Webroot (spysweeper) firewall now free

Bellgamin

I was composing my previous post, before seeing yours-obviously mental telepathy!

I agree completely with what you say,all very logical and obviously the components are all there, just waiting to be enabled

If the settings ,as outlined in my previous post are enabled, you would assume the dreaded DSA would then be activated.

The only setting then missing is Registry Monitor-there are only three Advanced settings.

All this was queried with Webroot service,but as yet no response.

Interested in what your thoughts are.

 

Right-oh Hairy!

I used DSA for a long time. There never was a *visible* registry monitor module in it. The only 4 modules were 1- System Anomaly, 2- Email Anomaly, 3- Process Protection, & 4- Application Protection.

1, 2, & 3 have learning modes, & can optionally be turned on or off. Module 4 has no learning mode; neither can it be turned off.

I really really liked DSA. I ceased to use it because I am behind a router (incoming protection) PLUS System Safety Monitor (outgoing protection via its Network module).

 

Does WRF has SPI?

Thanks

 

Interesting-that explains the mystery of the Registry Monitor!

I'm also behind a router,with NAT(not firewall) enabled.

I presume you have your hardware firewall enabled?

 

Aigle-

From the Webroot description;

"Advanced Packet Filtering
Features a layer-3 firewall which uses unique stateful packet inspection technology to detect and block unauthorized access to your system."

Give it a try and give us your thoughts

 

Thanks. I have downloaded it but not sure if I will try it or not. I am very very poor in FW stuff.
My DSL modem( linksys) has built in router. I combined it with Windows FW. For outbound I use NeoavaGuards network filter. I have unsinatlled CFP v2.

BTW does it need a rebbot after install?

 

Looks like you have firewalls a plenty already!

Yes,it does require a reboot,if you are thinking of using Returnil.

 

You are right but I hope not overkill.

Yes, was thinking to install it under ShadowMode( SS).

 

Here is the HIPS functionality in Webroot Firewall :

Any comments?

Is it on par with Comodo since this is a newer version (6)?

Do I still need a HIPS?

 

Wow -

Webroot Firewall blocks the Coat leaktest! (see screenshot below)

This is probably because its a new version of Private Firewall. According to Matousec, PF fails Coat probably as its an old version.

We could be looking at a firewall that can match Comodo in leaktest performance! Non?

attachment removed temporarily

 

Seems fine but it will be interesting to see how it behaves on throwing malware on it.

 

Please, please, please. Anyone. More screen shots? Here is the old one I saw which is 1.3. http://www.fileflash.com/program/5127/. This firewall is starting to make a small stir in other forums as well.

 

WRF, DSA, and PrivateFW- all of them need a work on GUI plus they must make HIPS pop up user more easier to read like other HIPS.

 

You are mis-interpreting, almost everything is there.

You just need to turn the features on. Also Harry seems unfamilar with DSA which makes me wonder how he can say there are no DSA features.

 

Webroot itself has a page with many of the screenshots. Also my blog (not the castlecops wiki) has the most important screenshots of this firewall.

 

No.


...........

 

Could you post a link to these (on the Webroot website) as I can't seem to find any screenshots there.

 

Good! In fact, better than good!
~~~~~~~~~~~~~~

I have downloaded WFW but haven't yet decided whether to try it. I have a router for incoming, plus I use Ghostwall (mainly to restrict DNS to the actual DNS servers I use). I use a HIPS that covers outgoing, but without granularity concerning ports et al. So my need for a stand-alone FW is questionable, I think.

The only reason I am sorely tempted to try WFW is that it is so dadgummed beautiful & easy & good & FREE.

 

Lusher-the name is Coo ,Hairy Coo,as James Bond would say

You obviously didnt see my previous posts(42),as my saying there are no DSA features is now history,as you would know if you had taken the trouble to read them

"The rep. for PrivacyWare https://www.wilderssecurity.com/showp...05&postcount=7

stated that;

"All DSA functionality is integrated into Privatefirewall 5/6 and WDF 5.5. The key difference between the Privacyware version and Webroot's is very simple - the behavior-based features (DSA) are disabled by default in WDF 5.5 and enabled by default in PF5/6."

Therefore my previous conjectures about the lack of DSA -ALL ARE INCORRECT "

As regards turning DSA on -post 59 also seems to have been overlooked and I
I would welcome comments if the obvious steps are considered correct;

"Therefore it looks like activating DSA is achieved by going to:

File-advanced settings and then enabling each-Email Anomaly Detection-System Anomaly Detection and Advanced Application Settings- plus the previous suggestion of turning the Process Monitor to High/Ask.

These functions all seem to be part of DSA ;"

I would go further and say these functions ARE DSA-plus the Registry module which Bellgamin confirms is present without the option of turning on/off.

To be able to switch Process Monitor to ask-right click on any app-then customise.

Also,Lusher makes the excellent point that the training mode is insecure and therefore should obviously be disabled as soon as practicable

The end result of all this discussion is that the correct way of turning on DSA has probably been achieved.

 

Matousec http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

gives Comodo a top Excellent rating,whilst PrivateFirewall is merely Very Good.

However these ratings apply to the previous versions of both,so who knows?

 

Your description of WDF is one I would agree with-IMO one of the best.
Also I have reservations about overkill,as being behind a NAT enabled router,I probably dont need a firewall at all- Just a HIPS


For a start I have uninstalled ThreatFire and may disable SPI in WDF.

 

This step was already suggested by Lusher and is covered in post 50.

Other steps also need to be taken

No further HIPS is necessary, if DSA is enabled.

I have uninstalled Threatfire.

 

Aigle

You have written some excellent reviews in the past.

Could you perhaps conduct a malware test on WDF

 

Some screenshots for anyone interested.

Main menu

 

applications