Recommend me a free, pure and light firewall

Discussion in 'other firewalls' started by ICuba, Jun 2, 2009.

Thread Status:
Not open for further replies.
  1. ICuba

    ICuba Registered Member

    Joined:
    Mar 22, 2009
    Posts:
    21
    Recommend me a free, pure (without HIPS), light firewall with inbound/outbound control, please.
     
  2. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe

    The main feature in a firewalll is his security, not his lightness. You should choose a power firewall like Comodo or Online Armor and disable the HIPS. So you'll have lightness and protection.
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Windows Vista & Win7 inbuilt firewall
     
  4. Capsize

    Capsize Registered Member

    Joined:
    May 25, 2009
    Posts:
    10
    Windows firewall, Kerio 2.1.5, Sygate.
     
  5. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    True but for all i know there are not any tests regarding inbound protection.Stem has made some useful threads involving arp spoofing i belive ,but of course there must be more ways to attack a computer,and he's a single man you need something like Matousek with resources ,but for Inbound and not leaks.
    To my knowledge there are not tests like this,for all i know windows built in Firewall could do a better job then the ones you mentioned.
    I understand that what i wrote may sound silly but i would like very much to see such tests and be contradicted.
    A router takes care of inbound but many peolple don't have one.
     
  6. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,565
    Comodo (with 'firewall only' option)
    Outpost 6.5 free (you will have to manually rename in safe mode the driver 'sandbox.sys' to something else for example 'sandbox.sys.bak'; you will find it under the directory 'c:\windows\system32\drivers\' )

    Panagiotis
     
  7. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I agree. The 'lightness' of a firewall need not detract from it's strength as a firewall. Indeed, as you say, how do you test for explicitly the effectiveness of an inbound firewall? Using industrial strength firewalls may provide more 'bells and whistles', but are they any better at the core, which is restrict inbound solicits? Outbound, that is another matter. The classic firewall would only say block outbound port to x address. The industrial strenght firewalls are IMO more about application control than just being a firewall. Which leads the them not having the feeling of 'lightness', but not to say more secure.

    Sul.

    Edit: Kerio is pretty lite. Softperfect is lite. Old sygate is lite. Old outpost is lite. DSA is lite. Threatfire 'might' be considered lite if it were only a firewall.
     
  8. zen_usuario

    zen_usuario Registered Member

    Joined:
    Dec 7, 2008
    Posts:
    153
    Another One, free, without HIPS and light is Rising Firewall 2009Free Edition(RFWFREE09)
     
    Last edited: Jun 3, 2009
  9. bollity

    bollity Registered Member

    Joined:
    May 9, 2009
    Posts:
    179
    pc tools firewall , but disable enhanced security verification.
     
  10. trismegistos

    trismegistos Registered Member

    Joined:
    Jan 29, 2009
    Posts:
    365
    You can try the freeware Look n stop lite firewall. But don't know if it has the same SPI(statefull packet inspection) engine as the paidware, which btw also has application filtering.

    You can go to the looknstop forum for the firewall rulesets how to's. Using the enhanced ruleset will give you perfect stealth at grc's. Haven't yet tried the look n stop lite, though. I have only tried the 30 day free trial of the paidware. And it is extremely light. After the 30 day free trial, application filtering is disabled and you'll have the internet packet filtering still functional(don't know if this is still true today).

    To know more about SPI>> http://forums.cnet.com/5208-6121_102-0.html?messageID=2369588#2369588

    direct download link for looknstoplite: http://www.soft4ever.com/LooknStop/En/LooknStop_Lite_Setup_104.exe

    look n stop free trial: http://www.looknstop.com/En/download.htm
     
    Last edited: Jun 3, 2009
  11. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    ghostwall http://www.ghostsecurity.com/ghostwall/ there is no rising firewall free not exists......
     
  12. zen_usuario

    zen_usuario Registered Member

    Joined:
    Dec 7, 2008
    Posts:
    153
  13. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I also recommend Kerio 2.1.5 or Sygate Personal Firewall.
     
  14. tipo

    tipo Registered Member

    Joined:
    Dec 29, 2008
    Posts:
    408
    Location:
    romania
    zonealarm firewall free
     
  15. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The problem with the type of tests you're looking for lies in one simple fact. The test results are completely dependent on the rules the firewall is enforcing. More often than not, it's the ruleset that's being tested. Most rule based firewalls will allow or block exactly what you tell them to. In general, the default rules that they start with are quite loose and need to be matched to your setup and needs. Every firewall has its own design and its own methods of rule creation and enforcement. With many rule based firewalls, the order the rules are in will greatlly influence what it allows or blocks. What ends up being tested is how well the user understands internet protocol, the firewall they're using and their ability to configure it. That makes standardized testing very difficult to set up.

    Testing aside, the single most important criteria in choosing a firewall is its compatibility with your level of knowledge and skill. Most all of the firewalls that are considered to be lightweight require that the user understands what they're doing. They're light partly because they don't come with automatic rule creation components. Without a basic knowledge of internet protocol and the needs of the software that's asking for internet access, you won't be able to write effective firewall rules. It's a compromise, and the price for lightness is usually paid for with user skill.

    Kerio 2.1.5 is a light, effective firewall in the hands of a user who can write firewall rules. Very well designed interface. It works on XP and older systems.
     
  16. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    Yes good points you've raised becouse when it comes to firewalls it's hard to say what should be the standard configuration.Maybe we should ask hackers :D
    Still some test for basic attacks that most firewalls claim and have rulesets to protect from but you have to take the vendors word that indeed they do will be great.
     
  17. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    A standard configuration is not possible. There's too many variables that can't be accounted for with a default setup.
    Examples:
    DNS rules should specify the IP addresses of your DNS servers, allowing DNS traffic to and from those IPs only. This would defeat malware that alters your DNS settings to point to a compromised server. There's no way a vendor can specify an IP address, but if they don't allow DNS traffic by default, they'll get buried in complaints about their firewall killing users internet service.

    ICMP ping. Some ISPs use ping to see which customers are connected. If your system doesn't respond, they assume it's not using the IP and make it available to other customers. If the vendor blocks that ping, the customer has connectivity problems. If they allow it, they get complaints that their firewall is weak because it doesn't pass a stealth test.

    Services are another example. SVCHOST is involved in everything from DNS service and Windows Update to printer sharing, time service and remote access. It's also one of the most often exploited processes on a PC. Block it from connecting out and you break all those services. What traffic should be allowed by default, to or from where, and on which ports? Any default setting is a compromise. The best a vendor can do is block certain ports that are commonly used as attack vectors and hope the user will read the help file if they need them enabled.

    Unless the attack comes from within, hackers rarely defeat the firewall itself. The vast majority of the time, they find weaknesses in its configuration that allows them in. Any firewalls default configuration is full of those weaknesses. The only way to eliminate them is to match that firewalls configuration to the needs of your system as closely as possible, then block all the rest of the traffic. Unfortunately, most users don't know how to do that and aren't going to invest the time it takes to learn how. This emphasis on leaktests, built in HIPS, etc convinces users that they're safe and leads to their neglecting the core of the firewall, its traffic controlling rules.
     
  18. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    +1 :thumb:
     
  19. ICuba

    ICuba Registered Member

    Joined:
    Mar 22, 2009
    Posts:
    21
    Thanks guys for interesting answers and sorry for the lack of my answer about that, but I was recently very busy ;).
    I have one question about Softperfect to Sul. Softperfect doesn't have an application traffic control if i know well? So i think i also should using the classic built in firewall on Windows XP, shouldn't I? I would like to say that I also used LUA+SRP.

    I also thinking about Jetico v1 with disable HIPS protection or Rising Firewall, hmmm...
     
    Last edited: Jun 9, 2009
  20. SamSpade

    SamSpade Registered Member

    Joined:
    Oct 22, 2006
    Posts:
    415
    I used Jetico 1 for over a year until I decided I wanted more sophisticated HIPS in addition to the "pure firewall" only. (Jetico does have some limited HIPS like features which got me started in that direction originally.)

    Jetico 1 is a good firewall, but does require a bit of setting up.


    |||
     
  21. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    The main question is "what do you need a firewall for ?"
     
  22. nomarjr3

    nomarjr3 Registered Member

    Joined:
    Jul 31, 2007
    Posts:
    502
    ^
    For data theft protection.


    For XP, use ZoneAlarm Free or Rising Firewall 2009 Free.
    For Vista/7, use Vista Firewall Control.
     
    Last edited: Jun 17, 2009
  23. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hello,

    Sorry I missed this post for so long.


    I may be only a single user with no web site, but please believe, my tests/results are not based on simple tests or what is expected. I do go deep in what I check/test, however, I do not explain everything, simply as it may confuse.

    Specific tests can be put forward, I have many, but on its availability on forum is another subject.

    - Stem
     
Loading...
Thread Status:
Not open for further replies.