I want a good "Reverse Firewall", any suggestions?

Discussion in 'other firewalls' started by HandsOff, Apr 9, 2006.

Thread Status:
Not open for further replies.
  1. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Hello,

    I have seen people enphatic about a firewall being defined as something that prevents unauthorized connections from the internet. Well, my former firewall (NPF2003) went well beyond this. It prevented applications on my computer to connecting to the internet without my approval. Since that is not, by definition, a firewall activity, I want to be clear that this is a capability that I do not want to do without. Most my programs seem to want to scurry back to the mothership at the slightest provication. NPF2003 even requested permission for itself to connect to the internet. It was quite strick in enforcement of this protection. But, I've finally decided to throw it out for a variety of non-firewall related issues. Now the question: Which firewall to replace it with. I want to be in complete control of my connections. I do not want anything given access or permission to leave ship without my OK. And, perhaps most of all, I want installation and use to be as easy as falling of a log!

    I am behind a firewall router, so you can see why my concern would be more for outbound traffic than inbound.

    For now, I am relying on the router and the lowly, Windows Firewall. How can I block my backstabbing, trecherous applications for engaging in an orgy of permiscuous internet connectivity?

    Please Advise!

    -HandsOff
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
  3. nicM

    nicM nico-nico

    Joined:
    Jul 15, 2004
    Posts:
    631
    Location:
    France
    Ronjor, just curious : why 4.2.2? o_O , and not 4.2.3?

    I agree with your suggestion :thumb: , I can't decide which one I prefer between Kerio or Jetico ;) .

    Cheers,
    nicM
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
    Good point. 4.2.3 supported by Sunbelt is now the current version. Thanks. :)
     
  5. mannagills

    mannagills Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    37
    Location:
    Michigan
    Jetico and Look N Stop will both provide you with plenty of opportunities to monitor and control your applications connecting the the net.
     
  6. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Almost every personal firewall, ever since the original AtGuard in 1998, does this so a better area to focus attention on is leaktest performance (the ability to detect and block programs that use various techniques to "stealth" their connection attempts). FirewallLeaktester has a good set of results you can use to make a judgement with - though expert configuration can improve the performance of many of the products listed.
     
  7. Fernando Villegas

    Fernando Villegas Registered Member

    Joined:
    Dec 3, 2005
    Posts:
    55
    Location:
    Santiago de Chile
    I thought that site now uses results with best firewall settings. I suppose even Gkweb isn't expert enough to configure all the firewalls to the best settings, which explains Outpost Pro's poor performance.
     
  8. Kentish

    Kentish Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    92
    Location:
    Kent, England, UK
    I have similar requirements, and to that end I run Comodo firewall, along with ProcessGuard and the Ghost security suite.
    Nothing gets out unless I say so.
     
  9. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Then you stand by the importance of leak tests. As you might recall, I've said in the past that I did not feel they were a basis for choosing a firewall, but were good in that they promote a degree of vigilence on the part of the FW developers.

    My main reasoning is that I cannot really weight the importance of this or that test, and could easily imagine that firewalls that are superior in real life situations (for me) might not be high up on the list

    Still, you obviously are more of an authority on the subject. I, in fact, have only used one! NPF2003 (which I believe is decendent of AtGuard). I will check out the site and include it in my decision, along with other things. In fact I am already thinking I hope Kerio...ect.. are high on the list.

    Did I meantion that it would be nice if the default rules and suggested settings were not completely idiotic? (Like NPF2003's were?)

    And thanks to the others too. I am going to check the ones mentioned here and see if any one seems particularly good to me. At least I'm pretty sure I can't go too wrong with any of them.

    -HandsOff
     
  10. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    I personally, would suggest you trial firewalls such as Outpost, Jetico, .ect. Right now the current version of Jetico is free and has the best leaktest rating. I understand that you do not value the ability to stop leaktests as much as some of us may, but when it comes down to it the methods leaktests use are definately used in real situations. If you are someone who rarely runs applications from untrusted sources then I highly doubt you need to worry about them anymore than you already do.

    If trialing firewalls for a while is a possibility for you, I suggest you try to wait for the new version of Jetico. It not only will have more simple rule configuration than the current version, but will have added security features and will most likely run just as smooth if not more smooth than the current version (which is pretty **** smooth!). The current version of Jetico does have a lot of prompts at first, but once you have it running for a few days it mostly leaves you alone.

    Edit: If you are looking for something that just about configures itself, I would suggest Outpost. The new version actually does use a database to configure itself for many applications and has a nice wizard to configure the rest. Jetico also has a nice wizard, but does not use the database method.
     
  11. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    That you know of :p
     
  12. FluxGFX

    FluxGFX Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    667
    Location:
    Ottawa/Canada
    AJohn you go boy!

    Regards,
    fluxgfx.com
     
  13. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    The whole leak test thing is a complete waste of time. Today's malware is going to use a communications driver to defeat the firewall and remain hidden, along with a rootkit to keep the AV from finding it. There is some chance a NDIS firewall would prevent this, but I am not sure of that.
     
  14. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    That's why I use CHX-I with no outbound rules and trust my safehex ;)

    Alphalutra1
     
  15. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Direct network card access is exactly how the MBTest leaktest functions. While firewalls that monitor the TDI layer only can be bypassed in this manner, most should also monitor (and intercept) lower-level access.
    While a rootkit could prevent a firewall from finding more details about a malicious process, it cannot hide the fact that it is trying to send traffic. As such, many firewalls should be able to show traffic being sent by an unknown process if a rootkit is involved (unless that firewall was compromised by other means).
     
  16. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Me too, but I'm trying the AppDefend and hoping that Jason continues to make a wonderful job with this program ;)
     
  17. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    It is an excellent program, it is just that some users on my pc aren't very technically inclined :rolleyes: so they always answer incorrectly to popups, otherwise I would use it.

    Alphalutra1
     
  18. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Substitute a router for CHX-I and that's my philosophy as well..
     
  19. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Speaking so highly of what you run, perhaps it more of an application issue than a firewall issue o_O

    Regards,

    CrazyM
     
  20. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    :D

    I don't use all the features of AppDefend, just the what I need and less annoying... ;)
     
Loading...
Thread Status:
Not open for further replies.