LooknStop v Visnetic/8Signs

I´m considering to buy either LnS or Visnetic/8Signs so I wonder if someone have some experience of using both of these firewalls and want to add some comments regarding stability and management. The price is no issue here, I only wish to know the pros and cons. Thanks!

/C.

 

8Signs has no app control, so i guess it's not an issue here? If it's not, i say 8Signs, but try it before. Did you try it?
Note that it costs more though.

 

Edit: Both are stable unless you are a beta tester
Edit: L'n'S application filtering pros/cons: http://www.mntolympus.org/phpbb2/viewtopic.php?t=2064
L'n'S vs. CHX-I vs. 8Signs (SPI <-- ): http://www.mntolympus.org/phpbb2/viewtopic.php?t=2032

Something really nice about L'n'S is that Phant0m (a third party user of the firewall) has over the years provided great support for the firewall in addition to the developer's support (Frederic). Phant0m has constantly been building a very strong and durable rule-set for L'n'S which he now has an automated installer for at a very reasonable price. Phant0m's website is www.mntolympus.org

If you would like maximum network security and to have all of the rules automatically setup to work with your computer (along with both Frederic, Phant0m and the Wilders community's great support) then these may be factors to take in while choosing between L'n'S and 8Signs.

On the other hand if you were not planning on purchasing Phant0m's automated rule-set installer and are not very savy with rules creation then 8Signs may be slightly easier to configure (although not much).

As stated above by Pedro 8Signs does not provide any outgoing protection (software already running on your system is not restricted to network connections and is free to use your network as much as it likes).

8Signs was designed specifically for server environments (which is part of the reason you will not find outbound application network filtering - other reason is "Can you ever stop 100% of leaktests? - www.matousec.com - www.firewalleaktester.com ) , although 8Signs is suitable for any computer with a network connection. In addition to this, 8Signs provides a 'Tarpit' which you can read more about at their website or in these forums, but be aware that 8Signs implementation of this may differ from other software's tarpits being discussed in these forums.'

All in all I have used both quite a bit and have much respect for both of them. They are both fantastic firewalls. I highly suggest you trial each one out and send as much feedback to the developers as possible with questions and suggestions so that you can get a better feel for the software and the direction it may be going in the future.

Some other firewalls to consider that I would recommend are:

Comodo - www.comodo.com (Current version is 2.4 and the 3.0 version which is in beta now and provides full HIPS (Host Intrusion Prevention System) should be out before 2008 )
Outpost - www.agnitum.com
Jetico - www.jetico.com

There are more, but those are my personal favorites Others can suggest more if they like

 

Having tried all three at one time of another, LnS comes closest to the personal firewall concept used by many.

CHX-1 requires a completely different way of thinking to set up your rules. Its been a while since I last used it. Its a learning curve, and it is no longer supported by its owner.

8-Signs, unless they have changed it, does not work well with Emule because in Kad there is the possibility of dealing UDP connections from random ports. Routers and CHX-1 handle this without any problem and personal firewalls take care of it by limiting the connection to a single appliction, but with 8-Signs if you want Kad to work UDP inbound must be allowed on a large range of ports and it will be accessible to any program.

Of the three, LnS is the best bet for most persons and you should try that one unless you really know why you might need one of the other two.

 

That last sentence could be true (could), but i didn't understand what Kad is?

 

Kademlia

 

Thanks Lucas

 

Hi AJohn

Few remarks:

- for the vast majority of users the rules set provided by LnS are enough.
Nobody have to buy sometings else to use LnS... This is optionnal only.

- new rules are needed only for UDP applications and server applications.
"Key in hands" rules are provided by LnS support at the official forum.

Best regards.

 

I thank you all for the inputs, specially AJohn. I´ve tested both LnS and 8Signs and I consider them both to be great firewalls with good rule editors. LnS installed without any problem in both the admin account and in the limited user account. 8Signs installed perfectly in the admin account, but, in the limited user account I couldn´t get 8Signs to work! I don´t know what I´ve done wrong, since I consider myself to be a rather experienced user, and I can´t think that 8Signs would not work in LUA (btw, I´m using XP Pro). So, for running without problem I think I will choose LnS. But if someone knows how to get 8Signs to run in LUA, please tell me! (I can´t figure it out...)

/C.

 

What is the difference between could and (could)?

 

Maybe he just put it in parens for emphasis....

 

Hey C I do not ever use any accounts other than Administrator, but would it be possible to install under admin and then use restricted?

 

When you use LUA you always have to install a software as an admin.

Edit: ...or did I missunderstood your suggestion?

/C.

 

Cerxes, about 8Signs and LUA, did you look in the GUI for access privileges (or some other name)? When in admin of course.

Also, if the help file doesn't say anything about it, write them an email. I bet they will answer you in a day.

 

Hola Pedro!
Didn´t found anything about it in the helpfile and I´ve already wrote them twice about it, but no respond...
It´s a pitty, since I really like this fw, but if I can´t make it work in LUA, then it´s not an alternative.

Edit: With GUI, do you mean the CredUIPromptForCredentials function, or just changing the privileges in a Token?

/C.

 

Yes, it is possible, as long as leaktests number is definite
PS.
BTW, Online Armor beta 2.1.0.12 does it.

 

8Signs will not work with fast user switching,... make a re-boot into limited account should work.
(Have just checked on VM).

 

Hi Stem!
I always re-boot when I change account, so I never use fast user switching.
But I still having problem with the 8Signs FW...

/C.

 

Hi Cerxes,

It works correctly on VM.(XP pro sp2~ 8Signs version 3)

Is the tray Icon (for 8Signs) missing when you boot to limited account?

 

Yes, after I had reccived a notification about failure to load 8Signs. But I can´t remember any specific details since I´ve uninstalled 8Signs, because I don´t run any VM:s.

/C.

 

Either i was lucky, or you unlucky. They replied me in 1/2 days if i remember correctly. I traded a bug for a reply

If you're referring to the registry, i have no idea, i don't understand it, never tried to be honest. I was just talking about the GUI GUI.
Seing Stem's reply makes me wonder if you have changed something regarding LUA's permitions (you seem to know the registry), perhaps you are using XP Pro?
I have no idea how to help sorry.

 

Hi Cerxes,

I have just installed onto hardware, XP pro sp2~ all windows updates, just to see if there may be problems due to the windows updates. But still no problem with limited account. I would suggest, that if you decide to look at this again, then create a new limited account (this could then check if there are problems with the limited account you are using)

 

Hey Stem, i think this isn't too off topic, since we're talking about packet filter alternatives. Where do you place Injoy? Better? Does it have SPI, pseudo etc.., is it usable in a desktop pc?

 

@Stem: Yes, I will re-install 8Signs under a new LUA. The only possibility that I can think of is a software conflict, since you manage to make it work.

@Pedro: InJoy as well as CHX-I are both very good firewalls but also very advanced, so I recommend those for users who have a good understanding how TCP/IP and rulecreation works. Btw, I had an uninstallation issue with InJoy, so make a backup/snapshot of the registry (using ERUNT or another tool), before testing it in case you get some problem.

/C.

 

Yes. Injoy performs deep packet inspection (to a depth of checking for malformed). I have never made much testing of this, but personally would use this instead of 8Signs.