Which Firewall to use?

Discussion in 'other firewalls' started by Chas, Apr 1, 2004.

Thread Status:
Not open for further replies.
  1. Chas

    Chas Registered Member

    Joined:
    Feb 17, 2004
    Posts:
    15
    What Firewall is best for personal home use? And, what is it going to really do for me?

    Will it protect two PC's? I have one PC that connects via Dialup and another networked to it. Will the Networked PC be protected as well?

    I am using Win98 SE on both PC's.

    I did try one Firewall two months ago. Seemed to work OK, except when I uninstalled it,is caused BIG TIME problems. I read alot about Zone Alarm and Sygate.

    Or should I just finally upgrade my OS??

    Thanks
     
  2. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    hard to answer your question, it all depends on your needs, what you mean by "personal use", popup blocking or referrer blocking, just network and application filtering, spam filtering, etc...

    free or buyable version ?

    All of the firewalls have their strong points and their weakness, none is "the best".

    Nearly all of the firewalls 'Pro' version have a free edition, less powerfull, but it let you have an overview on the product, i would suggest you to try them.


    About two PC chained on the network with the first having the Internet connection, the second will be protected from inbound traffic coming from the Internet, but won't be protected from malwares calling home, so i would suggest to install a firewall on both computers.

    regards,

    gkweb.
     
  3. missuk

    missuk Guest

    go with zone alarm it has better features and it cannot be shut by trojan
     
  4. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    And no need to upgrade your OS, no need to do that, except for Microsoft stopping support in a while (don't hold your breath). But even that need not be a reason to upgrade. There have been no new w98 vulnerabilities the last two decades, why move over, but to end in Microsofts strong embrace.
    Windows 98 has no protection whatsoever, but by using a decent firewall and good virus protection, a W98 system can run very smoothly.

    Says who?

    Every piece of software is vulnerable, even the most secure Windows ever has some holes. And since Zonealarm runs on Windows...
    ZA is good, no question about that. But there are other firewalls too. If you like the interface: go for it.
    Update regularly the software and you should be okay.

    If you don't like the interface: drop it and try some other software firewall. But take care: uninstalling ZA may not be enough. You must remove every trace of it in order to be able to try another firewall.
     
  5. missuk

    missuk Guest

    then dont believe who cares ?
     
  6. RedLobster

    RedLobster Guest

    Meneer

    GREAT POST!



    MISSUK

    EVERY firewall made can be bypassed. An zone alarm is no exception. Had to mention this since you are of the thought that zone alarm has some special value that offers you some sort of special protection against trojans...it does not. If you like ZA use it but do so understanding that its not a trojan or anti virus scanner.
     
  7. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Hi Chas - here is a review of firewalls ... perhaps this might help you make a decision.

    http://www.firewallguide.com/software.htm

    Bear in mind, no freebie will have all the features that a paid version will have. I am currently using ZoneAlarm Pro which I paid for and am quite satisfied it is doing a good job. I used the free version and found it would allow malware, etc. to write itself into the program control and send itself out. In the paid verson, I have ZoneAlarm password protected so nothing can write itself our access the internet without my permission and password. There is Sygate which is free and some people that use it find it works well for them. I used Norton too when I had Win98 and found it let me down on a couple of occasions.

    It boils down to what best suits your needs and what you are comfortable in using. Hope this helps.
     
  8. sunita

    sunita Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    27
    miss uk dont argue we know what is right i hope u understand :)
     
  9. xp

    xp Guest

    zone alarm is specially designed so that it cannot
    shut by trojans
     
  10. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    No ZA bashing - but it can be done, as is the case with fairly all software firewalls.

    regards.

    paul
     
  11. monica_84

    monica_84 Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    31
    well two or three weeks before i have downloaded some trojans from the iran hackers
    website which shuts down the firewall only two firewalls got shutt off kerio and sygate but i have
    tried many times to shut the zone alarm and outpost firewall by trojans but i never got a success
     
  12. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    I realize we are going a bit off topic but here goes:
    I use Proces Guard free edition to protect my Firewall. Is it just protecting the settings and can the FW still be bypassed by "whatever". I am talking only about the inside>out direction because outside>in is stealthed by other means.

    Gerard
     
  13. RedLobster

    RedLobster Guest

    Gerard

    What a great question for the folks over at Diamond......Wayne or Jason will understand the issue quckly........an for your benefit this is not anything new.....many of us use special means of protection of the firewall
    An like Paul said..its not in away bashing
     
  14. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Since your system is not visible from the internet, there are no threats that can be directly directed at your system. That's nice.

    So lets look at the inside. A Windows based firewall is an application running on top of the OS. If the OS gets compromised (by whatever means), every application can be considered compromised, even a firewall. Even de Windows XP firewall... it's part of the OS, but it's the Windows OS...

    Most Windows systems do not get compromised out of the blue. It would require a user with admin authorization, or an application that exploits a bug. Such an application could be started by installing untrusted software (where do you get yours?) of by a user opening a malware mail. These are inside threats. And yes they are a risk for any tool.
    Preventing the exploiting of holes can be done by patching and patching again and again...

    Protecting your system with all kinds of tools makes life a bit easier (you don't have to worry about most technical failures), but still the user has some responsibility too.

    My protection: I use a linux firewall in front of my lan. I love it: it's free and its safe. And yes, I changed vulnerable software too. And yes, I'm the user :p
     
  15. Donn

    Donn Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    11

    I am just getting into this so take me a with maximumu two grains of salt--I tried Zone Alarm for about two weeks, and a TroHor got in on me. Now, I was using their free edition which does not give you updates, if you watch closely everything it says on the downloads, it says updates are not available with the free edition. That may mean not automatically available, and there is some way to do it manually. If there is I couldn't figure that part out. Just today I noticed something shut down the ZA, so I immediately jumped off line, and went on a house cleaning tour. Didn't find anything, but I unloaded ZA--fool me once shame on you, fool me twice shame on me.

    I dwnldd free Kerio and it messed up my cookie arrangement--I couldn't get into my MSN mail boxes, and I could not see how to get rid of the blocked cookie function. I tried dropping the cookie standards and rebooting, I tried adding MSN and it wouldn't take.

    So, I got rid of Kerio, and dwnldd Sygate. Everything seems to be going along nicely. Still getting requests to allow that RPCSS (Distributed Comm Services), and I do not feel right about it, so until I hear from you guys I am blocking it manually.

    Tha's all I got, hope it helps.

    //Donn
     
  16. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    As Paul said, software firewalls can be bypassed on outbound by some Trojans specifically designed to do so. (The AntiTrojan app developers will confirm that, based on previous discussions I've read.) What the firewall makers have done (especially as a result of some of the various leaktest demos out there) is make it more difficult for Trojans to do so with various tricks, like piggybacking, etc. But it's not impossible.

    Also, the trick of shutting down the firewall in order to bypass it is another way. I believe perhaps most firewall vendors have introduced some measures to counter that, like ZA blocking internet connectivity if it is shut down incorrectly. But still it's not impossible for specially designed malware to either do so or bypass in some other manner.

    ProcessGuard protects the apps you've designated from being shut down by malware, or so I understand. But in the case of firewalls, while it protects the firewall from being shut down, it doesn't address those Trojans that are designed to operate at a level where these commonly used software firewalls cannot detect them, so they can still bypass the firewall. At least, that's been my understanding from previous discussions. Such a question could best be answered in the Diamond forum here at Wilders.

    This is why so many people emphasize a strategy of informed users using safe computing practices and having a layered defense...such as AV, AT, firewall, etc.

    But to respond to the original poster, there are various decent firewalls from which to choose. The key is what do you find easiest to use and works well with your systems and needs. ZA (in various flavors) is often recommended because in default install mode it's easy and offers protection. Sygate is another, Outpost also. These have free versions you can try out. (Kerio 2.x is good also, but I believe that the user really needs to do their homework to set up secure rules sets which is why I don't usually recommend it to people unfamiliar with such things or not going to spend the time to learn. I'm not familiar with Kerio 4.x so can't say how that is.)

    But when you uninstall any firewall, be sure to read any specific instructions the vendor offers regarding how to uninstall. Some firewalls require to be shut down in a specific manner prior to uninstalling and then a clean up to make sure no bits are left behind in the registry, etc that may result in problems. So reading the manuals, help files, any dedicated support forums that may be available is a good way to go to try to avoid issues not just with uninstalls, but setting up the firewall, use on a LAN, etc.
     
  17. controler

    controler Guest

    Bitguard is an easy firewall to use. It runs at the kernel level and has it's own protection. As mentioned, there are many good firewalls out today. My favs are Sygate, Outpost, Look & Stop and Bitguard.

    controler
     
  18. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    Donn, just a quick comment. If you're using a properly configured firewall, and a default ZA install should be so, that should provide protection against intrusion from the internet through youir PC's ports. It blocks them, shutting the door (so to speak) on that manner of intrusion.

    BUT firewalls are not anti-trojan apps. A firewall will not in itself keep a user from downloading a trojan disguised as something else and executing it. (Especially if the user is file sharing on P2P networks.) Or getting malware on your PC via browsing questionable sites if your browser security settings are not high enough. (And currently IE's default internet zone settings are not high enough to prevent spyware and malware intrusion via the browser.) Or opening an email attachment that is malware. So there are various ways of getting malware on your PC. A firewall typically only prevents such intrusions via open ports.

    Hence, again, this is why many of us repeatedly advise having a layered defense against malware. And the #1 defense is an informed user. Learning what the threats are, how they can happen and what practices minimize or increase the risk of having one's PC compromised. Then what software may assist us to protect against this given our particular practices, needs and wants.
     
  19. controler

    controler Guest

    Hello

    I can also tell you running SP2 RC1 set to default will show all ports stealted on GRC :D


    controler
     
  20. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Adding my two pence worth I've found outpost pro(paid for version not the free)to work well,but can be a little difficult to configure,took a while to get Windows update to work correctly without disabling active filtering!
     
  21. solarpowered candle

    solarpowered candle Registered Member

    Joined:
    Jan 9, 2003
    Posts:
    1,181
    Location:
    new zealand
    I like the ultra simple . Either look n stop ( with advanced ruleset ) or Bitguard .
     
Loading...
Thread Status:
Not open for further replies.