Recommended Firewall

Discussion in 'other firewalls' started by Xenophobe, May 27, 2007.

Thread Status:
Not open for further replies.
  1. Xenophobe

    Xenophobe Registered Member

    Joined:
    May 26, 2007
    Posts:
    174
    Hey everyone,

    I'm trying to get a new firewall right now...
    I have no firewall installed at the moment, but I was using Sygate Pro.

    I uninstalled it because support & updates are discontinued.
    [ Damned Symantec, Sygate was a perfect firewall! ]

    I have tried ZA Pro, didn't like it however.
    It had high memory use, failed leak-tests, isn't as good as it used to be.

    I also don't like Comodo for slowing down my computer & network,
    regardless of it's good protection.
    [ I am however looking forward to version 3. ]

    I'm looking for a firewall that; Is light-weight, closes all ports, has good protection, doesn't require "too much care" & advanced network knowledge.

    -- I'm willing to pay for the firewall, too.

    Thanks! Suggestions are appreciated.
     
  2. ink

    ink Registered Member

    Joined:
    May 20, 2006
    Posts:
    185
    I will not use ZA or OP, because I use HIPS, only need rule based packet filter, looknstop is ok.
     
  3. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    You could try Look´n´stop.
    It is truly lightweight, it is fairly simple to use even if you dont want to make complicated rules (which you can if you want to)
    I like the simplicity with it: You start a application, you get a question and you allow. You can make the rules from the log directly by right clicking if you find something is blocked that are not supposed to. Application control of course. .
     
  4. Xenophobe

    Xenophobe Registered Member

    Joined:
    May 26, 2007
    Posts:
    174
    Thanks for the replies.

    I'm trying Look 'n' Stop right now, and so far it seems to be a
    overall good firewall. :D

    Suggestions are still welcome.

    Edit: It failed the pcflank.com Leaktest. =/
     
    Last edited: May 27, 2007
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Go back to Sygate - it's the best Windows firewall ever made.
    Mrk
     
  6. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
  7. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    HI

    Wrong.

    LNS block PCFlank leak test.

    :rolleyes:
     
  8. tradetime

    tradetime Registered Member

    Joined:
    Oct 24, 2006
    Posts:
    1,000
    Location:
    UK
    I still use it on two of my computers works just fine, back it up with HIPS for an added security if you feel exposed.
    Could alternatively try Comodo, as I have on this PC, so far it seems to work ok, but I think Sygate is just as good.


    Sorry dude missed that bit, I haven't noticed this with mysystem (but that's irrelevant) so I'd say stick with Sygate.
     
  9. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Do you have a hardware Firewall ? If not then get one and you may find you have no need of a software FW
     
  10. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    How did you do when you failed? I just downloaded the test again to test it and as long as I dont allow the popup LnS gives it wont fail...o_O
     
  11. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi sukarof :)

    May be the leak test failed between the "K & C" ... :rolleyes:

    Many poeple expect too much from a firewall: a kind of big patch to fix the bad job done by the Billoos's BoyZ ...

    I don't want to argue with anybody about this especially with the auto-proclamed security experts about this issue...

    Many leak tests used Windows internals vulnerabilities which are not related to internet connections and packet filtering. A firewall is one layer of protection device and nothing more.

    For example:

    CopyCat used "process injection", Wall Beaker is a InterNUT Expl'horror :gack: launcher, PC Audit a DLL injector, DNS Tester used the DNS client service (which have to be disabled actually!), and so on...

    Where are the TCP-IP related tests here? Nowhere. This is a set of Microsoft Windows vulnerabilities testers. Period.

    This is a job for a HIPS ... and for the poeple of M$, not a firewall.

    For sure, there is all-in-one packages and they are prefered by many poeple.
    Like Swiss Knife. Personaly I'm an old "Unix" monkey: I prefer one toll specialised for one job... ;)


    Keep smile!

    :D
     
  12. Xenophobe

    Xenophobe Registered Member

    Joined:
    May 26, 2007
    Posts:
    174
    I think I will stay with either Look 'n' Stop or Sygate,
    both are the best firewalls I've tried so far.

    And no, I don't expect the firewall to past every test. I may not even have the correct settings on the firewall to pass the test, because I'm no advanced firewall user.
     
  13. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    This is only true IMO if the user has no concerns about outbound packets!:D
    I have that concern so I need a good no phone home mystery sites FW!:eek:

    Haven't found one yet.:'(

    I've tried ZA Pro with all locked up settings still trys to phone mother and has bugs in it as shown by Stem elsewhere.

    I've got Webroot but there is doubt on it's ownership and phoning

    I've tried PC Tools+ FW, but it has only macro level rules (BTW it is the same as Look'n stop

    I'm now switching interest to BD and Sidewinder.... it's like a crap game with loaded dice.
     
    Last edited: May 28, 2007
  14. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    You may want to try Outpost....
    You can have a very granulated control of the outbound but it works differently from ZA. So it may look complicated at the beginning.

    But there is an outpost forum where you can get help.

    Fax
     
  15. 12fw

    12fw Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    111
    Location:
    Canada
    Why not stick with the Sygate firewall? If using a router for inbound it should be still okay. I don't think too much has really changed in the last year or two.

    12fw
     
  16. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    FYI...

    Per last good version of zonelabs? and old versions of Zone Alarm and xp\2000

    A highly respected poster by the name of "B"...
    Mike
     
  17. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Dynamic security agent is a freebie thats pretty light and works well. It has a learning mode so isn't too hard to setup.
     
  18. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Mike:

    On these old versions I have 3 questions:

    1) Do they have the "phone home issues?
    2) Was ZA Pro 2.6.362 the last one prior to the Checkpoint takeover?
    3) Did it allow the home lan to be defined as internet?

    :D
     
  19. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    To be 100% honest, I read those post (they are not too long), and I think all your questions are answered in those posts, but not 100% sure.

    They are good reading, you also will have a better "feel" why the posters thinks this-and-that about old ZA.

    Per Checkpoint, "I think the last version of zonealarm before checkpoint took over were the 4.5 series." (quote from the DSLreports posts)

    Sorry to not know 100%,
    Mike
     
    Last edited: Jun 1, 2007
  20. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hello.

    Wasn't the previous (6.1) series also a product of ZoneLabs? I think so... CheckPoint is the vendor only of v7. Correct me please if I'm wrong. :)

    @ OP Xenephobe:

    Have you tried Jetico firewall? If not, give it a go for a while, a very transparent piece of software! It is not so notoriously difficult to set as some may think. v1 is free and v2 just came out of beta, and is very stable on my main rig. Well, my favorite anyway...;)

    Cheers.:thumb:
     
  21. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
  22. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi dear all :)

    How to choose the right firewall ? Big problem...

    In the Wilders Security Firewall Polls (2007) we have some interesting answers:
    https://www.wilderssecurity.com/showthread.php?t=160727

    21.38% choose Comodo
    14.48% choose Zone Alarm
    14.14% choose Look'n'Stop
    11.72% choose Outpost

    and so on...

    Did this mean that somebodies here are right and all the other wrong?

    I don't think so.

    For sure there are many features to look for and some interestings tests for incoming and outgoing packets. There's also a question of cost. And finally the last but not the least the personnal feeling when we have to use the software.

    It's true that all characteristics of the firewall "X" are important ... but did I like to work with it ?
    That's , may be, the most decisive question.

    Last remarks:

    1- To know if a firewall fit to our needs we have to use it for a certain amount of time (the "learning curve").
    I guess most of available firewall give a try to their products so it's possible to make some experiments...

    2- Trying firewall means uninstallation and installations...
    As you probably know, it's mandatory to completly remove a firewall before the installation of an other one.
    (The only exception is the Windows Firewall... you don't have to remove it.)
    That's an important source of problems, frustrations and headaches.

    May I recommend you to use an Installation monitor program for your experiments? This kind of software makes the uninstallation almost trouble free.

    I'm using Total Uninstall (version 2.35 Free) for years. The new version is a shareware but it's still possible to find the free version. (Works in many language including english for sure...)

    I have a link for this on a french speaking web site but it will be easy for all of you to download this usefull program.
    Here the download link:

    http://www.gratilog.net/xoops/modules/mydownloads/singlefile.php?cid=224&lid=381

    :)
     
    Last edited: May 30, 2007
  23. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    Use Sygate or Comodo. Don't ever pay for a firewall unless its a part of a security suite you must have. Sygate is still a perfect firewall. Besides it has a great log that most other firewalls don't have.
     
  24. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    First...a PC with more than 5 seconds on a public IP address...and I'd format it. No firewall, I'd assume and be confident that your PC is already infested.

    Second...I always put every PC I'm in charge of supporting behind a NAT router.

    Additional software firewalls optional...I prefer Comodo.
     
  25. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Here arethe top nine "green" firewalls... thanks to formhttp://www.matousec.com/projects/win...ewalls-ratings

    Comodo Firewall Pro 2.4.18.184FREE

    9475 Excellent
    Jetico Personal Firewall 2.0.0.28 beta

    9375 Excellent
    ZoneAlarm Pro 7.0.337.000

    8600 Very good
    Lavasoft Personal Firewall 2.0.1019.7604 (700)

    8500 Very good
    Kaspersky Internet Security 7.0.0.119

    8375 Very good
    SSM System Safety Monitor 2.4.0.617 beta

    7975 Very good
    Jetico Personal Firewall 1.0.1.61 FREE

    7750 Very good
    Privatefirewall 5.0.8.11

    7625 Very good
    Ghost Security Suite [BETA] 1.110

    7500 Very good

    I am about to uninstall ZA PRO for the really really last time, and need a second fill in FW until Stem and I work out the "best" one for me.

    (1) No hidden call homes to mother ship on the FW software itself
    (2) Ability to detect other software like (BD) doing it as well and then allow me to block that ip or range of ip's and the site itself
    (3) Doesn't force or try to force me to set the router/Lan to trusted as ZA did
    (4) Control of applications as to which have access to internet and those that don't.
    (5) Doesn't force me to create expert rules at first try!
    (6) Responsive user support and user forum
    (7) Updates to product as required

    I'm open to critique and ideas please.
     
Loading...
Thread Status:
Not open for further replies.