Newbie - Trying PrivateFireWall

Discussion in 'other firewalls' started by EscapeVelocity, Apr 15, 2010.

Thread Status:
Not open for further replies.
  1. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    I have been limiting my posting to the Other Anti Malware sub forum, but I am now starting to understand some of the concepts better and where products fit into the different categories, as well as what they do.

    I am looking to learn about security. Try many products out, and see which ones I like and suit me. Also I am trying to set up another computer, with very low user input, protection that runs mostly in the backround without pop ups, for another user. Which probably means a very simple limited firewall like Windows Firewall, no Hips or very simple light classical HIPS like Winpatrol. There is also a router firewall, so...

    So I have multiple purposes.

    Im really liking PrivateFireWall so far.

    I know Im a newbie, but just sharing my impressions and journey, if any are interested. All advice and tips welcome.

    .
     
    Last edited: Apr 15, 2010
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    If you're gonna start installing and uninstalling a lot of security apps, especially firewalls, I'd strongly recommend that you make sure you have some good images of your system/setup before you begin. Things can and often do get hosed during the experimentation process of adding and removing programs. You'd be surprised. Otherwise, have fun. :)
     
  3. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks, Ive got a Macrium Reflect image or 2 to fall back on, basically a clean install of Windows XP, with most of programs that I like to use, installled.
     
  4. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Private FW is great. I like it alot. Its nice and light and Im pretty sure I read here that its based off of PC Tools FW. Its not nearly as buggy as PC Tools is though.
     
  5. I also like PrivateFirewall well enough, though IMHO it has some issues...

    - Too many popups in manual response mode.
    - On the other hand, when you activate auto-response, the popups you get are extremely vague - "Activity related to the application blah has been detected," etc.
    - The execution interceptor just asks you for everything, it doesn't have a default-deny mode like Returnil's plugin. (Probably my biggest issue.)

    Also, I think the tray icon is extremely silly looking. :D That being said, it seems pretty good to me, despite its relatively "poor" performance in Matousec tests. With the execution interceptor enabled it's probably quite adequate as a firewall and HIPS, for anyone with some level of computer experience.
     
  6. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    What other malware forum? You mean there are other forums other than this one!
     
  7. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    I think OP means the subforum here thats title "Other Anti-Virus whatever". But yes there are others such as BleepingComputers.
     
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    The light HIPS in Private FW is called Dynamic Security Agent. Yes, it is still part of Private FW (click Settings -- the 2 gears icon -- then click Advanced tab).
     
  9. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks for the tip. I turned on the training mode for all three cats on the advanced settings tab, just now.
     
  10. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    I like PrivateFirewall very much... but after a long period of using, it leaves alot of ports open or un-stealthed.
    so It didn't pass GRC Shields Up test.


    If you have Avast Network Shield together with PrivateFirewall..

    Avast Network Shield detects some intrusion over these open/un-stealthed closed ports.
     
  11. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    I have Avast Network Shield, running Avast Free on the one computer. But the other computer User2 is slower and running Avira.

    Also a Router firewall is in play. Just trying things out. Trying to learn the ins and outs of programs, types of programs, and security issues. Ive already learned a lot, and will probably have a pretty lean security approach in the end. Maybe just back to Windows Firewall with Hardware Firewall, and a Smart Cloud Behavior Blocker, MVPS Hosts File plus OpenDNS, Firefox Browser Plugins (and Opera and Chrome), a decent Anti Virus resident, KeyScrambler, some on demand scanners, among other things.

    Not really high risk surfers, though we do some banking online.

    But I would like to understand the individual brand products better and what they do, so I can integrate a system that works well together and covers the different areas and approaches, without being too intrusive on the lower knowledgable user experience.
     
  12. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    Just by running under Limited User Account and having a browser run sandboxed with the help of sandboxie with only windows firewall on.

    Those alone pretty much eliminates the need of a 3rd party firewall.
    top it up with a good antivirus like avast.

    but PrivateFirewall is thumbs up for me :thumb:
     
  13. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Im shying on the LUA, but I may come back to it, I understand why it is a useful security measure.
     
  14. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    LUA can be a PITN compared to running as Administrator. For *the best of both worlds* you might try using DropMyRights.

    That tiny program enables running any specified application in LUA status, while remaining, otherwise, in Admin status. It is a superb security approach that doesn't add a lot of inconvenience to the use of your computer.
     
  15. EXCEPT FOR ONE PROBLEM!!! If you don't set the Admin group as the default owner for administrators (as described here: https://www.wilderssecurity.com/showthread.php?t=269533&highlight=registry creator owner) and set ALL permissions for applications you installed as an administrator to Admin group instead of that user, IT WILL NOT WORK. This is the incredibly stupid way that Windows permissions work - on XP Home at least, your user is the default owner for anything you create, and applications running under that username will have *full control* over any application you installed, including the ability to deposit malware executables in directories owned by those applications.

    If you can change the permissions and the registry setting... Fine. Just don't fool yourself into thinking that DropMyRights provides *any* protection on a default Windows install, without those extra measures in effect.
     
  16. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    SuRun >> DropMyRights for me. And yeah, the default owner and permissions is another gotcha you need to take care of.
     
Loading...
Thread Status:
Not open for further replies.