PDA

View Full Version : software firewall suggestions



Skywise
08-22-10, 11:29 AM
Yeah, yeah. I've already seen some of the opinions in the group
re software firewalls.... :) I've lurked here for quite a while.

Anyway, I'm looking for comments on current software firewalls,
preferably in the free category. This is for use on WinXPproSP3
and possibly Win2KproSP4 as well.

Of interest is controlling outbound communications, something
windows firewall does not do. What I have now has helped me keep
programs from dialing home and other such silliness.

This has worked...so far...but suddenly I'm having probs with
a game communicating between these two machines and I've traced
it to the software firewall on the XP machine. It blocks port
49000 always, even with a rule to always allow. Only disabling
the firewall allows it to work. Not a preferred solution.
(interestingly, both computers have the same firewall, but only
the xp machine is giving me problems)

My current program may just be borked and a reinstall may fix
this, as I've googled myself silly trying to figure this out.

But I thought I'd consider newer software as what I have now is
probably antiquated by internet standards - KPF4.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?

VanguardLH
08-22-10, 12:38 PM
Skywise wrote:

> Yeah, yeah. I've already seen some of the opinions in the group re
> software firewalls.... :) I've lurked here for quite a while.

And with that statement you think that anyone here believes you will now
consider their opinion as valuable?

> Anyway, I'm looking for comments on current software firewalls,
> preferably in the free category. This is for use on WinXPproSP3 and
> possibly Win2KproSP4 as well.

Comments can consume a lot of space as each feature gets hashed over
regarding applicability, reliability, usability, and completeness. If
you instead are looking for recommendations, here's the top two free
firewalls:

- TallEmu Online Armor
- Comodo Firewall (in their Internet Suite)
o In CIS, disable their weak anti-virus component (CAV) and use it
only for on-demand scanning as a 2nd check. Use a different AV
product for on-access (realtime) protection.

> Of interest is controlling outbound communications, something windows
> firewall does not do.

Windows 7 has outbound filtering but not of value to XP users. 3rd
party firewalls are needed in XP for outbound filtering.

> What I have now has helped me keep programs from dialing home and
> other such silliness.

But you don't mention what you have now so recommendations might
duplicate what you are already using now.

(UPDATE: I saw later that you mentioned what you use at the very end of
your post instead of at the very start.)

> This has worked...so far...but suddenly I'm having probs with
> a game communicating between these two machines and I've traced
> it to the software firewall on the XP machine. It blocks port
> 49000 always, even with a rule to always allow. Only disabling
> the firewall allows it to work. Not a preferred solution.
> (interestingly, both computers have the same firewall, but only
> the xp machine is giving me problems)

Alas, some firewalls seem to forget their rules. I ran into this with
Symantec's and Sygate's firewalls a long time ago. You had to delete
the rule, reboot, and then recreate the rule and suddenly the firewall
would honor that rule.

> My current program may just be borked and a reinstall may fix
> this, as I've googled myself silly trying to figure this out.

If you're using the firewall in Symantec or McAfee products, also make
sure you use their cleanup utilities to thoroughly wipe them after an
uninstall before you reinstall them (or install something else).

> But I thought I'd consider newer software as what I have now is
> probably antiquated by internet standards - KPF4.

Oh, that must be Kerio Personal Firewall v4. Yep, that's old. I'd go
with the above recommendations. Online Armor is probably easier to use,
especially when it comes to defining rules. Plus it has its Run Safer
feature which can make a process (started by you or as a child process
started by another process) forced to run under a LUA (limited user
account) token which means it runs under reduced privileges, something
handy for improved security with Internet-facing applications (e.g., web
browser, e-mail client, newsreader).

However, I haven't found a firewall yet that may not sometimes interfere
with the use of your "good" apps. I use a video stream capture utility
that dynamically loads its driver when run and firewalls don't like that
despite defining a rule to grant all privileges in the HIPS portion of
the firewall (i.e., an app rule versus a network rule). Disabling the
firewall doesn't always work so I have to configure the firewall to NOT
enable on Windows startup and have to reboot.

Skywise
08-22-10, 05:34 PM
VanguardLH <V@nguard.LH> wrote in news:i4rna3$trh$1@news.albasani.net:

> Skywise wrote:
>
>> Yeah, yeah. I've already seen some of the opinions in the group re
>> software firewalls.... :) I've lurked here for quite a while.
>
> And with that statement you think that anyone here believes you will now
> consider their opinion as valuable?

I was simply trying to avoid rehashing old matter, and just cut
to the chase. I do value peoples opinions here, otherwise I
would not have asked. This appears to be one of the few remaining
newgroups where most people seem to actually know WTF they're
talking about.


> But you don't mention what you have now so recommendations might
> duplicate what you are already using now.
>
> (UPDATE: I saw later that you mentioned what you use at the very end of
> your post instead of at the very start.)

I originally wasn't planning on mentioning it at all. Adding it in was
an afterthought. Yes, I realized the recommendations might duplicate
what I have, and if that was the case, then I would have considered
fixing what I have instead of getting something new. New isn't always
better.

The funny thing with my port rule is I added it AFTER I started
having problems. I probably should also mention that the problem
didn't start UNTIL I installed KPF4. I've used it for years on my
Win2k machine just fine, and when I decided to ditch XP's firewall
I figured I'd use what I know. After all, it's worked fine all this
time, right? HA!!! Silly me....

But thank you very much for your thoughts. They're exactly the kind of
comments I was hoping for.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?

Regis
08-23-10, 11:17 AM
Skywise <into@oblivion.nothing.com> writes:

> VanguardLH <V@nguard.LH> wrote in news:i4rna3$trh$1@news.albasani.net:
>
>> Skywise wrote:
>>
>>> Yeah, yeah. I've already seen some of the opinions in the group re
>>> software firewalls.... :) I've lurked here for quite a while.
>>
>> And with that statement you think that anyone here believes you will now
>> consider their opinion as valuable?
>
> I was simply trying to avoid rehashing old matter, and just cut
> to the chase. I do value peoples opinions here, otherwise I
> would not have asked. This appears to be one of the few remaining
> newgroups where most people seem to actually know WTF they're
> talking about.

Not to mention, there's far from a consensus on the subject of whether
third party firewalls have value, or if there's really mostly a vocal
minority that has strong opinions against them, and a majority that
do find value in their outbound filtering capabilities and more easily
configured inbound flow management that simply doesn't want to take
the time arguing. :-)

Skywise
08-23-10, 11:44 AM
Regis <ordsec@gmail.org> wrote in
news:8462z1uwui@e6g2000prf.googlegroups.com:

> Not to mention, there's far from a consensus on the subject of whether
> third party firewalls have value, or if there's really mostly a vocal
> minority that has strong opinions against them, and a majority that
> do find value in their outbound filtering capabilities and more easily
> configured inbound flow management that simply doesn't want to take
> the time arguing. :-)

From the opinions I recall off hand, it seems those most vocal
against such firewalls are arguing against its use as an exclusive
security measure. I have to agree. There is no one-size-fits-all
solution when it comes to internet security. A software firewall
can, if implemented properly, be one element of a total package.

Further, security is not an install-and-forget solution. As for
the general internet user, my experience has been that most
computer problems are CAUSED by the user doing something, rather
than some attack sneaking into their computer.

I don't claim expertise. I have no formal training in this. I
just use my noodle and years of experience (and a dose here and
there of reading what others say). I'm apparently doing something
mostly right based on my personal results.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?

Sr Peabody
09-03-10, 03:25 AM
"Skywise" <into@oblivion.nothing.com> escribió en el mensaje
news:4gcco.117251$Nu2.35425@hurricane...
> Yeah, yeah. I've already seen some of the opinions in the group
> re software firewalls.... :) I've lurked here for quite a while.
>
> Anyway, I'm looking for comments on current software firewalls,
> preferably in the free category. This is for use on WinXPproSP3
> and possibly Win2KproSP4 as well.
[...]


http://www.matousec.com/projects/proactive-security-challenge/results.php#products-ratings

Saludos,

--
Sr Peabody

Yadda
09-03-10, 06:41 PM
on 9/3/10 3:25 AM Sr Peabody said the following:
> "Skywise"<into@oblivion.nothing.com> escribió en el mensaje
> news:4gcco.117251$Nu2.35425@hurricane...
>> Yeah, yeah. I've already seen some of the opinions in the group
>> re software firewalls.... :) I've lurked here for quite a while.
>>
>> Anyway, I'm looking for comments on current software firewalls,
>> preferably in the free category. This is for use on WinXPproSP3
>> and possibly Win2KproSP4 as well.
> [...]
>
>
> http://www.matousec.com/projects/proactive-security-challenge/results.php#products-ratings
>
> Saludos,
>

Pay for ESET Smart Security