How would your ideal firewall be?

Discussion in 'other firewalls' started by Fuzzfas, Jan 12, 2008.

Thread Status:
Not open for further replies.
  1. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    For me, it would have:
    - Kerio's 2 advanced rule creation from the alert window and resource consumption.
    - Comodo's colourful pop up alerts and "treat as" option, with customizable policies, as in real Comodo.
    - Sygate's logging.
    - ZA's overall panel showing applications with server and client rights, for those who don't want to use advanced rules.
    - OA's firewall status (with the nice flags).
    - OA's hips (no pending files, thank God).
    - Port scanning and attack warning.
     
  2. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    It would be free.

    There would never be a warning or pop up unless real malware was trying to communicate out.

    It would use very little memory and very few CPU cycles.

    The interface and settings would be understandable.

    Each new network would default to untrusted and could the trusted/not trusted status could be easily changed.

    Resists all sorts of malware attacks.

    Plays well with everything.

    Brings me coffee in the morning.

    Dream on.....
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    My dream firewall would be as light and powerful as CHX-I, and be application-based like OA (standard mode). I dont ask for much.
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    For me: an up-to-date, modernized version of Kerio 2.1.5 (taking the table concept from Jetico, the filtering engine of CHX-I and the standard/advanced mode of OA). Take the HIPS off.
    For the masses: a nice filtering engine backed up by an IDS, a behav. blocker, an anti-exploit engine, big whitelists and decent pre-made rules. Better handling of new networks, specially Wi-Fi.
     
  5. herbalist

    herbalist Guest

    For me, it would be an IPv6 compatible version of Kerio 2.1.5. It'd like to have a more versatile logging system, including filtering and export functions. Instead of one "custom address group" I'd like to be able to have multiple "custom" groups. The "network/mask" settings for remote endpoints would be fixed.

    The status screen would be improved to include "Time Wait" in the status. Add access to whois and related net services, from the status screen. Add a capture ability to record all connections made and ended over a specifiable time period, savable as a log. Add the ability to close specific connections from the status screen, such as you can do from Sysinternals TCPView, plus be able to add the IP or site name to any one of the custom address groups.

    Keep the HIPS and all other functions separate, like it is now.
    Rick
     
  6. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    u forgot the attack detection plugin of outpost
    it efficiently protect against denial of services "DOS" attacks and port scanning
    also displays the ip and mac of any computer in the lan using sniffer or netcut
    although i don't use outpost now but these were unique jobs i never saw thses features in any firewall
     
  7. Tunerz

    Tunerz Registered Member

    Joined:
    Jun 12, 2007
    Posts:
    96
    Location:
    Philippines
    First of all, I want it to be free. Simple $50 here is already too much for a common household.
    Then I want it to have a powerful yet light inbound protection of CHX-I.
    Less of the nagging outbound pop-ups yet passes all leaktests and exploits.
    Probably warnings regarding attacks, such as DoS/DDoS, worms, etc.
    It should be user-friendly or else beginners will be plagued with confusion and questions, and may lead to uninstallation of the software.
    Informative logging.
    Able to view on ports that are currently being used by softwares.
    Simple block all and allow all options, to see connectivity problems or just being paranoid.
    It shouldn't have issues on LAN/WLAN or home/business networks.
    Doesn't affect internet speed.
    Easy uninstallation. Doesn't leave traces in full uninstall.
    Doesn't send any information on the software author without consent, unless the user agrees to.
    Last of all, it should be light to system resources, size of software, and RAM/CPU usage.
     
  8. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    It would be better to have SPI on the ARP protocol.
     
  9. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
    what SPI means?
    could u explain please?
     
  10. minoka

    minoka Registered Member

    Joined:
    Nov 5, 2005
    Posts:
    50
  11. hany3

    hany3 Registered Member

    Joined:
    Dec 2, 2007
    Posts:
    207
  12. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Sygate Personal Firewall Free 6.0 :thumb:

    Cheers
     
  13. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Sygate 6.0 sounds like a good idea - 5.5 + ipv6 ...
    Cheers,
    Mrk
     
  14. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yes! I could live with that! Plus the local proxy hole fixed and programs without server rights by default. I always hated that i had to manually uncheck them.
     
Loading...
Thread Status:
Not open for further replies.