I don't want another firewall

Discussion in 'other firewalls' started by owziee, Nov 27, 2004.

Thread Status:
Not open for further replies.
  1. owziee

    owziee Registered Member

    Joined:
    Oct 3, 2003
    Posts:
    74
    I have a d-link DI-604 router that I've configured to stealth all ports and I think it's firewall should be quite enough for a home user and I have also enabled the built in firewall in WinXP SP-2. I pass the tests at shieldsup!, no problems except the browser header tests and some other minor "privacy" issues.

    Since I don't want a third firewall, I need something else that can block applications from accessing the web. I've used ZA for a long time but I've had enough of it since it's been interfering (sp?) with my router and screws up my internet connection now & then.

    There must be some other software that can block or permit apps for web access.

    I would really like some advice, but please don't tell me to install a software firewall like sygate, za, kerio etc...
     
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I did some searching for something like this a while ago. I use VisNetic Firewall, which doesn't have any app control, and when I first installed it, I was looking for another program that would provide some basic app control to supplement VisNetic.

    I searched for some time and came up with nothing useful. As far as I know, there IS nothing out there that would provice basic app control by itself. There are several programs that control whether an app executes or not, but seemingly none that monitor internet access. This is typically the job of a software firewall.

    I'm very careful about what I install and run on my machine. No P2P use here and I generally practice safe computing. So my thoughts now are that I have no real need for app control. VisNetic, or in your case, your router, is probably enough if you're safe and careful. At least that's my own philosophy at the moment, although some people would disagree and insist on some form of app control.

    Just my 2 cents worth... :)
     
  3. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If you want something that is going to allow, deny, or control if/how an application accesses the internet, you're looking at getting a firewall.. that's just what a desktop firewall does, I don't think you're going to get away from that.

    If you want something that's light and easy to use, yet still effective, try x-Wall (you don't have to set a lot of extra rules if you don't want to, although you can if you like, otherwise you can use it to simply allow or deny applications internet access), if you want superior application control you can try Look n Stop, and you can turn of the 'internet filtering' if you like. They are both very light on resources and not hard to set up or use.
     
  4. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    the free a-wall from x-wall will have some level of app control, tho' as notok says, it is a very simple interface.
     
  5. I know only one, it is a wyvernworks firewall, you can disable the firewall and only let the application control working, but it only permit you to let or deny applications to go out, not control of ports or adresses, ONLY PERMIT OR DENY OUTGOING APPLICATIONS, AND ABOUT THIS, IT WORKS FINE, EVEN WITH SP2.
    The site is not functioning in this moment but you can get it at:

    http://www.majorgeeks.com/download3429.html
     
  6. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
  7. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    If you don't mind dropping a few $ Look 'n' Stop with Internet Filtering turned off is the best way to go. LnS will control about 99% of what can access that internet in any given situation and the author Frederic is working hard on making it 99.9%. If you want something to ask you whether or not this.exe or that.dll can run and watch to make sure the applications arent compromised, Abtrustion Protection would be a very effective and free way to go. Abtrustion Protection will scan your current setup and create a "baseline" of everything and log it as OK, it will then watch for new/changed applications and ask you whether or not to allow them to run.

    Right now I am behind a router very simular to the one you are using and I also use 8Signs FW for packet filtering and Look 'n' Stop for my Application Control since 8Signs is just like Visnetic and doesn't provide any.

    As others have mentioned x-wall is a free alternative if you are in the mood to do some major configuring or do not need much more security than you already have. There really isn't any stand-alone application out there that is made just for Application Network Access filtering, but there are lots of ways around this.

    Process Guard (free version) would be a good addition to any of the above.

    Also, I would just like to say that there is a lot which can get through your NAT/SPI router and even more which can get through Windows Built in Firewall no matter what the settings, using the Internet Filtering which comes with LnS, or even using a seperate packet filter such as 8Signs, Visnetic and others might not be that bad of an idea. I know you said you do not want another firewall, this is just a last suggestion.

    If you are determined to use only Windows Firewall and your Router, you should check out this program which will allow you to configure the Windows Firewall, show what it blocks/allows and provide some weak application control:
    http://www.router19.org/

    Here is a thread with some info on the above program:
    http://www.fluxgfx.com/ssc/showthread.php?t=57

    A good place to ask questions about x-wall(mentioned above) is:
    http://computercops.biz/forum113.html

    GL
     
    Last edited: Nov 28, 2004
  8. owziee

    owziee Registered Member

    Joined:
    Oct 3, 2003
    Posts:
    74
    Thanks for the advices. I guess you are right a software firewall might be best after all so I've started to trial sygate personal firewall and it seems to work great with my dlink router. I'm not experiencing any of the problems I had with ZA.

    I hope it's a good firewall because I'm really starting to like it.
     
  9. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
  10. owziee

    owziee Registered Member

    Joined:
    Oct 3, 2003
    Posts:
    74
    Ok, thanks.
     
  11. phaedrus

    phaedrus Registered Member

    Joined:
    Aug 18, 2002
    Posts:
    95
    Can Sygate block all leaktests? Even PcAudit2, Copycat and others like these?
    http://www.firewallleaktester.com/

    As far as I am aware, there is only one firewall that can pass all those leaktests and that is LnSp2 patched up with their latest beta driver.

    Cheers,

    Trev.
    ____________________
    Useful Links:
    Anti-virus:
    NOD32 Anti-virus ... Avast Anti-virus (Free) ... AVG Anti-virus (Free) ... Housecall (Online Scan)
    Firewall:
    LooknStop Firewall ... Sygate Personal Firewall (Free)
    Anti-trojan:
    TDS-3 ... Trojan Hunter ... A² (Personal & Free) ... BOClean
    Anti-Spyware:
    AdAware SE ... Spybot S&D 1.3 ... HijackThis! ... SpywareBlaster ... DialerWatcher (Dial up guard)
    Misc:
    Proxomitron (web filter) ... Firefox Browser ... SysMetrix (desktop clock/meters) ... Rainlender (desktop calender)
     
Loading...
Thread Status:
Not open for further replies.