LooknStop v Visnetic/8Signs

Discussion in 'other firewalls' started by Cerxes, Oct 6, 2007.

Thread Status:
Not open for further replies.
  1. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    I´m considering to buy either LnS or Visnetic/8Signs so I wonder if someone have some experience of using both of these firewalls and want to add some comments regarding stability and management. The price is no issue here, I only wish to know the pros and cons. Thanks! :)

    /C.
     
  2. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    8Signs has no app control, so i guess it's not an issue here? If it's not, i say 8Signs, but try it before. Did you try it?
    Note that it costs more though.
     
  3. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Edit: Both are stable unless you are a beta tester :)
    Edit: L'n'S application filtering pros/cons: http://www.mntolympus.org/phpbb2/viewtopic.php?t=2064
    L'n'S vs. CHX-I vs. 8Signs (SPI <-- :D ): http://www.mntolympus.org/phpbb2/viewtopic.php?t=2032

    Something really nice about L'n'S is that Phant0m (a third party user of the firewall) has over the years provided great support for the firewall in addition to the developer's support (Frederic). Phant0m has constantly been building a very strong and durable rule-set for L'n'S which he now has an automated installer for at a very reasonable price. Phant0m's website is www.mntolympus.org :D

    If you would like maximum network security and to have all of the rules automatically setup to work with your computer (along with both Frederic, Phant0m and the Wilders community's great support) then these may be factors to take in while choosing between L'n'S and 8Signs.

    On the other hand if you were not planning on purchasing Phant0m's automated rule-set installer and are not very savy with rules creation then 8Signs may be slightly easier to configure (although not much).

    As stated above by Pedro 8Signs does not provide any outgoing protection (software already running on your system is not restricted to network connections and is free to use your network as much as it likes).

    8Signs was designed specifically for server environments (which is part of the reason you will not find outbound application network filtering - other reason is "Can you ever stop 100% of leaktests? - www.matousec.com - www.firewalleaktester.com ) , although 8Signs is suitable for any computer with a network connection. In addition to this, 8Signs provides a 'Tarpit' which you can read more about at their website or in these forums, but be aware that 8Signs implementation of this may differ from other software's tarpits being discussed in these forums.'

    All in all I have used both quite a bit and have much respect for both of them. They are both fantastic firewalls. I highly suggest you trial each one out and send as much feedback to the developers as possible with questions and suggestions so that you can get a better feel for the software and the direction it may be going in the future.

    Some other firewalls to consider that I would recommend are:

    Comodo - www.comodo.com (Current version is 2.4 and the 3.0 version which is in beta now and provides full HIPS (Host Intrusion Prevention System) should be out before 2008 )
    Outpost - www.agnitum.com
    Jetico - www.jetico.com

    There are more, but those are my personal favorites :) Others can suggest more if they like :)
     
    Last edited: Oct 6, 2007
  4. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Having tried all three at one time of another, LnS comes closest to the personal firewall concept used by many.

    CHX-1 requires a completely different way of thinking to set up your rules. Its been a while since I last used it. Its a learning curve, and it is no longer supported by its owner.

    8-Signs, unless they have changed it, does not work well with Emule because in Kad there is the possibility of dealing UDP connections from random ports. Routers and CHX-1 handle this without any problem and personal firewalls take care of it by limiting the connection to a single appliction, but with 8-Signs if you want Kad to work UDP inbound must be allowed on a large range of ports and it will be accessible to any program.

    Of the three, LnS is the best bet for most persons and you should try that one unless you really know why you might need one of the other two.
     
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    That last sentence could be true (could), but i didn't understand what Kad is?
     
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Kademlia :)
     
  7. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Thanks Lucas :)
     
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi AJohn :)

    Few remarks:

    - for the vast majority of users the rules set provided by LnS are enough.
    Nobody have to buy sometings else to use LnS... This is optionnal only.

    - new rules are needed only for UDP applications and server applications.
    "Key in hands" rules are provided by LnS support at the official forum.

    Best regards.

    :)
     
  9. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    I thank you all for the inputs, specially AJohn. I´ve tested both LnS and 8Signs and I consider them both to be great firewalls with good rule editors. LnS installed without any problem in both the admin account and in the limited user account. 8Signs installed perfectly in the admin account, but, in the limited user account I couldn´t get 8Signs to work! I don´t know what I´ve done wrong, since I consider myself to be a rather experienced user, and I can´t think that 8Signs would not work in LUA (btw, I´m using XP Pro). So, for running without problem I think I will choose LnS. But if someone knows how to get 8Signs to run in LUA, please tell me! (I can´t figure it out...) :)

    /C.
     
  10. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    What is the difference between could and (could)?
     
  11. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,787
    Maybe he just put it in parens for emphasis....
     
  12. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Hey C I do not ever use any accounts other than Administrator, but would it be possible to install under admin and then use restricted?
     
  13. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    When you use LUA you always have to install a software as an admin.

    Edit: ...or did I missunderstood your suggestion? :)

    /C.
     
    Last edited: Oct 11, 2007
  14. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Cerxes, about 8Signs and LUA, did you look in the GUI for access privileges (or some other name)? When in admin of course.

    Also, if the help file doesn't say anything about it, write them an email. I bet they will answer you in a day.
     
  15. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Hola Pedro! :)
    Didn´t found anything about it in the helpfile and I´ve already wrote them twice about it, but no respond... :cautious:
    It´s a pitty, since I really like this fw, but if I can´t make it work in LUA, then it´s not an alternative.

    Edit: With GUI, do you mean the CredUIPromptForCredentials function, or just changing the privileges in a Token?

    /C.
     
    Last edited: Oct 11, 2007
  16. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Yes, it is possible, as long as leaktests number is definite :)
    PS.
    BTW, Online Armor beta 2.1.0.12 does it.
     
  17. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    8Signs will not work with fast user switching,... make a re-boot into limited account should work.
    (Have just checked on VM).
     
  18. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Hi Stem!
    I always re-boot when I change account, so I never use fast user switching.
    But I still having problem with the 8Signs FW... :(

    /C.
     
  19. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Cerxes,
    It works correctly on VM.(XP pro sp2~ 8Signs version 3)

    Is the tray Icon (for 8Signs) missing when you boot to limited account?
     
  20. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Yes, after I had reccived a notification about failure to load 8Signs. But I can´t remember any specific details since I´ve uninstalled 8Signs, because I don´t run any VM:s.

    /C.
     
  21. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Either i was lucky, or you unlucky. They replied me in 1/2 days if i remember correctly. I traded a bug for a reply :D
    If you're referring to the registry, i have no idea, i don't understand it, never tried to be honest. I was just talking about the GUI GUI.
    Seing Stem's reply makes me wonder if you have changed something regarding LUA's permitions (you seem to know the registry), perhaps you are using XP Pro?
    I have no idea how to help sorry.
     
  22. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Cerxes,
    I have just installed onto hardware, XP pro sp2~ all windows updates, just to see if there may be problems due to the windows updates. But still no problem with limited account. I would suggest, that if you decide to look at this again, then create a new limited account (this could then check if there are problems with the limited account you are using)
     
  23. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Hey Stem, i think this isn't too off topic, since we're talking about packet filter alternatives. Where do you place Injoy? Better? Does it have SPI, pseudo etc.., is it usable in a desktop pc?

    :D
     
  24. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    @Stem: Yes, I will re-install 8Signs under a new LUA. The only possibility that I can think of is a software conflict, since you manage to make it work.

    @Pedro: InJoy as well as CHX-I are both very good firewalls but also very advanced, so I recommend those for users who have a good understanding how TCP/IP and rulecreation works. Btw, I had an uninstallation issue with InJoy, so make a backup/snapshot of the registry (using ERUNT or another tool), before testing it in case you get some problem.

    /C.
     
  25. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Yes. Injoy performs deep packet inspection (to a depth of checking for malformed). I have never made much testing of this, but personally would use this instead of 8Signs.
     
Thread Status:
Not open for further replies.