Recently, I decided to give Jetico Personal Firewall 2 a test drive and I was impressed. I am a long time LnS user and I have been very happy with it. Nothing has happened to make me consider not using LnS, except for the thrill of change. I liked Jetico's use of application templates. Also, one thing that liked very much is that JPF asks about process termination. That leads me to think that it might be able to act as sort of a behavioral HIPS. That is something that LsN doesn't have, which can be very useful. LnS has been doing very well. Together with Phantom's latest set I think it is pretty tight. I do have a couple questions though: What is your experience, if any, with JPF? How hard is it to 'correctly' configure? Are there any tutorials on it? Which would you prefer; JPF or LnS with Phantom's ruleset (and why)? As always, thanks.
JPF is a light firewall and it works well. I dont have experience with its Attack Process Table though (since I havent used it). I would rather use LnS because it is lighter and simpler. I prefer minimal configuration.
I used Jetico 1 along with SSM free almost two years ago, and found that Jetico and SSM were asking me to allow/disallow almost the same amount of pending processes. Iow, Jetico does act as a limited HIPS. SSM and other specialized HIPS do a deeper and more comprehensive job of watching process calls, but Jetico impressed me with its doing more than just filitering data passing between the computer and the web. SamSpade
I like JPF for that reason as well. I don't like classical HIPS because there are too many rules that you need to set up for every thing you could ever see yourself doing on your system. I like that JPF seems to have process termination protection, or, at least you are asked first. That's important because that way I can protect SBIE.. But, seeing as how this is hte main function of a firewall, this is important too. How good is JPF at filtering. I've been told that LnS is considerably better at this that JPF is.