SoftPerfect Personal Firewall

Discussion in 'other firewalls' started by Dave-54321, May 18, 2005.

Thread Status:
Not open for further replies.
  1. Dave-54321

    Dave-54321 Guest

    I just stumbled upon a firewall in which I had not yet heard of before. It looks like a simple rule-based firewall and is probably low on resources considering it doesn't look all fancy and stuff. I don't really want to try a new firewall that I haven't even heard of before, so I thought I'd post on here and see if anybody has tried it before and if there were any specific comments on it.

    SoftPerfect Personal Firewall
    http://www.softperfect.com/products/firewall/

    screen shots removed since they all are available on the link provided
     
    Last edited by a moderator: May 18, 2005
  2. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    Dave if you type in Softperfect personal firewall in "search" you will find quite a few links
     
  3. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    I tried it but didn't like it. Back to Kerio 2.15.
     
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Dave - If I remember right, it doesn't have app control. So if you're going to use a firewall without app control, there are better choices, such as CHX-I or 8Signs to name 2.
     
  5. Arup

    Arup Guest

    The only thing Soft Perfect has over CHX and others is a good GUI interface for rule making, something CHX and others can well do to incorporate in the future.
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I think the CHX-I interface is excellent.. you won't find me complaining about it that's for sure... ;)
     
  7. Arup

    Arup Guest

    With its basic interface, SoftPerfect will let a novice write rules for it, CHX is definitely not for novices.
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Ok, I see what you mean. CHX-I is in fact not easy for beginners, true. But for those who are familiar with rules, I do like the CHX-I interface as well as any other, including Kerio 2's.
     
  9. Arup

    Arup Guest

    No doubt, CHX rules once you got the rule making figured out, no other packet filter comes close, also it is good for those running ICS, you can get total stealth using Kerio 2.15 or ZA free by running CHX along with it.
     
  10. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    A couple of days ago I went to GRC with only CHX-I installed. I "failed" the tests , of course (no stealth), but all ports were closed. I installed Visnetic along side CHX-I, my base "firewall" (yeah, I know, redundant), and passed with total stealth. Needless to say I'm highly impressed with both of these programs. Recently I've been running Kerio 2.15 with CHX-I. So far a nice combo.

    Have a good one. :)
     
  11. Arup

    Arup Guest

  12. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Arup,
    I installed the BIND_PE_Filters, disabled Kerio 2.15, went to GRC...ran test, and got stealth except for ports 1024 and on. I went into CHX-I rules and disabled default rule "**Allow TCP > 1023 delete if using the proper TCP set". I went back to GRC...ran test and got True Stealth on all tests. Also passed tests at PC Flanks and Sygate. I'm impressed. BTW, I'm not running Treewalk. Thanks for the info. :) . Do you run anything else besides CHX-I for security? Also, I'm on dialup.
     
  13. Arup

    Arup Guest

    Hi Trespasser,

    Since I use Treewalk, I use the latest TW ICS filters from the same site with ZA free, BIND PE is older, somehow my all time favorite Kerio 2.15 BSODs with TW so was forced to look for others, best part is that ZA free doesnt support ICS in stealthed mode, only blocked mode so CHX fills in that void real nice with no problems. Make sure to check SPI in WAN properties for TCP, UDP and ICMP.

    I like to keep my system lean and light so even though I have tried out other security solutions, I have settled for this combo which works out good. If you are in dial up, I suggest you give Treewalk a try, you would be impressed at the speed at which your web pages would open.
     
  14. clansman77

    clansman77 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    234
    Location:
    kochi,kerala,india
    hi arup, just tried treewalk and i am impressed ..the pages loads noticebly faster..thanks for that suggestion.
     
  15. Arup

    Arup Guest

    Clansmann,

    Glad you liked it, credit here goes entirely to Kerodo who introduced it to me, I also suggest you install the root plug-ins from either ORSC, ORSN or ICANN, you can only install one package at a time, not all of them.

    Also if you like Treewalk, check out Secure IT and Harden IT from www.yasc.net

    I thoroughly recommend it.
     
  16. clansman77

    clansman77 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    234
    Location:
    kochi,kerala,india
    arup,will try that later.right now i am lil busy..thanks again and i am quite sure both of them will be good..
     
  17. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I have the DNS service disabled because of the HOSTS file.
    The TreeWalk will work fine with the HOSTS?
     
  18. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    CHX is definitely da bomb. However, it is conceptually different from most other rule based firewalls. For example, in its out of the box state, it does nothing. Allow means allow this and deny everything else, unless there is another allow rule for the same protocol. rules are generally for inbound connections only. Rules are orderedc by priority level, not top to bottom like most other firewalls. It takes some getting used to.

    I have noticed in most cases server ports are not stealth. However, they are closed if no application is listening. This probably reflects the philosophy that CHX would be used on a machine that was a dedicated server, if server functions were required. If you are running a server (including P2P applications), stealth does not matter that much as everyone knows where you are anyway.
     
  19. Arup

    Arup Guest

    Along with servers, most ICS machines with firewalls implement only blocked ports, not stealthed, with CHX, I get total stealth.

    VaMPiRiC_CRoW,

    Treewalk is a DNS server, that is it makes your PC into a DNS server bypassing your ISP's slow and sometimes overload DNS servers, it uses your loopback as DNS and diverts all browser DNS requests to Treewalk.
     
  20. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Treewalk is a great program and recommended for anyone to try it and see if it speeds up your browsing experience. Makes a great difference here, even with cable. Great little program, uses 6mb ram, and it's free...

    http://ntcanuck.com/
     
  21. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Can Treewalk handle large hosts files tho? Do you need to have the DNS Client on your pc enabled?
     
  22. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    No idea about that.. I don't think Treewalk has anything to do with the HOSTS file. Treewalk disables the DNS Client service when you install it and does it's own caching, etc...
     
  23. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Thanks ;)
     
  24. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825

    Kerodo - Thanks for the heads up. I was concerned that the DNS service had to be enabled. And if that were the case, surfing would be a bit slow as I have a rather large HOSTS file that I use.

    So you guys really notice that much of an improvement with Treewalk huh?
     
  25. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I have noticed a great improvement on some sites.. It varies. But I no longer get any pauses or delays while it does DNS lookups like I used to get on some sites. And I have cable too. Others report that it helps dial-up a lot also. It's definitely worth a try. It installs easily (you don't have to adjust or tweak anything at all). Just install it and use it, making sure Named.Exe is allowed server rights in your firewall. I'd suggest trying it and if you don't see any improvement then just remove it. It restores things back to what they were prior to installation, so it's a clean uninstall. No problems. If it does help you then you have everything to gain.. :)
     
Loading...
Thread Status:
Not open for further replies.