Need a good firewall -- not a crapwall

Discussion in 'other firewalls' started by comma dor dash, Sep 23, 2007.

Thread Status:
Not open for further replies.
  1. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    OK ... I'm in foul mood. But anyway.

    1.
    I will not use Outpost. In principle, this is a real firewall. However, it's incredibly bloated. And even worse, it's a buggy mess. It's really embarrassing that Agnitum cannot hire at least one talented coder. Outpost has been a crappy bug hell for many years. They simply don't get it. It makes your system unstable. Yesterday, my stable machine rebooted over night under heavy load because of this buggy application (and not for any other reason). I will simply not use it anymore. Never ever. I hate Outpost.

    2.
    I won't use Kerio 2.15. It was a great firewall. But it's outdated and I do not trust it anymore. Same applies to atguard. Sorry.

    3.
    I have tried KIS 7 but will deinstall it right now. Do you call this a firewall? It's a bad joke. There is not even a window that gives you a good overview over all your rules. (If you believe that such a window is unnecessary please stop using firewalls at all. They won't help you.) Moreover, I don't trust this wall. Why can avp.exe update it's database when I create a block rule with the firewall??

    4.
    I will not use a firewall without proper application filtering AND a good rules editor. This is a matter of security (not only convenience). I will also not use a car with a triangular steering wheel (again this is a matter of security).

    In particular, firewalls like Look'n Stop insult my intelligence. Why should I use a firewall that can hardly do more than a hardware router? This picture says it all: http://www.looknstop.com/En/images/af_current.gif It does not show a rules editor ... it shows a hoax. You cannot even see the rules you have created. (If you believe "allow iexplore.exe" is a rule, please stop using firewalls at all.)

    5.
    I may revert to Kaspersky Anti-Hacker. Although it's pretty outdated and I am not sure whether it supports RAW sockets. At least, it's stable and a real firewall.

    I would be more than happy to use a current firewall if such thing existed. Please help.
     
  2. wat0114

    wat0114 Guest

    Hmmm...i thought it was possible to edit rules in Look 'n Stop, even to the point of specific direction, protocol and ports?? You will most certainly elicit responses from those who use it. I have not used it for a long time, so I can't remember, exactly, but I seem to remember having very granular control over application rules with it. IMO, it is one of the better software firewalls available.

    Otherwise, you may want to try the latest release of Jetico 2, as long as you don't mind a bit of a steep learning curve. It runs very light and stable. However, you may not like its obligatory "indirect access" component. It is a bit puzzling that the developer does not allow the user better control with it. Basically if you don't allow a certain process to launch your browser, your browser will be permanently blocked from Internet access. That said, one should only, theoretically, allow only trusted processes to launch other trusted processes anyways. It's a bit of a catch 22.
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    For LooknStop you need to be in advanced mode to customize rules for apps.

    Anyways I will second wat0114's suggestion of Jetico 2.
     
  4. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    A good rules editor is absolutely mandatory. Certain firewalls like LnS don't have it. It's like driving a car with the steering wheel in the trunk. Prior to each corner you have to get it ... that's insecure. Most people will not understand what I am talking about. This is because 99.9% of the people use insecure firewalls rules. Example: a good rule is "allow outgoing dns connection (53) to the dns server address of your internet provider". a bad rule is "allow all for svchost.exe". I need a firewall that allows me to QUICKLY create good rules when the respective application tries to access the internet. And, moreover, I need a rules editor that gives me an immediate overview over the rules that I have created.
     
  5. xandros

    xandros Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    411
    i love outpost pro its very strong but its haevy on my pc its take many recources
    and i hear about zonealarm pro

    any way i use kaspersky internet security now its very light on my pc

    http://www.3tt3.net/up/uploads/AhK77032.jpg

    xp pro sp2
    processor 2800
    ram 1.5G
    vga 128
     
    Last edited: Sep 23, 2007
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Sounds like you really want Kerio 2.1.5. If it still works then what's the problem? But if you can't use Kerio, then I would also recommend Jetico. Jetico can be a little annoying to deal with, but it's probably one of the few left that offer the flexibility with rules that you want.
     
  7. herbalist

    herbalist Guest

    Kerio may be old and no longer supported, but it's still a very effective firewall that has the configurability you're asking for. I've never found a reason to distrust it.
    Rick
     
  8. dholiday

    dholiday Registered Member

    Joined:
    Nov 4, 2004
    Posts:
    48
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Yes, 8Signs is good so long as you're not interested in outbound app control of any kind. It's pretty much an inbound firewall only. Although you can make some generic outbound rules...
     
  10. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    If i remember LNS properly, i think you missed some possibilities - internet filtering rules can have applications associated with them.
    There is another firewall not mentioned here in development, but still RC/ beta. It will take some time to mature maybe, but i'll post here anyway when next RC comes out.
    Then there's Comodo to look at.
     
  11. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    "Yes, 8Signs is good so long as you're not interested in outbound app control of any kind."

    Of course I am. It's pointless to use a SOFTWARE fw without outbound control. Go for a hardware router.

    "If i remember LNS properly, i think you missed some possibilities - internet filtering rules can have applications associated with them."

    This is not the point. The question is whether the steering wheel is in the trunk or in front of the driver seat. This is a huge difference when you drive a twisted road.
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Hi!
    I have seen you don't mention ZA in your list. No sure you are a lover or hater of ZA but I would give a spin to latest ZAPRO (7.0.408.000).

    It works very well here and many bugs of the past have been ironed out.

    http://www.ZoneAlarm.com/zapdownload

    Fax
     
  13. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ,.- :)

    You're screen capture doesn't show the rules editing but the application filter.

    The rules editing of LnS allow you to create (or modify existing rule) at different level of the DoD 5 Layer of TCP-IP:

    Layer 2 (Data link layer) Ethernet, WiFi, ... with the raw editing plugin
    Layer 3 (Network/Internet) IP including IPv6, IGMP, ICMP ARP...
    Layer 4 (Transport layer) TCP, UDP,
    Layer 5 (Application) DNS, DHCP, SIP , STUN and so on...

    The LnS rules edition allow to control almost every characteristics of Internet packets :

    Ethernet type:
    IP, IPv4, IPv6, ARP and any other type from raw editing plug-in...

    Protocol:
    TCP, UDP, ICMP, IGMP, 47-GRE- 50-SIPP,

    Packets:
    in and out, fragmented or not, including the offset and frag. flag
    including all TCP flags and their combination using masks (for example)

    Ethernet addresses (local and remote)

    Ip addresses (local and remote)

    Port(s) local and remote

    Etc.

    Where is the HOAX here please ?
    I guess LnS deserve a second look from you Sir.

    Have a nice day.
     

    Attached Files:

  14. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    KIS 7 a joke? Interesting, as Matousec likes it.
     
  15. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Well then, Jetico is about the only one left that you haven't discarded yet. Why not give it a try?
     
  16. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Thats probably because 99.9% of people are only concerned about application filtering...seeing what app is connecting out and dont care what port or ip address it connects to if the app is not considered threatening to them.Having a rule for DNS with just your ISPs server addresses in ,or going further and applying that to each app ,is all well and good if like yourself you know about these things.However ISPs have been known to change their DNS server addresses on occasions ,and the server not found error that would subsequently follow,would probably make the average joe call his local pc repair shop.If you like kerio 2.15 then i personally cant understand your dislike of looknstop as it has does all that kerio does and much much more.I can see your fondness for kerio and outpost (the rules creation parts anyway) because they basically make the rule for you and you decide whether to allow/deny or to add to the rule.Looknstop can do the same by right clicking the log entry (of course you would have to enable logging).These days i personally don't care about such and such a port,or such and such an address ,and prefer the less hassle approach of global allow to trusted apps.This in conjunction with a decent av and router is all thats needed IMO.If you are willing to try outpost again then maybe an earlier version such as 2.7 which is the firewall without the later version bloat may suffice?.
    ellison
     
  17. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ,.- :)

    This is false. :cautious:

    If you want to choose a firewall (any) based on false information, nobodies here will be surprised if you never found what you're looking for...

    Give us some details about what kind of rules editing features are important for you.

    There's many users of popular FW at Wilders: Comodo, Jetico, ZA, Outpost, and many others.
    They can help you to make a choice if you give us some feed-back ... ;)

    An other possibility is to ask directly at vendors forum ? :cautious:

    Other Firewalls Sticky Posts

    There's a list of official forums for many of them.

    Hope this help. Let us know...

    :)
     
  18. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    Clarification: When I was talking about the rules editor I referred to a rules editor being part of the learning/training mode of the firewall. In other words, I want to create granular rules on the fly for each application trying to access the internet. Everything else would extremely painful (if not entirely mad ;).

    ellison: good post.

    Kerodo: will try it again. But I did already try it in the past and it did not work for me.

    Climenole: Will try LnS again. But I tried already 3 or more times in the past. I always had a miserable experience.

    Diver: Matousec's site/tests are quite interesting. I would assume that they liked KIS for other reasons. I was complaining about useability and that avp.exe seems to be automatically treated as a trusted app.

    @all For the time being, I went back to Kaspersky Anti-Hacker. The rules editor is not perfect but usable. Unfortunately, this wall does not show you a very good overview over all the rules you have created. Moreover, it may be outdated. But at least, it's light and stable.
     
  19. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    O.k. Now I tried LnS. Following the installation, I rebooted the machine. An LnS window pops up and asks me whether I want to allow or deny LSASS.exe to connect to internet. Just two options: authorize or block. No granular rules editor at all. Are you kidding meo_O This is like Zone Alarm Free. An invitation to create insecure rules! Sorry...but this firewall is, has always been and will always be...a crapwall.

    I am so disappointed now that I will not even try Jetico.
     
  20. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi ,.- :)

    Wow ,.-: you are what we call a "fast fuse" ! :D

    :D Keep calm please.

    LnS ask the authorisation for all programs with a possible or actual access to Internet. This is the "application filtering"...

    There is an other level of filtering using general rules and specific rules when needed. Not "granular" enough ? ;)

    Anyway... o_O

    You can like or not LnS and choose an other FW: I don't care
    BUT
    How can you evaluate any FW in a couple of minutes ?

    No FW are good for you:

    Not Outpost
    Not Jetico
    Not LnS
    Not ZA
    Not KIS
    Not Kerio
    etc.

    All crap. No one in the whole universe. Right?

    LOL That's the funniest comment I ever read here! :D

    LnS is so crap that this SO disappointing experience drive you to not trying Jetico !!!

    LOL (really) :D

    You know what? I guess your post here is a big TROLL. :thumbd:


    Bye bye !
     
  21. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    I read everything I could get my hands on when I was trying to find a firewall to replace my ZoneAlarm monster. I finally settled on Comodo, and never looked back.:D
     
  22. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi twl845 :)

    I really hope Comodo will fit to the need of ,.-.

    I'm a bit skeptical... ;)

    :D
     
  23. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    I had always thought the KIS included a firewall (Antihacker) and that Kaspersky stopped offering it as a stand alone product. According to the product comparison chart, a firewall is a part of KIS, but it doesn't mention it by name though.
     
  24. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    It works fine. I suspect you just didn't have the patience needed to go thru all the configuration. It isn't the easiest firewall in the world. If you do decide to try it again, check the forum here for previous Jetico threads, there's a lot of good help in them, particularly Stem's posts..
     
  25. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    ,.-,
    You really went after OutPost....good for you. Yesterday myself I dumped the latest version and "dailed" all the way back to 2.7 493/416. So far, good.

    I just got fed up with the system crashes when you logged out and then later logged back in. I have repeatedly sent reports in. This has been going on for well over a year. :p At times it would just give the report window got to shut down now...sorry...:mad: No I don't have malware shutting it down. I think post number one is closer to the problem.

    I don't know if you are interested but like I say newest version is not always best. ;)

    Edit: I see I followed Ellison suggestion and did not even know it. :D Sounds like good advice. :D
     
    Last edited: Sep 24, 2007
Loading...
Thread Status:
Not open for further replies.