Searching for simple firewall

Discussion in 'other firewalls' started by RejZoR, Jun 13, 2005.

Thread Status:
Not open for further replies.
  1. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I'm looking for a very simple type of firewall. And i don't mean simple in terms of usage, but in terms of traffic filtering. All firewalls that i have tried have packet filters that start using large quantities of memory or CPU power (especially with P2P apps like eMule).

    I'm looking for firewall that doesn't do that. It should only have option to block or enable some program to connect to internet.
    So if i see some known program i accept it and program should coonect to net like there is no firewall at all. If i get some weird program i block it and it is completely blocked from accessing net. It's mora a program control than a firewall,but thats what i'm looking for.
    Is there anything like this?
     
  2. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Perhaps LookNstop with the packet filter module disabled will do what you want. There have been a couple of threads on this. For the packet filter part go with a router with a few of the bad ports (135, 137-139, 445, 500) blocked.
     
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No,i don't have router and port idea is no go for me. I just want to have application level control. Not port or packet based control.
     
  4. Finni

    Finni Guest

  5. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Try the Kerio 4.2 beta (or Kerio 4.1.3), is relatively simple and by the time u will learn too many things.
     
  6. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No,no and no. I know all packet filtering firewalls. I need one that only has control over programs. I don't care what programs transmit,i just want to have some control over programs. I'll leave inbound protection tio Windows Firewall which is just fine.
     
  7. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    With Kerio 4.2 you can simply uncheck the Network Security module (packet filtering and internet rules) and use only the application blocking, which is quite good and easy to configure. It will just control whether programs are allowed to execute and launch other applications, doesn't care whether they access the internet or not.
     
  8. Dave-54321

    Dave-54321 Guest

    Why would any company take the time to program such a firewall in which would not sell nor become widely used?

    I honestly think that you are wasting your time looking for something that does not exist. And if it does exist, you've got to really sit back and think about whether it would be worthwhile or not. I personally don't think you need it. Just buy yourself a cheap NAT router with SPI and you will wonder why you never purchased one long, long ago.

    Cheers!
     
  9. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Read again what sded wrote.
     
  10. Grumble

    Grumble Registered Member

    Joined:
    Apr 25, 2004
    Posts:
    185
    Location:
    the sunshine state
  11. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Then use LnS for app control only with the packet filter disabled and keep your Windows ICF.

    So far as I know, there is no outbound application control utility that does not come bundled as part of a firewall with a packet filter. Only there are a few firewalls where the packet filter can be turned off while the app contol continues to function.


    When you get done with it, you will probably get better performance out of using a single firewall product than trying to put half of another firewall behind the Windows ICF.

    No no, no, stop lighting those matches under my toenails.
     
  12. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Yeah,something like b-wall. Unfortunatelly b-wall doesn't seem to be working on my PC o_O
     
  13. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    Hi RejZor.

    i have came to this situation 1 - 2 years ago. And until the answer is still the same. There is none. I know EXACTLY understand what you are looking for. If you search for my started thread in this section you see. i have .... virtually test out ALL avalible firewall in softpedia, and none does what i need; what we need

    A Simple Application Internet access control.

    Old version of Zonealarm Free was the closest thing to it. But it is still too resources heavy. Some people may start recommanding process guard and the like for a similar ( in a sense ) protection. But i am sure that is not what you are looking for. ( Why do i sounds more and more like Morpheus in Matrix 1 :p )
    Another close one is Jetico, not in terms of function but in terms of resources.
    A-wall is another close one. But since i personally HATE ugly interface. I will never use it. You may want to give it a try. ( It is part of X-wall )

    Actually i "think" there WAS something that suit my need, it is Jammer, from Agnitum; the maker of the best and popular firewall Outpost. Jammer was the father of Outpost and so old that it doesn't work on Windows XP and it is no longer supported ( i think ) :S. But from what i heard; saw and read it seems to be perfect soloution.

    of coz if you have find any other interesting soloution let us know.
     
  14. Sounds like "Armor2Net" www.armor2net.com (repackaged as ArmorWall).
    Not a really great product, but apparently what you need. USD 29. Donno whether the company is still alive or not.
    No updates in a loooong time.
    Happy Hunting.

    The Usual Suspect

    thanks for all your Avast! help 'round these parts, and around your awesome sites :)
     
  15. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    BlackIce o_O
     
  16. trevor12

    trevor12 Registered Member

    Joined:
    Dec 29, 2003
    Posts:
    15
    Location:
    Czech republic, Prague
  17. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    RejZoR,

    did you tried NetVeda?

    It's free, the best on resources that I know, easy to use and gives you very good protection... ;)

    Cya
     
  18. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I'm trying this configuration right now. I'm looking for the same thing as RejZor - so the total market size is at least two, three if iwod is still on the hunt. I've really run into one issue so far - occasionally things come together so the authorization dialog box doesn't appear and the system hands waiting for input I can't give - it happened on one of my son's games for example when he tried to go online to look for a game server. The solution is simple - just a manual add of that application and problem solved.

    My mind is not made up yet, but LnS does look like a fine offering, and is a very viable option for my specific needs. I'll probably check out some of the other options mentioned.

    Blue
     
  19. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Count me in too Blue...(that's four). I have a NAT Router; am at the same place as RejZor and iwod too. Just App. out control that's it. Nearly 0 resource useage :rolleyes: yea right. :D

    Hey Trevor12, that looks interesting, but does not fit the "simple" part I'm a thinking. ;)

    If you ever locate one, :D pop a signal flare up into the Wilders sky and I'll fly in for a good look. :D
     
  20. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    mercurie,

    Sounds like the beginning of a movement.....

    I fear what I really want may not be quite available, so I'll take programs which have application and packet filter components which can be separately enabled or disabled - LnS being one example of this. Guess I'll take a peek at NetVeda when I return from traveling.

    Blue
     
  21. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Does free LnS offer such program control and packet scan disabling?
    I'm kinda not into buying a software right now...
     
  22. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    The free LnS (LnS Lite) does not have program/application filtering, just the Internet (packet) filter.

    Regards,

    CrazyM
     
  23. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    About the only program I know of that will give you outbound app control alone is Jammer:

    http://www.agnitum.com/products/jammer/

    But unfortunately, it's not free. I don't think it's supported anymore, and I'm not even sure if you can buy it still.

    You can also use ZoneAlarm and disable the internet filtering and just use it for app control.
     
  24. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Even though you're not into buying right now, I have to go with LnS as well. I've been using it for a while and love it. Take a look at the screenshot, seems to be just what you're looking for. I use the packet filtering, though, becuase I actually want to filter the traffic, not just have a binary system of yes/no that allows anything within a requested connection. Although alerts aren't as often as without a router, they do still occur. I started out wanting ONLY app control as well, but after seeing what can be done w/ the rules I realized the value in it. x-Wall was actually what showed me that. (no, I don't want my email connecting to porn.net, and I only want program x to connect on these ports, etc.)

    BTW, my LnS is taking up a total of under 3mb right now, and it's the only one I know of that works flawlessly with eMule (no resource hogging) :)
     

    Attached Files:

    • lns.jpg
      lns.jpg
      File size:
      12.7 KB
      Views:
      570
  25. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Notok,

    Yes, my desire is definitely one of "at this time" based on what I do and my perception of the issues and it could change if the basic landscape changed. Therefore, having the packet filtering functionality available is not necessarily a bad thing as a hedge against the future unknowns.

    Blue
     
Loading...
Thread Status:
Not open for further replies.