Looking For New Firewall To Try

Just thought I would mention it. Sounds like you have researched BitGuard already but if not her is some old links, exp for those that like lite resources.

https://www.wilderssecurity.com/showthread.php?t=20737&highlight=BitGuard

https://www.wilderssecurity.com/showthread.php?t=22168&page=1&pp=25&highlight=BitGuard

 

Thanks all. I will keep watching and listening to the discussion for now.

 

Yes I have read about it, doesn't seem to be any good around anywhere. No one seems to even talk about it but here. All I hear about that people say is good right now is Look n stop and tiny firewall pro 2005, but don't know about those. Others say stick with Kerio 2.

dja2k

 

And what is wrong with "ONLY HERE" ? LOL
Some of the best minds in the world come here.
If not here DSLReports.

I would say Tiny is the best if you want protection and are willing to learn this firewall-sandbox.

Look & Stop is a great firewall. one of the lite ones.

All I will tell you is I never heard anything bad said about bitGuard, have you?
Even Paul Wilders commended it. If you would have taken the time to read thru those posts I listed. GKWeb, the maker of the leaktest site says it is ok also.

Then if you have PG & L&S, that is about all ya need.

To each their own

 

Behind a router is enough for me.

If you think you need more protection try running as a non-admin user. Another alternitive would be process guard. Really, the objective is to be able to recoginze problems before they happen. A file that is supposed to be a video should not have an exe extension, and so on.

In a sense there is an opening in the marketplace for a utility that is not a firewall to run behind a router and provide some kind of appliation filtering. LnS can be set up to do this, but it has its limitations and it is not cheap.

Nvidia has a hardware firwall built into its latest chipset. It is application awware, but I doubt if it is set up to detect one application starting another, and stuff related to the leak test thing. Something worth looking into if you are building a new system. Support is only for AMD processors right now.

 

Yes diver & DEP enabled CPU's. Not many use Windows DEP service.
Without CPU, it is only software based. Default is protect system files only.
Protects memory space.

I use an actiontec gateway myself.

 

So you would say Tiny and Look N Stop are good? <--- Which one is better in security wise and not extras. I already have DiamondCS Process Guard and Regdefend, so no need for process control nor registry monitoring.

I did read them and look what one person stated.

"But, the bad point, in this state (firewall _only_ state) BG fails near all leaktests, i haven't tested "leaktest" and "yalta" because i assume BG pass them. All other leaktests go through." and "based on my criteria testing identical for all firewall i am evaluating, if i would have to add BG to my site it wouldn't have more than 2/20 score so i don't think people would like that, especially those who refuse to try to understand my criteria."

So there you go. dja2k

 

I would say L&S in your case.

Yes BG is a sandbox-firewall. That was also a pre 2.0 version in that thread

I have alot of security apps, that i paid for and still run alot of beta's

5 min ago I got a new CPL virus in my e-mail that the new Norton Internet suite
doesn't catch

 

Hope you removed that virus. And thanks for your fast replies dude. I really appricate them. I will give L n S a chance.

dja2k

 

Tiny? Ouch! If you understand Tiny, tell me how. Anyone who understands Tiny deserves an honorary PhD. Help! I'm ready to throw a towel under the door...

 

Heck no I didn't delete it yet. Using Shadowuser, all traces will be gone on reboot. I will check it with some AV's to see if they detect it yet.
So far KAV & Norton don't checking Trend now.
I am guessing it is a nasy since it came for an e-mail that bounces & the main part of the e-mail just says predetor with attached garry.cpl file..

Diver. It had been over a year since i messed with Tiny. I can't remember that far back LOL. When my memory leaves, I just do an advanced search here
for the title, say Tiny

 

Try to use bitdefender free edition scanner, it has been updating a lot and I mean a lot this passed week.

dja2k

 

And nobody really knows for sure if it even works either...

 

Well installed L&S already and guess what, error already. It didn't even stop any programs from going to the net. The application filtering was checkmarked and well if you try to add any program manually, it causes a windows encoutered error and freezes the whole L&P program and can't unfreeze or close until you restart. Oh well, guess I will have to go back to Zonealarm or back to the Firewall that never gave me any problems, Sygate.

dja2k

 

The nvidia firewall in conjunction with AMD 64's native process injection protection does work but also brings myriads of problems as you can see by their forums, I have tried it out and can't say I liked it at all.

 

Oh well thanks guys for the replies, just went back to using good old Zonealarm. Nothing else worked for me. Tiny, well to complicated as others say. L&S, well crashed. Sygate (gave it a try again) and well it crashed on me. Outpost, well gave it too many times a chance and always ended up with the same thing, BLUE SCREENS. Bitguard, well didn't even try it, but maybe give it a try later. Zonealarm, well works fine and what do you know, no crashes, and zonealarm hasn't given me a single blue screen error like Outpost does - tough that they haven't fixed those damn BSOD errors over there at Outpost.

dja2k

 

Arup-

I heard the AMD 64 native process protection had compatibility issues, but the Nvidia firewall I have, of course, not tried as it requires investing in a whole new system.

Could you give us a brief list of the issues with these items?

 

Diver... did you try the latest Tiny (6.5)? It's not that complicated anymore. It even works out-of-the-box nowadays... And it's light!

 

ZoneAlarm is notorious for not completely uninstalling everything. Any remnants of ZA left could well cause problems when you install other firewalls but will be ok when you re-install ZA. Did you perform a complete uninstall and clean before you tried the others? (See Don Hoover's site at http://www.donhoover.net/ for details of how to completely uninstall and remove all traces of ZA.)

HTH

patermann

 

Heh, I find (slightly) better minds visit DSLreports.

 

I trialed Tiny and found it hard to understand. As for light, I don't think so. It used a lot of memory, but I did not experiment enough to see if it would swap out. My idea of a light software firewall would include CHX-1, 8Signs, Kerio 2.15, Windows ICF, Jetico or Look n Stop.

CHX-1 is the lightest one that I know of. Nothing in the task manager unless you are changing something or checking the log. Just a single driver, somewhere.

Of course for light, nothing beats a router. Very difficult to terminate and no impact on system performance under heavy usage with a router. I wonder why there is not more discussion of the different features of hardware firewalls around here. Probably becuase they can't be downloaded and trialed.

 

Diver,

I too am all for the use of a "properly confirgured" NAT router with SPI as opposed to messing around with a software firewall. However, I must admit I am curious as to what kind of a security set up you have on your system(s) if you are not running a software firewall. Which antivirus do you use? What other security software do you use?


Thanks,
Dave

 

I don't want to turn this into an AV thread. PM me for the answer to that one. But I will give you a hint: a high percentage of detection is very important to me. For me security is more of a mental approach than an attempt to build an automated fortress with the latest sand box utility. The sand boxes have to be turned off to install anything and besides they are unable to tell the difference between good and bad programs. I do use several of the Sysinternals free utilities including tcpview, regmon, rootkit revealer and process explorer to check up on things. The trick is to be aware of what you are doing at all times. For anything that is really doubtful there is Jotti's on line scanner or other similar services.

 

I didn't start with zonealarm. After a clean install of windows, I started with Outpost, that gave me blue screens. Then I went to Look n Stop, that would cause an unusual windwos error with the application filtering tab. I then tried good old sygate, but it would crash if I clicked on two interntet programs at once, don't know why though. Then I installed zonealarm, more than 12 hours now, no problems and I kinda figured out how to set up rules for applications on it.

As far as uninstall for each of them, well I would run the uninstall, then use jr16 power tools, delete all tracks in the registry tools>registry manager. After that I would go to the registry tools>registry finder and manually look fo traces from each app using the app name and then the company as a search and deleted all those. After all that, I used Registry First Aid to remove anything that was left. Well if that wasn't enough, then oh well.

dja2k

 

For ZA, there is a /clean parameter that has to be added to the uninstall command line, or else it leaves a lot behind. Actually, anything that installs drivers can be problematic when it comes to removing it. The best thing to have is some disk image software so you can get back to where you were. Its a good security practice as well. If anything goes wrong, just restore.