Privatefirewall updated

Discussion in 'other firewalls' started by QBgreen, Aug 18, 2010.

Thread Status:
Not open for further replies.
  1. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    I agree:thumb: This FW rocks!!!
     
    Last edited: Dec 10, 2010
  2. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    A lot of them have no business having internet access because it's dangerous.

    I just installed PF 7.0.22.6 and had disabled 99.9% (all incoming) rules to better secure myself because they are enabled by default. The alerts work as they should.
     
  3. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Yes, I agree! Give version 7.0.22.6 a try, it's working like a charm.
     
  4. clubhouse

    clubhouse Registered Member

    Joined:
    Apr 14, 2009
    Posts:
    180
    Every tech forum I go to now, this firewall is going up in peoples estimation...I think its going to become a leader in the top choices soon.
     
  5. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,142
    Location:
    Slovakia
    Yes, it works like a charm & I like export. I ditched OA for blocking Chrome. I am glad to see, that PF has become a perfect firewall in the meantime. :D
     
    Last edited: Dec 10, 2010
  6. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    I don't get out much to other forums but that's good to hear;)
     
  7. Syobon

    Syobon Registered Member

    Joined:
    Dec 27, 2009
    Posts:
    469
    yes, I have even convinced some friends to use it, and they like it, maybe not average users but I never heard a complain about it, its very good code.
     
  8. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,433
    I haven't tried this one yet. Does the process monitor allow you actually kill a process if by chance you allowed something that you did not want to allow?

    Al
     
  9. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    870
    Location:
    2500'
    I have been very pleased with this product since replacing Online Armor Premium with it a few weeks ago.

    Beyond the product itself, the customer service is exceptional (to say the least). :thumb: :thumb: :thumb:
     
  10. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Last edited: Dec 10, 2010
  11. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    I agree. The first thing I did after installing it was email them with praise.
     
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,334
    Location:
    Hawaii
    If you are talking about killing a running process -- no, PFW won't kill a running process. To do the killing, I suggest Process Hacker -- it can terminate a process when all else fails. PH is open source/free.
     
    Last edited: Dec 11, 2010
  13. Drakar

    Drakar Registered Member

    Joined:
    Oct 6, 2010
    Posts:
    7
    I'm testing PF and so far it's been a good experience, except for a little nuisance. How can I hide the incoming connections that show up in Firewall Log even after a torrent client is closed? I know they are being blocked by PF, but is there an option to hide them?

    Thanks.
     
  14. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    Afraid not. Once the application is closed they are just blocked incoming connections. You'd have to have an option not to log blocked incoming connections.
     
  15. guest

    guest Guest

    I apologize for this question :oops:

    The Application Rules Window has 2 checkboxes on the right side
    (next to Action).
    What is the meaning of those two symbols?
     
  16. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,334
    Location:
    Hawaii
    You mean the H & L columns, right?

    ScrHunt01 12-Dec-10.gif

    H = High. High stands for untrusted networks (The Internet and LAN networks you are connected to but don't want to share with)

    L = Low. Low stands for trusted networks (That is of course your Home, work or any other LAN you are connected and want to share with).

    In other words, H & L alongside a rule determine WHICH connections that particular rule will be applied to.

    + If ONLY H is checked, then the rule will only be applied to connections between your computer and UNtrusted networks. The rule will NOT be applied to trusted networks. In all likelihood, H-only rules will be rules that "Deny".

    +If ONLY L is checked, then the rule will only be applied to connections between your computer and TRUSTED networks. The rule will NOT be applied to UNtrusted networks. In all likelihood, L-only rules will be rules that "Allow".


    +If BOTH H & L are checked then the rule applies to ALL connections.
    ~~~~~~~~~~~~~~~~~~~~~~~~~

    As examples - - -

    +The incoming rule for my FTP client, which I use to process data between my computer and the servers for my websites, ONLY allows such input from trusted sources.

    ScrHunt02 12-Dec-10.gif

    + On the other hand, the 2 in/out rules for my email client allow anything & everything. In this case, the filtering of nasty stuff is done by email filters on my servers, and NOT by my firewall. Therefore, anything that reaches the email client is "permitted" by these rules.

    ScrHunt03 12-Dec-10.gif
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    I don't have an example of a rule that applies to H only. I hope someone will add such an example for my own edification. Or add examples that are better or clearer than the ones I have shown.
     
    Last edited: Dec 12, 2010
  17. guest

    guest Guest

    Thank you very much for that detailed explanation :thumb:
    Only the letter L is readable here, the H is mutilated (the second vertical bar is missing).
    So I could actually not figure out what it stands for and the manual is of no help here.

    I installed Privatefirewall to an older XP machine (Pentium 2800) and it runs very smooth.
    As I never have used Privatefirewall before, I am still in a learning process, and your explanation is very helpful :)

    My other machine is todays standard and uses OnlineArmor Premium, but I might well switch.
     
  18. Jose_Lisbon

    Jose_Lisbon Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    245
    Location:
    Portugal
    Considering it is a FW/HIPS it doesn't make sense not to be able to kill a process.
    I like this application (I've just found it out, been reading about it and I like it) but there are some fundamental flaws.

    Regards,
    Jose.
     
  19. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    @Bellgamin

    Thanks, good info to learn from. I have one question.

    The FTP rule you showed with the (L) is this linked to trusted publishers?

    The ones you are filtering that has no allow or deny what do you suggest (H) or (L) or both?

    I asked about the FW log and this was their response:

    Upon restart, yes, Privatefirewall purges the firewall log history. However, through Privatefirewall Advanced Reports (View -> Advanced Reports), you can review the activity recorded in previous sessions. All events listed are indeed blocked with the exception of Processes Detected which will display both blocked and allowed detected processes.

    Also, just a little FYI on compatible softwares with PF. I had Emsisoft Anti-Malware installed when I installed PF and they collided bad cuz of the hips. I forgot EAM had hips. You could disable the hips and it will work. I uninstalled it and put Kaspersky Antivirus 2011 on and it runs so much better and I didn't have to disble anything like I thought I would.



    @Jose Lisbon

    I agree. Maybe you can submit a ticket and ask for that. Their support is excellent. I have submitted two tickets in the last two days and I heard back in the matter of hours.
     
    Last edited: Dec 12, 2010
  20. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,334
    Location:
    Hawaii
    PFW will terminate a process when it first alerts you to that process.

    However, if you then Allow the process to run, and later change your mind, then you need to use other means to terminate that process. As far as my memory serves, that's also the case for other FWs. However, if someone has contrary information based on actual usage of an actual FW, I stand ready to be re-educated.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    If you tell a firewall to allow a process, & change your mind, then you can *ordinarily* use Windows Task Manager or Process Explorer to terminate it.

    HOWEVER, if that process turns out to be malware, then it will probably dig itself in very quickly, such that ordinary killer apps or task managers may not be able to kill it. Malware can be VERY resistant to termination. In such cases, you need to use Process Hacker (PH) to kill it. I keep PH installed for just that reason. Unlike any other application that I know of, PH has SEVERAL very powerful kill routines. You can use them one at a time, or ALL at once (Nuke 'em!).
     
  21. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    I believe Comodo's FW/Hips has something where you can delete the process but ....... at that point it's usually too late from the malware point of view. I think using this software with a good AV will prevent most infections.

    Ice
     
  22. ReverseGear

    ReverseGear Guest

    The only thing thats needed now is to change the ugly task bar icon
     
  23. Jose_Lisbon

    Jose_Lisbon Registered Member

    Joined:
    Feb 5, 2010
    Posts:
    245
    Location:
    Portugal
    Hi bellgamin.
    I think (I may be wrong) that if you block a malware from a Privatefirewall alert it will stay in Ram (as with Comodo and OA)
    The difference is that with Comodo and OA (I know both well) you can use the program ("active process list" in Comodo and "programs" in OA) to kill the application.

    If you click allow to a malware (with Comodo and OA, and I'm speaking from my own experience) even if you check "remember my answer" you still have further alerts, probably red colored because the further actions are very suspicious.
    Only if you click "trust this program" it will have full privileges.

    Regards,
    Jose.
     
  24. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,334
    Location:
    Hawaii
    Please be nice to Casey the Cop. In person he is actually quite handsome.
     
  25. ReverseGear

    ReverseGear Guest

    i still have to know him in person yet :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.