dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3681
share rss forum feed


Rebrider
Been There Done That
Premium
join:2000-11-23
reply to devolic

Re: Firewalls

said by devolic:

Who makes a good FREE software firewall? One that also uses little resources if possible. Thank-You

I've been using ZA Free for years. I use older versions, and have to put up with some nags, however I get to control which programs have outbound access.
I tried the new ZA on my Win7 system and did not like it. I am using the free McAfee that came with the new computer.
My XP and Vista machines do just fine with the older versions of ZA. I like to know what programs want out, and this lets me know and control them. The really old versions gave you more options like pass lock programs. I would be glad to pay a license fee to have just a software firewall from ZA that gave me the control of outbound programs.
The main reason I like ZA is that it tells me what programs want out and gives me the option or allowing or denying it.
--
Join The Resistance. RKBA


ZZZZZZZ
Premium
join:2001-05-27
PARADISE
kudos:1
Sorry to burst your bubble,but ZA is one of the worse rated firewalls on the Net.

When I used it 12 years ago I found that it allowed server rights to all apps by default ...........hope they've changed that.
--
Sarcasm is the body’s natural defense against stupidity.


Rebrider
Been There Done That
Premium
join:2000-11-23
said by ZZZZZZZ:

Sorry to burst your bubble,but ZA is one of the worse rated firewalls on the Net.

When I used it 12 years ago I found that it allowed server rights to all apps by default ...........hope they've changed that.

Burst all you want. I been using it since the 90's and have never had a problem. It depends on your understanding of how software firewalls work and what they are for. If you are a computer genius and know everything there is to know about the internet and computer security, why then we should just go with your suggestions and be done with it.
--
Join The Resistance. RKBA


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5
reply to devolic
I use comodo right now. Plays nice.


ZZZZZZZ
Premium
join:2001-05-27
PARADISE
kudos:1
reply to Rebrider
quote:
If you are a computer genius and know everything there is to know about the internet and computer security, why then we should just go with your suggestions and be done with it.
Wow,didn't realize you were so much in love with your firewall.............just keep your head buried in the sand.
»www.matousec.com/projects/proact···ults.php

--
Sarcasm is the body’s natural defense against stupidity.


sivran
Seamonkey's back
Premium
join:2003-09-15
Irving, TX
kudos:1
Matousec? Really?


MSE_fan

@rogers.com
reply to dolphins
PCTools Firewall Plus (for win 7 64bit)

over 1.2 mil downloads on CNET

»download.cnet.com/windows/firewa···;sideBar

slajoh01

join:2005-04-23
I dont use any software firewalls at all except the Win7 firewall enabled and thats it. Im behind a firewall router.

A software firewall isnt that necessary unless you have many many workstations on your network and you want to protect it from some infected notebook thats connected to your network.

A rule of thumb is, that whenever people install an OS, always disconnect from the Internet, then install AV, turn on Windows firewall (or Linux FW, or whatever), then once doing that, connect to the net and first install the needed software and OS updates as possible. I mean ALL until completed. Then lock down the OS via Group Security Policies including browsers. Then finally browse the net.

In other words, lets put this way, you wanna keep the bad guys from breaking in your house in the first place!

Of course, software firewalls can be disabled by malware. And can cause issues and trust me...I had alot of sharing and connection issues when a software fw was installed. Since then I dumped it.

I usually rune a command called NETSTAT -B or NETSTAT -ANO to see what suspicious programs that have ESTABLISHED conenctions on my system. If I see no programs like that, then all is good. There are YouTube videos on this and there very usefull in detecting what suspicious programs are established on your system.


ironwalker
World Renowned
Premium,MVM
join:2001-08-31
Keansburg, NJ

1 recommendation

reply to devolic
Software firewalls are great for monitoring what programs and os parts want to call out. Being able to see these details and block accordingly is why I use a software firewall.


Derwood
Wherever you go, there you are
Premium
join:2003-01-21
Dayton, OH

1 recommendation

reply to devolic
I run pfSense on an old system. Been using it since 1.1.


Trihexagonal

join:2004-08-29
US

1 edit
I've been running pfSense on an old Dell I refurbished for the past year and love it.

I run the pf firewall on my FreeBSD boxes behind it too.


firewall

@comcast.net
reply to devolic
said by devolic:

Who makes a good FREE software firewall? One that also uses little resources if possible. Thank-You

For XP I also recommend Kerio 2.1.5, as others have suggested. I don't think you can beat it for minimal resources, or overall quality. Never used the Kerio branded version, but used it way back when it was Tiny Personal Firewall, 2000 / 2001 or so. I'm assuming 2.1.5 is still the same quality and tightness.

Haven't used a separate software firewall since then, just stick with the Windows firewall.


firewall

@comcast.net
reply to ironwalker
said by ironwalker:

Software firewalls are great for monitoring what programs and os parts want to call out. Being able to see these details and block accordingly is why I use a software firewall.

Beyond the Windows firewall, for most average users I think they just cause paranoia and worry. Every single outgoing request needing to be dealt with, and triggers and rules. Even high knowledge users get tripped up:

"Oh, why is such and such process wanting to connect? What is IP X.X.X.X? Is it malicious? Am I infected with something?" Then do research, while growing increasingly paranoid, to find out it's a normal Windows process trying to update the time or check for updates or something harmless like that.

That's all I ever got out of the things at least! If malware gets on the computer then you're screwed anyway. Not to mention the malware is probably operating under a completely innocuous sounding process name anyway. Maybe it is injected into a legitimate Windows process, which won't look unusual when it's trying to connect out.

Anyhow just my thoughts. I still recommend to the OP Kerio 2.1.5 !


red2

@fastwebnet.it
Several years ago many here recommended Kerio 2.15. However, with recent windows updates, the Kerio driver started causing problems for many of us (continual BSODs). My wife is still using it on her system and has no issues, but it caused me problems so I had to abandon it.

So my suggestion would be to try it, but if you experience any issues, it is likely that the Kerio driver is the cause. And as the development of the program stopped, there is no solution.


firewalled

@comcast.net
reply to MSE_fan
@ MSE_fan

Last time I checked PCTools firewall was no longer being updated. But anyway the one listed at the link you posted is for v 6.0.0.74. The last version of PCTools firewall that was released was v 7.0.0.123 which could be found on the PCTools forum. If you really want to run the PCTools firewall I would go for the last version if you can find it.


MSE_fan

@rogers.com
yes, is true, PCTools firewall (Plus) is on version 7.0.0.123 and I have that vesion; I used the link above to show how popular this firewall it is....(1.2 mil downloads!!!!)

Anyway, I truly believe that for Win7 64bit this is the best possible firewall , well balanced and easy to manage.

Even though is not being updated ,is still part of PC Tools internet security (exactly the same, no difference, I checked all rules one by one and they are identical) so I believe this is the next "Kerio 2.15" for Win7 64bit.



Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to devolic
Click for full size
Click for full size
Click for full size
Click for full size
»www.binisoft.org/wfc.php
Probably not for you if you are using Windows XP. This builds upon the existing firewall found in Vista, 7, 8.


CCat
We're all quite mad here
Premium,MVM
join:2005-12-06
Wonderland
kudos:18
Reviews:
·Time Warner Cable
said by Dustyn:

»www.binisoft.org/wfc.php
Probably not for you if you are using Windows XP. This builds upon the existing firewall found in Vista, 7, 8.

Are you using that? If so how do you like it?
--
I Live In My Own World, But It's OK.....They Know Me There.


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL
Free & a paid version.
Free does not have popups - which might or might not matter to you.

I have used the free.
Sometimes something does not work, & then after a bit of thinking, I hit myself on the forehead & say, ah, the firewall!!!

To me, the Medium setting is what makes sense to use.

Author is responsive.
Plenty of updates, bug fixes, & feature changes.

Forum thread at Wilders.


MSE_fan1

@rogers.com
reply to CCat
Click for full size
Binisoft Firewall is based Win7 firewall; all outbound requests are DENIED first and you will get an alert; if you say "Allow" this will be allowed next time or you manually have to restart the app which asked for permission.

Is very slow and not recommended for both inbound and outbound; in other words you have to use Win 7 firewall for inbound and Binisoft firewall for outbound


CCat
We're all quite mad here
Premium,MVM
join:2005-12-06
Wonderland
kudos:18
Thanks


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL

1 edit
reply to MSE_fan1
> Binisoft Firewall is based Win7 firewall

It is essentially a GUI front-end to the Windows Firewall.
It does not provide firewall "services", it only makes it easier to do something more with you have already been given. There is nothing that it does that you cannot do yourself with Windows provided facilities - albeit with greater difficulty.

> all outbound requests are DENIED first

Actually I believe that it defaults to inbound only, but in any case...

> and you will get an alert

Again that is with the pay version.
The free does not alert, but if you know that an application is looking for access, you are provided means to allow it.

> Is very slow

Uses .NET 4 (I'm pretty sure it was, yes!) & the GUI itself had been lethargic, in particular its first opening, but has improved over time.

> and not recommended for both inbound and outbound;
> in other words you have to use Win 7 firewall for inbound and > Binisoft firewall for outbound

Again Binisoft is nothing but a front-end. You are using Windows Firewall entirely.

Wilders: Windows Firewall Control

Edit: confirmed need for .NET 4

MSE_fan

join:2013-03-29
Hi,

This is the way Binisoft Firewall works: deny all Outbound and alert you; I have paid version which I scrapped it after 1 week;
The firewall will not intercept an outbound request but rather will deny it and will generate an alert.

Why bother when PC Tools Firewall plus works like a firewall, looks like a firewall.....


Trihexagonal

join:2004-08-29
US
Reviews:
·AT&T U-Verse
·AT&T Midwest

2 edits
said by MSE_fan:

The firewall will not intercept an outbound request but rather will deny it and will generate an alert.

And you don't consider denying a transmission to be intercepting it? That's one of the methods I use to block outbound transmissions on my hardware firewall.

said by MSE_fan:

Why bother when PC Tools Firewall plus works like a firewall, looks like a firewall.....

We've already established it "works like a firewall" so what's "looks like a firewall" got to do with it? That's subjective at best. Yours doesn't look anything like mine and the one on my PC and laptop doesn't even have a GUI.

Like therube pointed out, what you're looking at with Binisoft Firewall is a frontend to the Windows Firewall.

MSE_fan

join:2013-03-29
"And you don't consider denying a transmission to be intercepting it?"

No, denying a transmission is not the same with intercepting it, wait for user decision and proceed accordingly.

All Win7 firewall "notifiers" are based on this idea, but a real firewall will work differently.


Trihexagonal

join:2004-08-29
US
Reviews:
·AT&T U-Verse
·AT&T Midwest
said by MSE_fan:

"And you don't consider denying a transmission to be intercepting it?"

No, denying a transmission is not the same with intercepting it, wait for user decision and proceed accordingly.

All Win7 firewall "notifiers" are based on this idea, but a real firewall will work differently.

Oh, so the OpenBSD pf firewall isn't a "real" firewall but this Windows based software firewall you're extolling is?

quote:
Default Deny

The recommended practice when setting up a firewall is to take a "default deny" approach. That is, to deny everything and then selectively allow certain traffic through the firewall. This approach is recommended because it errs on the side of caution and also makes writing a ruleset easier.

»www.openbsd.org/faq/pf/filter.html#defdeny

What would you suggest? That I switch my hardware firewall from pfSense, wipe my HD's of FreeBSD and the pf firewall, and install Windows and this software firewall that isn't even supported in their place so I can use a "real" firewall?