Outbound only Firewall

Discussion in 'other firewalls' started by forumhound, May 17, 2007.

Thread Status:
Not open for further replies.
  1. forumhound

    forumhound Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    20
    Location:
    Surrey, UK
    I want a firewall which allows me to block spefic applications (similar to ZA where a window pops up asking if I want to grant access etc).

    +

    With a low memory footprint..

    Basically, I don't want to reinstall ZA next time I spring clean my machine.

    I use NOD32, so don't need a full security suite, just the outbound option to block.

    Can anyone point me in the right direction....it doesn't have to be free.
     
    Last edited: May 17, 2007
  2. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Hello Forumhound,

    a good one would be Kerio 2.1.5, it is an oldie but still very good, certainly when you will use it only for outbound control.
    It is freeware.

    Download


    Regards,

    Smokey
     
  3. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Hi forumhound:

    For a little while, I used pctools firewall, it is free, easy to use, and it allows for outbound control only, if you disable the packet filter in the gui. It is good for stopping known programs from calling home but has a mediocre rating on leaktests. Also, Jetico 1.0 (free) can be used as outbound only if you delete the bcfilter driver in your system32 folder, or tweak the rules to allow all inbound. Although not so easy to use, Jetico will alert you to every outbound connection and performed excellently on leaktests. DSA is a free HIPS with a firewall that is very good in controlling unauthorized outbound connections. As far as being light, if memory serves me correctly, on my machine:
    Jetico- one process 7500 kb's
    pctools- two processes 12.300 kb's
    DSA- one process- 16,500 kb's

    Edit: A search of this forum for any of these apps will probably answer any question you may have.
    It's been a long time since I used ZA, but I hope this is helpful.
     
  4. forumhound

    forumhound Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    20
    Location:
    Surrey, UK
    Excellent...I shall have a look at all of these...

    Thanks very much
     
  5. bigkatt74

    bigkatt74 Registered Member

    Joined:
    Oct 23, 2006
    Posts:
    11
    Location:
    Illinois
    If “outbound only” protection with a “low memory footprint” is what you are looking for, then I suggest giving Look n Stop a try. You can easily disable inbound filtering on the internet filtering tab (just uncheck the box at the bottom) and only use application filtering and your router (I have even seen this setup work with no router and the Windows XP firewall for people who are uncomfortable with creating rules). This should use less than 3MB of ram depending on the system and less than 5MB when running it as a service. It’s not free, but might be what you are looking for.
     
  6. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I use appdefend to control my outbound connections, only uses 2.5mb of memory, the cuurent release is free. Another option is prosecurity free, you can configure the basic rules to only monitor network connections.
     
  7. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
  8. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi forumhound :)

    One remark : a firewall is an intenet packet filter: this filtering must be done outgoing ... and incoming too!
    NOD32 is an excellent Anti-virus not an incoming packet filter! :rolleyes:

    Start with this:

    W xp firewall + System Safety Monitor ...

    SSM: http://www.syssafety.com/
    (The free version is okay...)

    :)
     
    Last edited: May 18, 2007
  9. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi flinchlock :)

    Some other review:
    http://www.firewallleaktester.com/

    Few remarks:

    1) Some failed leak test by LNS are configuration dependant.
    Especially the one using Internet Explorer (a.k.a. interNUT Expl'horror...)

    Example:
    In this test web site LNS failed to WallBreaker:
    http://www.firewallleaktester.com/tests.php

    Actually, WallBreaker is blocked by LNS ... but not with the "default" configuration...

    See here:
    http://www.firewallleaktester.com/advices.htm#01
    1.2

    2) Is it the fonction of a firewall to patch O.S. vulnerabilities? Did a FW must be a huge patch to Bill's product?

    3) A firewall is one of the protection layer not the only one...

    4) Leak test are one of the criterias to choose a FW, not the only one...

    An interesting point of vue here:
    http://www.firewallleaktester.com/advices.htm#06

    It's about the "Layered defense" ...

    LNS is a "pure" rules set firewall: an internet packet filter, not an HIPS (Host Based Intrusion Prevention System) like SSM.

    Best regards,

    :)
     
  10. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    @Climenole, you bring up lots of good points. :D

    Thanks, Mike
     
  11. forumhound

    forumhound Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    20
    Location:
    Surrey, UK
    Thanks all
     
Loading...
Thread Status:
Not open for further replies.