of rules. With WF you would be pretty much lost.
     
  20. guest

    guest Guest

    Not so hard to do...Why would you need a controller when you set WinFW to block all outbound connection? when a soft/process needing outbound connection (and is blocked by default), i just create a rule to let it go out...simple as that... (check the screenshot)

    It took me 1-2 hours at most to reset, block and reconstruct rules to fit my needs; then every new rules take 1-2mn to implement.

    It is not because you can't handle WinFW alone , that others can't...
    is it so hard to go in WinFW and customize rules...if it is for you , so you will never understand my point of view.

    If the user do it without knowing/trying to learn what he does (for example copy the rules of someone else) , you are right, it is stupid. but in my case, it is not.

    Do you need to rely all the time on 3rd party softwares when you can do the same yourself? I don't think so...i prefer get some skills and knowledge by learning what is already offered than be an assisted...just my opinion.

    Who cares about a true controller if it is not even implemented at kernel level, add processes that consume resources for nothing, add potential surface attacks vectors, will surely need updates to fix various bugs & issues, etc...Are you kidding me?!

    I rather ask MS to give me an alert option for every outbound processes (legit or not) rather than those controllers you are so found of...

    About WFC, AFAIK (i used it for a while before) is just a GUI for WinFW with added customized rules oriented towards security, it doesn't have special features a true 3rd party FW like Symantec EP or at a lesser extent Comodo FW have.

    And honestly if you want a true firewall , go buy an hardware one.

    Anyway if you have a malware already on your system you are done to me, so this debate is pointless.
    In a home environment a 3rd party firewall isn't needed; the only thing that matters is that if you can block threats to get in your system, you don't have to worry about outbound suspicious connections.

    What the controllers allows you to do? manually block a unwanted/suspicious outbund connection (like a keylogger or RAT), right?

    But the true question is "how the malware get in your system at the first place?" , if it is in your system, it could disable any programs you have, so what the point of a 3rd party controller?

    I played with some RAT, they usually add visible rules in WinFW, i just had to disable the rule.
     

    Attached Files:

    Last edited by a moderator: Dec 6, 2016
  21. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    here is a little course on setting rules in WF http://www.brighthub.com/computing/windows-platform/articles/128791.aspx

    and then these are the rules I also set in WF. Stop Windows 10 spying on you using just Windows Firewall.

    http://winaero.com/blog/stop-windows-10-spying-on-you-using-just-windows-firewall/

    just download and run the batch file. check your WF and you will see the newly added rules. one thing though. it seems new insider builds seems to reset your WF rules back to default.

    as an extra freebie of info here is how to use win 10 godmodes. http://betanews.com/2015/08/03/how-to-activate-windows-10s-secret-god-modes/

    just helps find your way around.
     
  22. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    5,651
    Location:
    DC Metro Area
  23. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    978
    Location:
    UK
    click bait article :) hence better to ask on a forum then googling it.
     
  24. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    :thumb: And when you try to download the software recommended you get a nice optional :D

    Capture.JPG
     
  25. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    That tells newbies how to enter into Windows firewall rule settings and how to block known programs.

    There you can also of course change WF to default deny outgoing connections. One needs some knowledge that not many have. These rules can be used as an example:
    https://www.wilderssecurity.com/threads/beta-testing-tinywall.309739/page-37#post-2430342
    You will have to be logged into the forum to see those rules in the jpg picture. The links I posted in the neighboring posts are dead now.

    However as I have told, it will be stupid to do so. Windows firewall offers no rule tampering protection on its own. It is the wrong way to go into 2-way firewalling, believe me.
     
    Last edited: Dec 7, 2016
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.