Standalone Application-Based Firewall (Leaktest-Minded) suggestions?

Hi!

This is my first post on these forums, so please disregard my post if it offends your sensibilities

I've been using 8signs (and its predecessors) for quite some time now, and I've grown quite attached to it. I'm comfortable with rule-generations based on the services that I deem neccessary, and I'm content with its native packet filtering.

I'm considering purchasing an application-based firewall that will work in tandem with my functional packet-based firewall. Passing leaktests (with next to no service shutdowns) is high up on my agenda list of things to do before hitting a dorm-type network this coming fall.

I'm no stranger to all things tinker/break/repair, so I'm open to any/all suggestions. Firewalls that offer both application/intrusion management (so long as the intrusion management can be disabled) will be considered as well.

I sincerely hope that this is the right place to ask this type of question.

Thanks in advance,
Sentio

 

I am not famaliar with 8signs but it is my understanding that it is not a good idea to run two firewalls at the same time. Not being familiar with 8signs this might not apply but I can't think of anytime two firewalls work well togather unless one of them is a hardware firewall. I am sure one of the firewall experts will reply to your post pretty soon.


bigc

 

Try using it with Blackice Pc Protection and it will run nice together. I've tried them together with no problem at all which Blackice will control your application access to the internet. And its fast too.

 

Well, so far, I've tested a few firewalls, and I must say that Look'n'stop would fit the bill perfectly. Its evaluation versions uninstall seems to leave a few keys behind though. (I can't reinstall after uninstalling, and the regpatch leaves an "Error 12" or an "Error 23".)

I usually test evaluation software for its stability during heavy diskwrites/cpu activity, support, and uninstallation accuracy.

If anybody knows the keys modified during the install (including Legacy driver reg settings) let me know.

 

Hi,

there is a lot of sandboxe or "application based" you could try.

First of all, I would recommand Process Guard which ask you for every executable trying to run, and once running, protect your processes from being attacked (modified, shutdowned, paused, injected, etc...).

Then, you might want to try System Safety Monitor which is free, but is running in user land and not in kernel mode like Process Guard, and so can be attacked. But it's a free alternative.

There is too Abtrusion Protector which run in kernel mode, and is free, but his way to work create a lot of system overhead, because it adds in a database ALL your executables/DLL/components which ask more CPU.
It uses SHA-1 to identify executable and not MD5 like the others.

Then, if you want a "firewall" + "application based" security suite, that is to say not with your current firewall (you would have to uninstall you current one in order to test the following) you might want to give a try to Black ICE, Tiny firewall, or BitGuard.

BitGuard is an excellent sandboxe + a good firewall, it has very nice graphics and statistics about the network.
Tiny offers a full sandboxe, enable you to manage files access, registry access, network access, etc...


My personal choice with your current firewall, if you have bought it and won't uninstall it, would be Process Guard, but it's up to you

regards,

gkweb.

EDIT : about your problem with Look'n'Stop, you can contact them at lnssupport@soft4ever.com

 

Hehe, I'm familiar with these two apps, and despite their cost differences, they perform superbly. I have been a proud owner of both apps for a long time now.

See, the thing is that I've already purchased the annual licence for my current firewall, and so it would be a waste to just ditch it in favor of a different suite. I can understand where you're going with the "test the following" though. My testing will be done accordingly, with sandboxes in place and no other interfering firewall.

I bought both, and there is no chance in hell I'll be uninstalling Process Guard any time soon. That program is too damn beautiful

Look'n'Stop _seems_ to be acting properly now. The patch still won't install - still spewing "error12" + "error23" messages, but nothing seems to be hazardous. I've disabled the internet filter (because of my other packet-filter firewall,) but I've turned on many of the advanced features that will help track down trojan like activity.