What is the best firewall?

Discussion in 'other firewalls' started by no poetry!!, May 29, 2005.

Thread Status:
Not open for further replies.
  1. no poetry!!

    no poetry!! Guest

    hello all,

    Can anyone tell me what the best free or paid for standalone firewalls that can block most probes and hack attempts?

    Hopefully some good replys
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    You ought to go to the link and trial a few and make a decision from personal experience rather than from someone that might not like what you would like. Or what runs the best on your computer.
     
  3. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    You'll get quite a few differing answers on this one, depending on how much you're prepared to allow your internet connection to slow down, how much resources it puts on your computer, vs what sort of protection it offers, and what sort of protection you prefer, and also compatability issues.

    I'm using ZA free, it's an application based firewall...ie an application asks for permission to access the net and I accept/deny once/always...so I tell it what applications I give permission to access the internet and it blocks all other applications from accessing the net <ie it offers outbound protection as well as inbound protection>. It's only problem is it does slow down your initial connection speed a bit <but once connected to a big download I can still download at max speed>

    There are others that are rules based firewalls, but I must confess I've never used them, and don't know too much about them.

    Most firewalls offer exactly the same kind of incoming protection (ie blocks unsolicited packets, and your computer will not show up on the net to a port scanner)

    edit : or follow BigC's link as he beat me to the post :)
     
  4. No peotry

    No peotry Guest

    Bigc - follwed the link you gave. WOW so many firewalls to choose from. Ive tried Norton(like swish cheese), zonelabs free is very food(scanned at PC flank), mcafee ok, sygate not bad, i kinda like kerio. To be honest too many to choose from.

    what have you tried? Any i shouldnt use?
     
  5. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    I use Kerio 2.1.5 - Very very very happy! Easy to use, no bloat.
    ZoneAlarm (latest) is also good.

    I would not recommend (my opinion) Kerio 4.1.3 (Buggy, resource hog) and Outpost (Very hard to configure properly, time consuming)
     
  6. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I am useing kerio 4 at the present time. It seems to work well. I usually use kerio 2.1.5 but thought I would try something a little newer.
     
  7. Nopeotry!!

    Nopeotry!! Guest

    Using Zonelab Pro at the moment - runs out of updates soon, so just felt like a change. to bo honest im thinking of moving towards keiro. But thanks for all your coments.
     
  8. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    The only best is what is best for you. What exactly are your needs and any features in particular you are looking for?

    Regards,

    CrazyM
     
  9. Fumens

    Fumens Registered Member

    Joined:
    May 5, 2005
    Posts:
    23
    The best firewall is the one that suits you and you know how to use it.

    Doesn't matter how good or powerfull one firewall but if you don't understand how to use or set it up....it's the same as useless firewall.
     
  10. AnthonyG

    AnthonyG Registered Member

    Joined:
    Aug 3, 2004
    Posts:
    614
    My opinion at this moment would have to be EZ then ZoneAlarm. (theyre clones of each other).

    I might try tiny if i ever get SP2.
     
  11. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    I see that a lot of people say Keiro but an older version. Why is that? Also I am confused about Zone alarm free. On their web site I get the impression that it is only inbount and doesn't protect outbound. Vikorr's post looks like ZA protects both ways.
     
    Last edited: May 29, 2005
  12. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Hello, WilliamP,

    Firewalls were designed to filter packets. In the past few years, more has become expected of them (dll injection, etc) so that many firewall programs have become big programs, often using larger amounts of resources, cpu, etc. Kerio included (new version 4). So, firewall 'A' says it's better than firewall 'B' because it protects from ________ (fill inthe blank). Latest fad is leak tests, which only prove that most firewalls aren't very good at what they weren't designed to do.

    Many (including myself) have opted to stay with Kerio's older version (2.1.5) because it's just good at what a firewall was designed to do (notwithstanding the "fragmented packet issue" which has pretty much been laid to rest), and have chosen to depend on other programs to take care of other threats.

    Kerio 2.1.5 does require the user to become familiar with networking (protocol, DNS, port, loopback, etc) because the user configures her/his own rule set. It's true that many just use the default ruleset, or copy someone else's rule set, but even then, the user needs to understand how rules work when an alert pops up. It's not a complicated topic to learn and understand, but does require some time and study.

    The alternative is a firewall like Zone Alarm which pretty much automates everything, and is certainly more than adequate for home use. (I'm sure it's both inbound/outbound)

    Much has been written that a router is more secure than a firewall, but most routers just monitor inbound traffic, and I've noticed that most router users do have a firewall which monitors outbound traffic.

    I mention this because for those for whom a router is the be-all and end-all of inbound security, there was a recent post in another forum by a poor soul who freaked out when an inbound attempt via port 1026 got by his router, and was blocked by... you guessed it... Kerio 2.1.5.

    Unsolicited UDP gets by NAT?

    regards,

    -rich
     
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    Another feature of Kerio 2.15. From the help file.

    Application MD5 Signatures
    Apart from checking incoming and outgoing packets Kerio Personal Firewall can also detect if permitted packets are sent by authorized applications. An application could be infiltrated into your computer (e.g. by email, from a floppy disk, etc.), that acts as some regular and known program (it usually replaced by the original executable) and tries to send data out from your computer. Such an application is commonly referred to as a “Trojan horse”. Usually, they can be revealed during an anti-virus check, but this might be too late.

    Kerio Personal Firewall uses a method of creating and checking MD5 signatures of applications. Very simply said, an MD5 signature is a checksum of the application's executable. When the application is first run (or when the application first tries to communicate via the network) Personal Firewall displays a dialog, in which a user can permit or deny such communication. If the communication is permitted by the user Personal Firewall creates an MD5 signature for the application. This signature is checked during each subsequent attempt of the application to communicate over the network. If the application's executable is changed (e.g. it is infected by a virus or it is replaced by another program) Personal Firewall denies communication for this application, displays a warning and asks if such a change should be accepted (e.g. in case of the application upgrade) or not.

    MD5 signatures can be viewed and deleted in the Application's MD5 tab. They can only be created automatically.
     
  14. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Isn't the MD5 situation handled by Process Guard? Or at least program execution protection.
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    I don't use Process Guard so I can't say William. My layers of security are not as deep as some of the other users. :)
    I am behind a router and Kerio 2.15 is perfect for my needs.
     
  16. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Depends on what you mean by "best".

    My choice is a router and no software firewall. For use with a notebook I would opt for the XP ICF to simply surf, and CHX-1 if I needed something with high performance.
     
  17. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Hi ronjor.
    Why not kerio 4?
     
  18. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    Bloat. :D I've tried it and see a lot of processes running. That is not what I prefer in a firewall.
    Netveda is small on memory usage and a nice app.
     
  19. sinbad370

    sinbad370 Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    68
    Location:
    Georgia
    Hi Ronjor - what about this Netveda? is it free? and how does it compare to LNstop and Kerio 2.15?
     
  20. Bdiamond

    Bdiamond Registered Member

    Joined:
    Apr 26, 2002
    Posts:
    74
    Location:
    N Carolina, USA
    I am certainly no expert or authority on firewalls, but strongly suggest you consider adding LooknStop to the firewalls you examine. Using the extended rule set provided by Phantom it worked "out of the box" for me and has had absolutely no measurable effect on performance of my machine. It performed perfectly at GRC and PC Flank. I did not run it against the Leak Tests but is listed as having performance about equal to Outpost in this respect.

    Actually, I have almost no problems related to security so a major interest for me is that any security related product be convenient, easy to use and without any noticeable effect on machine performance. In this sense LnS has been perfect. I hope someone will write a user friendly manual for it when development is complete; however the help files are very good and well illustrated.

    In any case, it is easy to install, has a really large number of features and does not noticeably affect performance of my WinXP, sp2 (1024MB mem) machine at all. Especially, it is very easy to uninstall and reinstall with no problems at all if that is needed.

    I am surprised there were no suggestions to give it a look because it has been convenient and easy to use. Other than complete stealth at GRC and PC Flank I am not quite sure how to evaluate a firewall further.

    BDiamond
     
  21. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
  22. sinbad370

    sinbad370 Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    68
    Location:
    Georgia
  23. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    BDiamond

    LooknStop is very light and effective as well.
     
  24. No peotry!!

    No peotry!! Guest

    Hey all,

    I been using a Nat enabled router as well as Zone lab Pro. the router still casn let inbound traffic through, so it is very inportant that you have a second software firewall.
     
Loading...
Thread Status:
Not open for further replies.