Searching for simple firewall

Discussion in 'other firewalls' started by RejZoR, Jun 13, 2005.

Thread Status:
Not open for further replies.
  1. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    Well i no longer searching, but i still want one :D As i said i try out out all of the firewall in softpedia and that account up to 50 different software. So afterall i gaveup.But some interestering soloution here. I will take a look a Netvida and Custom LnS when i have time.........
    ( Currently i am messing through the ultimate safty zone, Fedora 4 :D )

    May be LnS could publish a free version of firewall without IP filter :p
     
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    LnS starts out at 2-3mb but then climbs to 15mb and higher in a matter of a day or two. It has a memory leak.
     
  3. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,448
    Location:
    Sky over the Wilders Forest
    Same for me with NetVida :'( Which is why I stopped using it.
     
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,537
    And the CPU usage?
     
  5. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,448
    Location:
    Sky over the Wilders Forest
    I do not recall, but it must not have been very bad or I would remember. :doubt:

    But if I recall Mem. was near 30 meg. No clue as to why?
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    Most firewalls seem to be ok on cpu usage. The only one that I know of which is a little higher than the rest is Sygate..
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I was actually thinking of buying LnS till I saw that.. Couldn't live with the leak. So I stopped using it also.
     
  8. Arup

    Arup Guest

    Tried NetVeda on three machines, two with high speed broadband and never did the memory consumption go over 8mb, this with massive three day long download marathon.
     
    Last edited by a moderator: Jun 14, 2005
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    It never ceases to amaze me how one person can have no problems with something and another has nothing but problems. Even with the same OS installed. I am always surprised by people's various experiences... :)
     
  10. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,448
    Location:
    Sky over the Wilders Forest
    My case was unusual based on others experience and at some point I may try it again. But not right now.

    Got to fly. ;)
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I don't think I've ever seen LnS above 6mb, even after several days.
     
  12. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    It definitely creeps up pretty high here. In 1.5 days it went from 3mb to 15mb. Could be something OS specific.. I'm running Win2k. No idea though.
     
  13. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    [offtopic]
    Just because Kerodo has taken the attitude at posting in every single thread that even touches LnS and claiming (without proper proof) that LnS has a memory leak, I must also post the following disclaimer:

    1) Nobody has given conclusive proof that there is a memory leak in LnS

    2) When asked for such a proof, these people just turn silent

    3) I'm running LnS with a huge number of concurrent connections (over 1000) and a very big ruleset, with no sign of a memory leak.

    4) Developer of LnS has looked into the thread, where the so called "leak" was discussed and apparently seen no proof of leak either.

    No, this does not mean that LnS is perfect (it's not, it has other issues) and that it could not have a memory leak.

    However, I've yet to see a single person really prove that it has a memory leak.

    Or even provide proper information that would point to a strong likelihood of a memory leak.

    They just mouth off, without even understanding the definition of a memory leak, I'm very sorry to say.
    [/offtopic]

    As for the original poster: LnS is complicated (IMHO), so I wouldn't suggest it as a simple firewall.

    I think that even NetVeda is simpler, after the very initial configuration. It's mostly pop-ups that ask you for permissions and give explanations after that.

    Not quite as easy as Kerio 2.15 (imho), but easier than LnS/Outpost/Jetico/CHX-I/lots of others.

    ZoneAlarm, while not a favourite of many (and with it's own problems), is also (IMHO) relatively easy to use, compared to the competition.

    best regards,
    halcyon
     
  14. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    For the described task, simply uncheck the Internet filtering enabled option and it's a pure application filter. That seems simple enough to me and gets one to the simple firewall state

    I did a quick test of NetVeda. I might look a little closer down the road, but I did notice a couple of issues on my system. It seemed that some applications weren't persistent once authorized - I ended up needing to authorize again, and again... I does pack a lot of options into a small package, but I'm not sure if it's what I'm looking for.

    At least for my own needs, being able to check a box to completely disable packet filtering, check another box to enable application filtering, and then answering dialog boxes as they appear to render application based filtering seems straightforward enough and about as easy a route to the desired target as possible.

    Blue
     
  15. Arup

    Arup Guest

    ZA Plus4.5 is an excellent program to be used in conjunctin with CHX, the best part about ZA in general is that it lets you switch off the packet filter as Blue mentioned above, also the version 4.5 plus only consumes 8mb so it makes a great firewall too.
     
  16. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    How can you disable Packet filtering in ZA 4.5 ? Hopefully ZA5 too?
     
  17. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    My apologies if this is off-topic, but with ZA+CHX-I combo, the ZA is really acting as a binary "allow network access"/"don't allow networks access" app specific switch, isn't it?

    After the ZA gives the rights for an app to access net, it is down to the packet filter to filter what kind of access can be made from the system (non-app specific filtering)

    So, no true _application specific_ filtering (App X can access ip xx.xxx.xxx.xx at port YY) can be achieved this way, right?

    Please correct me if I'm wrong.

    I know the poster wasn't looking for this, I'm just checking :)

    This is not an argument, no need to start a fight. It's just an innocent question :)
     
  18. Arup

    Arup Guest


    Simple, just set the slider for firewall to min and packet filtering is turned off.

    It then just asks for outbound net access rights for programs trying to do so, you can also create app specific rules but in ZA, it is a real pain, if all you are looking for is app filtering, consider the older ZA Plus version 4 as it only runs with 8mb memory instead of the latest ZA version 5 where both the free and pro version go over 17mb.
     
  19. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    Wow... Looks like I hit a nerve there Halcyon.. ;)

    All I can tell you is what I saw here and what I have repeated several times. I saw LnS memory usage grow slowly but surely from 3mb starting to over 15. This on repeated occasions. What would YOU call it? Normal behavior?

    There is definitely a memory leak or memory problem with LnS here on my machine, and others have noticed the same problem judging by the thread in the LnS forum.

    As far as "proving it", what more proof do you need? Some people have stated several times that they have memory consumption problems with LnS. I think that's "proof" enough, don't you?

    All I can tell you, or anyone, is that if it works fine without this problem on your machine, then by all means, use it. Buy it if you like. I am merely stating MY experience, and I will probably continue to state it as often and when and where I want. Like it or not..

    LnS has a memory leak on my Win2k system. Therefore, I don't use it and I won't buy it.

    I think that pretty much sums it up..
     
  20. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    If you use ZA Pro then yes, you can do rules for specific apps and set up access to specific IP addresses and/or ports. With ZA free, this is not possible though.

    CHX and ZA make a nice combo with CHX doing all the internet filtering and ZA used for just app control.

    Using ZA Pro in this fashion gives you access to rules, even though rules in ZA are known to be a little difficult and not very user friendly.
     
  21. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    Nah, you didn't hit a nerve. Maybe I just have different definition for memory leak, but let's leave it at that. I sympathise with the issue on your machine (I have other issues with LnS myself, but no leaks that I've noticed).

    Anyway, back to CHX-I + ZAP.

    I was under the experession that if I use ZAP + CHX-I (with packet filter of ZAP turned off), then the ZAP will be just a binary type allow/don't allow network access (for each app).

    That is, not being able to make application specific rules that apply to that application only?

    I mean, I thought it was the packet filter that actually filters the traffic...

    best regards,
    halcyon
     
    Last edited: Jun 16, 2005
  22. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I thought about that some more, and to be honest, I can't be absolutely sure the rules would work without internet filtering unless I actually tried it. So you may be right. I will have to give it a try next time I use ZAP with CHX. I could be wrong...
     
  23. Arup

    Arup Guest

    halcyon,

    Why not give Jammer a try, lower mem consumption than ZA and lets CHX do its packet filtering.
     
  24. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    On a lark, I gave Jammer a try, it simply locked Internet access on my XP Pro SP2 system with no way to seemingly recover it. Since it is explicitly not supported under XP and seemingly not possible to purchase anymore (at least that option isn't on the website now), I simply pulled it off the machine at that point - yielding a BSOD, but no residual issues. Looked like it could have been a reasonable fit.

    So far, for me at least, LnS seems the best option. Still weighing options though.

    Blue
     
  25. Arup

    Arup Guest

    I guess Jammer and XP are incompatible, too bad, it was the perfect combo to CHX and the total mem payload remains lower than 6mb matching that of Kerio 2.15 but with far more protection.

    Runs fine on my Win2K Pro machines.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.