Newb question about inbound protection.

Hi to everyone,

First of all, sorry for my lack of knowledge ; I definitely need some help concerning firewall so that I won't fall into marketing catches.
I'm looking for a powerful firewall featuring inbound protection (I don't care about outbound/app protection), freeware or software.
Of course, what matters if what I'm comfortable with ; my pick would be, at the moment, ZoneAlarm PRO or BlackIce. My question is, would both of these firewalls cover the same vulnerabilities and offer the same degree of protection (still talking about inbound protection). Do all firewalls "do" basically the same things concerning inbound protection, or do some of them offer more advanced protection and would make my PC more secure ?

Thanks for your answers!

 

In my experince, of the two apps you have listed, Zonealarm would be my pick. Blackice wouldn't even be on my list. But besides the two firewalls you have mentioned I am very comfortable useing The Vista Firewall to protect my incoming and outgoing traffic along with the hardware firewall in my router.

 

Thanks for your answer ; Well I'm also behind a router but I doubt it uses advanced firewall protection (at least, my ports are stealth without using any software fw). So, would you say ZA (or any other fw) cover more security leaks ?
I remember some long time ago, some firewalls running on windows98 couldnt block those attacks called 'nukes' on port139, while others were more advanced already. Is that still the case today ? Do some firewalls miss some security flaws on inbound protection ?

 

If inbound is your only concern, Windows firewall (or just a router) does the job. A software firewall (or HIPS) would take care of outbound.

 

I would have to agree with Bigc, and I would also go so far as to suggest that you just purchase a router if you're only concerned about inbound protection. A router takes any workload off the PC entirely, and in general it just makes life so much easier.

Edit: Wow, 2 posts before I even got mine out.. Please disregard if not appropriate anymore.. Btw, even a cheap NAT router should be plenty good for blocking any inbound traffic...

 

Thank you guys, so basically all firewalls "do" the same ?

 

No all firewalls are not created equal

 

If you use Windows XP, (SP2) the built in firewall is perfectly good for inbound only protection. If that is all you want there is no point in replacing it with a 3rd party software firewall.
However, you say that you want your computer to be secure. (Don't we all.) Outbound protection is highly recommended in that case. In the event something nasty gets in, and is not detected by AV and/or AS (whatever you use) the outbound protection of a good two way firewall is pretty much your last line of defense. And by monitoring the activity of same, you can see what applications are regularly connecting to the web.

 

Thanks for your answer.
So, according to you, firewalls do all the same thing regarding inbound protection. I think I'm gonna take your advice into consideration and get a NAT router + windows sp2 built-in firewall.
About outbound protection, I find it more annoying than anything else, especially with the most efficient firewalls, like comodo & jetico, where you basically click the 'Allow' button on every pop up showing up. Sometimes you don't even know the application concerned by these pop ups (especially when it deals with Windows services, and how do you see the difference between a 'clean' windows service and an infected one?), so just click Allow once again ; that's why I call it a marketing catch for all these newbies buying firewalls, and I'm one of them. When I don't reckognize any application I just click the Allow button because I'm affraid of blocking a wrong service and get disconnected.

 

The router is a good idea IMO, I have been happy ever since I got mine a few years ago, it allowed me to pretty much dispense with the software firewalls. I am not concerned with outbound protection myself. Also, with the router, you don't then even need the Windows Firewall as they would be doing the same thing, however, there's no harm in letting it run either...

 

That wasn't what I said at all.
What I intended to convey, is that the windows firewall is good. I bet there are plenty that aren't. For inbound only, I doubt you'd find one better.
What AV and AS or AT do you use? Because the robustness of your other security will have a significant effect on the necessity for an outbound firewall.

 

I'm using KAV 7 & Spyware Doctor. Judging by the efficiency of KAV, I think I don't need outbound protection

 

Sounds about right, unless you're an especially high risk websurfer.
Don't know this from experience, but from reading others' opinions and reports etc.

 

lol, I'm some kind of 'high risk' web surfer (often download some cracks & stuffs), what would you suggest ?
thanks again for your quick replies!

 

Well, since the chances of downloading something infected from "cracked" software are very high, that similarly raises the chance of a "zero day" (or recent) exploit that may not be detected/stopped, even by KAV.
So, a two way firewall. And maybe some imaging software or virtualisation program....other more experienced users than me will have good ideas on that.

I have no hesitation in suggesting the manufacturers' download page/s for software you want,even if it costs money(Shock! Horror!), and recommend against any type of cracked or pirate software, for at least two reasons, and think quite a few users here will have similar views.