INTERACT FORUM
More => Old Versions => Media Center 11 (Development Ended) => Topic started by: JaredH on November 14, 2004, 09:56:35 am
-
After doing some searching, I've narrowed the top three down to:
Zone Alarm Pro
Sygate Personal Firewall
BlackICE
Since I personally don't have enough experience to decide which is best, I thought I would turn to the trusty Interact community. What do you guys think?
-
Personally I prefer Norton Internet Security for an all in one Anti Virus and Firewall solution. I've used it for around 3 years now and been very happy.
-
Sorry risingdamp, but I would have to say all Symantec products are horrible. They all use way too many sysyem resources. The best firewalls are rule based (as opposed to programs like ZA which is just accept or deny). I would say the best firewall right now s LooknStop (http://www.looknstop.com/En/index2.htm). Although it can be a bit complicated if you don't know what your doing. It is by far the best firewall out there and has features that I haven't seen on any other firewall (e.g. thread injection, stateful packet inspection, protocol filtering, and DLL detection.) Its filesize is only 601k. With the newest driver it can pass any leak least currently out For help on configuring it or the ruleset go here (http://www.wilderssecurity.com/index.php) or just ask me. After all rule based are only as good as the rulset used.
I don't want to sound like an LnS commercial; but it is the best. There are other good firewalls out there like Kerio (2.15) and Agnitum Outpost Pro 2.5. Outpost would probably be the best (for a newbie) that isn't rulebased.
BlackICE isn't a firewall. It is a "intrusion detection" program and a horrible one at that. Stay away!!!
Just remember to stay away from Zone Alarm or Norton.
-
I would use Norton except for the fact that I absolutely refuse to use Norton... LoL!!
Ok enough laughing at my own jokes...
Actually, I find Norton to be one of the biggest pieces of bloatware I've ever seen. I use NOD32 for my Anti-Virus needs. Tiny footprint, and rated the best in the industry for catching known and unknown viruses.
Sorry there, I wasn't trying to be obnoxious. I just like to get in my daily dose of "Ranting about worthless software that just slows your computer down".
-
I agree with you about Norton. As far as your AV, I used to use it and it is indeed one of the best. It's fast, has good detection and, like you said, has a small footbrint. I switch to Dr Web because NOD doesn't have very good hueristics (that has changed with the new version).
-
Norton is really expensive and is a resource hog...
Check out Computer Associates...
http://www.my-etrust.com/downloads.cfm
Or the Microsoft Partner Pack, I think you get 12 months free..??
http://www.microsoft.com/windows/partnerpack/
-
How about Tiny Personal Firewall (http://www.tinysoftware.com/home/tiny2?la=EN) ?
Just remember to stay away from Zone Alarm or Norton....
Whats wrong with Zone Alarm btw ?
-
Norton is really expensive and is a resource hog...
I use it all the time, Norton Internet Security 2005, and norton utilities 2005
and have no problems with it.
but i also have a 3ghz computer too
-
hit_ny-
Zone alarm is now too big for their own good. They try and add features to their firewall that shouldn't be there (like Kerio 4 and Outpost) The only difference is Outpost has a security foudation first. ZA fails leak test, it uses too much resources. Besides that the interface it ugly!!!!:)
Tiny firewall is Kerio (2.15). I mentioned it.
-
KingSparta-
Usually the processor has little to do with it. RAM is the workhorse. How much you got the hood?
-
I had a serious problem with Zone Alarm in one of my PCs. I wrote about it here: http://yabb.jriver.com/interact/index.php?board=3;action=display;threadid=24252;start=msg169290#msg169290 (http://yabb.jriver.com/interact/index.php?board=3;action=display;threadid=24252;start=msg169290#msg169290).
After some googling I ended up installing that Kerio Personal Firewall 2.1.5. (It is an old version from 2002/2003. I am not sure if it works with XP SP2. The current product is v.4 and it is quit different.)
It is free, small and completely manual. It needs some knowledge about TCP/IP networking, but I think it is very secure. It has very good monitoring capabilities. I like it.
http://download.kerio.com/dwn/kpf/kerio-pf-2.1.5-en-win.exe (http://download.kerio.com/dwn/kpf/kerio-pf-2.1.5-en-win.exe)
The Internet is full of firewall discussions like this:
http://www.neowin.net/forum/index.php?showtopic=239729 (http://www.neowin.net/forum/index.php?showtopic=239729)
-
What Id really like to find is a Firewall that can detect when youre disconnected and thus disable the firewall and then reenable when you are connected, thus saving resources when not needed.
-
KingSparta-
Usually the processor has little to do with it. RAM is the workhorse. How much you got the hood?
512 megs
-
I'm not that concerned anymore. I found nothing ever leaving my system that I wasn't aware of/approve, so I use the Windows firewall.
One that I do like and recommend is Jetico Personal Firewall. It is a nice firewall and has a side benefit of detecting code injection, etc. It is one of the most configurable firewalls I have used.
If you are not familar with the company, they provide one of the best encryption tools for Windows. They approach security from a very low level and do an excellent job.
http://www.jetico.com/jpfirewall.htm (http://www.jetico.com/jpfirewall.htm)
-
Im curious. I read a few posts from people that have said as long as you are pretty regular about cleaning your pc of spyware and adware with adaware or spybot or something of the like, and are pretty knowlegable about what is on your PC, that you dont really need more than the windows firewall.
Seems logical, of course in the event that you miss something, you may be screwed, but I'm pretty anal about maintenance so I'm considering going that route until I can afford a good Pro version firewall. Anyone think that theory holds water?
-
What Id really like to find is a Firewall that can detect when youre disconnected and thus disable the firewall and then reenable when you are connected, thus saving resources when not needed.
Not likely to find that as firewalls like to insert themselves in the stack which needs to be done at boot time. Then you are protected as soon as the machine starts and continues until it is shutdown. Just takes a few unprotected seconds for an unlucky packet to slide in.
-
I think that outbound protection is needed. It is amazing to see how many programs are trying to call home. A good firewall also reports if a Trojan still gets through and tries to contact. It has happened to me.
Actually I use software firewalls mainly for outbound protection. I have D-Link NAT/Router/Firewall boxes at home and work. Sometimes I connect my laptop to unprotected networks.
I have personally tried only Zone Alarm and Kerio 2.1.5. I used to be a Zone Alarm guy. Now I am going to install Kerio to my other PCs too.
Do we have anybody here who has actually tried them all?
-
I've tried them all (I think). Guess it proves I have no life :). I've tried ZA, Norton, Kerio 4.x, Tiny (Kerio 2.x), LnS, Outpost, Sygate, Mcafee Firefall, Mcafee Firewall Plus (5.xx, 6.xx). I was even a beta tester for both Outpost Pro and LnS.
I like, and use LnS but I also liked kerio 2.15 (with a good ruleset)
For those that are, or are thinking about, using Windows Firewall...don't. It passes almost no leak tests. In fact take SP2 off all together and use 1a (if any at all). Windows is bloating itself up with SP2 and it doesn't really do much, other that using more resources. If your system is properly secured (pass all leak test, port scans of ALL ports) than MS security patches aren't needed.
-
Im trying the Jetico Personal Firewall right now on the suggestion of G Hammer.
I'm liking it so far. It seems pretty robust. And HIGHLY configurable. Not to mention it is only using about 7mb of resources. That alone is impressive. Im about to run a port scan and leak test to see how well it does. If it passes, then its a keeper. Let's just hope they dont decide to get too rambunctious with the price when it goes final.
-
If you are on broadband get a router with a Hardware Firewall, this is perhaps the best protection you can get.
Then get a software firewall also. a software FW will protect you against un-authorized traffic - win xp firewall is inbound only.
The best software firewall is your opinion and trying them all. They all have a free trial.
I have tried them all and used Zone Alarm Pro 5 for the last year. ZA is ok but bloated and slow and uses a lot of resources. Stay away from Black Ice - search google groups for reasons why. Sygate is ok but you better know what you are doing. Norton stinks unless you like conflicts. Win Xp FW is next to useless especially if you use a hardware FW.
I am using Outpost Pro right now, the best and easiest for a newbie and techies. Try it out free for 30 days, you will love it.
Lazy Senior
-
What he said
-
Well, this Jetico has surprised me. Its the best I've run across so far. After having tried ZA, BlackICE, Norton, McAfee, Kerio, Sygate, and maybe even some others I dont remember, I would say that right off the bat, after running tests from firewallleaktester.com and some other port scans and such, Jetico has got them beat.
But the only reason I think is because right now its in beta, so you get all the bells and whistles for free. Once it goes final, im sure it will have a $30 or $40 price tag on it. However, if it is as robust then as it is now, I'll be willing to pay. It's a little annoying with the constant asking about everything outbound, but at least it keeps leaks out.
As far as the other stuff, Im already behind a network firewall, so im pretty safe on that end. Im just trying to get my tail covered personally. Plus, when I go home in Feb, Ill be back to directly connecting to the in house broadband, so Ill need something then.
Either way, thanks all of you for your help and input. Can always trust the fam here at Interact.
-
..................................................................................................
I'm not that concerned anymore. I found nothing ever leaving my system that I wasn't aware of/approve, so I use the Windows firewall.
............................................................................... ..................
Using only Windows Firewall is not too smart and dangerous as it is not a very good firewall and does not protect outbound at all.
With only Windows FW you could got to a nice website with javascript and it could steal whatever from your computer and you wouldnt even know it.
Think I am not too smart? Go to http://www.grc.com/default.htm and run shields up or leak test and then come back and tell us how great Win FW is....
If you are on broadband you better have something better or will someday be sorry.
Lazy Senior
-
Using Sygate at this time. Have had no problems with it, but I was running ZoneAlarm before and found it to be a resource hog! Tried Norton and found it even worse, although I use Systemworks and it's not too bad!
-
Hey G Hammer,
Any idea on how to keep Jetico from asking for permission for every single web page and url my computer comes in contact with?
Jared
-
..................................................................................................
I'm not that concerned anymore. I found nothing ever leaving my system that I wasn't aware of/approve, so I use the Windows firewall.
............................................................................... ..................
Using only Windows Firewall is not too smart and dangerous as it is not a very good firewall and does not protect outbound at all.
With only Windows FW you could got to a nice website with javascript and it could steal whatever from your computer and you wouldnt even know it.
Think I am not too smart? Go to http://www.grc.com/default.htm and run shields up or leak test and then come back and tell us how great Win FW is....
If you are on broadband you better have something better or will someday be sorry.
Lazy Senior
Hmmm, guess you ignored the "I have seen nothing in years that I would not allow to leave my system" part of my post.
You tell me:
1- Steal what exactly from my computer? I'm not the NSA or a bank.
2- I don't visit "See naked teens" or "Serial Number City". Is Google scary?
3- What broadband would have to do with bad scripts on bad sites?
I live in China. I see lots of activity on the net if I run a sniffer on it alone. I get nothing into my machine through the Windows firewall and I have no experience that says I need outbound protection.
I did however give my recommendation for an excellent firewall for those who think they do.
-
Hey G Hammer,
Any idea on how to keep Jetico from asking for permission for every single web page and url my computer comes in contact with?
Jared
When it asks, if it is asking about IE or Firefox, there is an option to treat the app as a Trusted Application. And in the same dialog a box to check "Remember my answer".
That'll do it. This is from memory but I'm sure the words are close enough to get you there.
-
My recomendation after 10 years of using it, is Sygate Pro. And PeerGuardian...
-
I've got to go with either IPCop/Smoothwall or Monowall, these use NO resources on your local machine and work beautifully! As far as software firewalls, I haven't used one in a while (I know I should for outbound traffic, but I make sure the software I use isn't evil before I install it and I scan weekly for spyware) ... Long ago I used Norton, but I've liked the looks of Jetico every time I get uppity and think about going with a software firewall in addition to my Smoothie.
If you have an old "junker" PC lying around though, definatetly check out IPCop (or Smoothwall which is basically the same thing but commercial).
http://www.ipcop.org/
http://www.smoothwall.org/
-or-
http://m0n0.ch/wall/
-
I think it is hard to get below this sort of "impact". I installed the latest version of the Jetico firewall just so I could answer questions.
And I am as impressed as I have always been. It's reporting and control of behavior of apps is excellent too. Do you know just how many apps want to launch hidden windows, inject code, install system-wide hooks, etc?
But the main thing is how is it as a firewall and I will put this against any other software firewall I know of. I have run a laundry list of them in the past 18 months or so and all have failed to please in some way. Usually because of incompatibilities or poor configuration ability.
[Current Process Pane]
CMD = "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"
Curr Dir = C:\Documents and Settings\Gy\
Path = C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe
User Name = ISX77 \ Gy
PID/Parent PID = 1804 / 1684
Started by = C:\WINDOWS\Explorer.EXE
Virtual KB Curr = 53,388 Peak = 62,452
Working Set KB Curr = 4,136 Peak = 7,500
Page File KB Curr = 3,584 Peak = 3,712
System Pool KB Paged = 45 Nonpaged = 5
Private KB = 3,584
Handles Count = 157
Faults Count = 3,616
Objects = USER = 89 GDI = 238
Windows = 41
Reads = 7,081 Read KB = 1,519
Writes = 47 Write KB = 290
Other IOs = 458,147 Other KB = 4,855,685
-
Kerio 2.x (Tiny). Free. 100% configurable. What more could I ask for.
On my work machine, I use Symantec/Norton Internet Security. It's not bad. The ability to auto-configure common applications is really nice.
-
I'm still thoroughly impressed with Jetico. All seems to be smooth. I've grown to like being informed about stuff when it happens.
-
Hmm, I have been trying it too, but I just tell it to trust application whenever it asks me what to do. If not i get hundreds of requests each time i start any one application.
Is it above me, or is that allright? Maybe I should know more about how firewalls work.
-
Is it above me, or is that allright? Maybe I should know more about how firewalls work.
That is how most software firewalls (the ones worth anything anyhow) work. Just make sure that you actually trust the software program (or at least were trying to use it for something) before you authorize it. You may at first get requests from certain Windows components that have odd names you won't recognize. Simply Google them to make sure that they really are legit Windows components before you authorize them.
The benefit is that this can help to prevent trojan horses and worms. When these "bad" programs try to access the network (to spread their evilness) you will be notified! Of course, these programs will try to make it look like they are legitimate programs, so you really need to look them up. For example ...
The two services ctfmon.dll and ctfmon.exe are not the same things. The exe is a windows component, and is legit. The dll is the MyDoom.B virus and is certainly not legit.
[Climb up on high horse]
So go ahead and authorize Mozilla FireFox (you do use FireFox, right?), but just take the second to make sure before you authorize something you don't know. It won't just protect you, it will help to protect me (and everyone else) too by preventing the spread of the malware.
[Climb down from high horse] ;)
-
After messing around with a bunch of software firewalls and being generally disappointed in nearly all of them, I have found the best (but unfortunately not the easiest or most convenient) method is to get some old hardware together (a 500mhz cpu, 256m of RAM, and an 8 gig HD) and build an OpenBSD machine to use as a firewall. Add Privoxy and Squid to take care of web browsing and you've got yourself an endlessly secure set-up. Even if you don't know Unix very well, it's a great way to learn and you'll find a ton of resources out there to help you.
If you don't want to bother with an OpenBSD setup, running Privoxy on your local Windows machine is still the best way to surf the web. It gives you complete control via a web-based interface that allows you to protect yourself from everything the web can throw at you. I run Privoxy on every Windows machine I own and I see no ads, no unwanted Flash/Shockwave, no animated GIFs, I receive no cookies unless I specifically allow a site, no pop-ups, etc., etc.
www.privoxy.org
www.openbsd.org
www.openbsd.org/faq/pf
-
I am far from an expert in the field so I rely on those who claim to be. Kind of like how we choose who to vote for.
There seem to be a couple of "Leak Test" sites for testing firewalls. PC Flank (http://www.pcflank.com/art21.htm) seems to be the most comprehensive.
In my own experience, ZoneAlarm has worked flawlessly for me and just passed all of the tests that PC Flank had.
I have also been using Shields Up (http://www.grc.com/default.htm) to test for a couple of years with good results.
They recommend ZoneAlarm first and Tiny Personal Firewall second. They HATE BlackICE.
CVIII
-
hmm, lots of interesting advice in this forum. ive used nortons, ZAP and pc-cillin and was never happy with them... then i found Outpost Firewall Pro http://www.agnitum.com/products/outpost/
By far the best firewall software ive ever used, and has an open plugin architecture so there are always useful plugins being released. highly recommended
-
editdsn is ridht. OP 2.5 pro is the best of firewall programs. OP very easy to using and has many intersting features.
-
hmm, lots of interesting advice in this forum. ive used nortons, ZAP and pc-cillin and was never happy with them... then i found Outpost Firewall Pro http://www.agnitum.com/products/outpost/
By far the best firewall software ive ever used, and has an open plugin architecture so there are always useful plugins being released. highly recommended
All in all, I liked Outpost and used it for 6 months or so. Then I had an issue with UPnP that couldn't be solved, so I went looking again. Found two I liked better and haven't tried their latest release.
-
I could go on and on and on on this subject, if I had the time. Outpost Pro is very nice indeed, but I was seriously turned off by the total lack of support offered by Agnitum (even to registered users). Lots of problems brought up in the forums, and via email, were totally ignored. (They did know about them, because they got fixed from version 2.1 to 2.5--it just took months and months of silence in between.)
I've tried them all, but I use Look 'n' Stop 2.05p2. If I didn't have a router, I might use something else. But since I primarily need outbound protection, I need the firewall that does it best--and that's Look 'n' Stop, period. Look 'n' Stop's rules, on the other hand, are nowhere near as friendly to use as something like ZoneAlarm (read: Fisher-Price busybox).
There is also no--and I mean emphatically no firewall that is lighter on the system than Look 'n' Stop. Better still, the author (yes, just one guy, not a company per se) is very responsive.
So, you can keep the rest.
-
YEA!!!
Finally someone gets it!!! LnS might now be the prettiest firewall there is but it is the best and has all the features a firewall shuold have...and nothing else. Just curious about your ruleset though. Are you using Phantom's (v6) or a selse made one? Have you tries the new beta driver?
-
Jetico is great as long as you use common sense and check to make sure you know each app or dll that it questions you about. If you just authorize everything then you are stupid and shouldn't be running a firewall in the first. If that is all you are going to do then you are wasting your RAM. Sorry if that seems blunt. I've been in China for a while and have adapted to giving and receiving very straight forward answers.
-
After messing around with a bunch of software firewalls and being generally disappointed in nearly all of them, I have found the best (but unfortunately not the easiest or most convenient) method is to get some old hardware together (a 500mhz cpu, 256m of RAM, and an 8 gig HD) and build an OpenBSD machine to use as a firewall.
As I mentioned above, you can do exactly this, only MUCH easier and with far lower system requirements using m0n0wall (which is FreeBSD rather than OpenBSD based, but same basic idea). monowall only requires:
* Intel Compatible i486-100 or faster processor
* 64MB RAM
* 2 network interfaces supported by FreeBSD 4.9
* > 8MB IDE Hard Disk or IDE Compact Flash Card
or
* ATAPI Floppy Disk Drive, IDE CD-ROM Drive and BIOS that supports booting from CD-ROM (El Torito standard)
* VGA adaptor
Another, even easier method is to use IPCop or Smoothwall (also mentioned above) which are Linux based so have broader hardware support (FreeBSD can be touchy with VGA and NIC support). The install on IPCop and Smoothwall is MUCH easier, because they are Linux based and benefit from the 2.6 Linux kernel's broad hardware support and because they are designed for old donor-PC's so you just download and install an ISO (monowall is designed for specialty Flash-card based devices so it is a bit more complicated, though not really hard at all). All three are FREE!
My Smoothie (actually I'm now running IPCop, but I still call it a Smoothie) is:
Pentium 1 200MHz
64MB RAM
2 GB Hard Drive
1 3com NIC (Red interface)
2 Netgear FA311 NICs (Green and Yellow interfaces)
You can find stuff like that (actually probably better than that) on Ebay for rediculously cheap prices.
-
Actually I have installed Kerio 2.15 to 486/100 MHz/32 MB/WIN 98SE. The PC was not powerful enough to run any background virus scanner, but Kerio worked flawlessly.
-
I kind of miss the days when a 486 was a smokin' machine.
I used to have an Intel key chain with a 286 in plastic.
Then there were 8086's and before that 8088's.
Zilog Z80 anyone?
-
I still have all parts from my first 286 in storage. It was in perfect working condition when I disassembled it.
Someday I am going to put the parts together again and see if the 5.25" Seagate 21 MB HD still lives. I have there MS-DOS 3.3, Windows 2, MS-Word for DOS, Excel 2, CorelDRAW 1, Ahston Tate D-Base IV, some DOS games like Prince of Persian, etc.
I didn't have network (only a 1200 bps modem), SoundBlaster or CD-ROM drive at that time. Those gadgets came a bit later...
-
IBM AT? It must be worth some money.
-
Finally someone gets it!!! LnS might now be the prettiest firewall there is but it is the best and has all the features a firewall shuold have...and nothing else. Just curious about your ruleset though. Are you using Phantom's (v6) or a selse made one? Have you tries the new beta driver?
I am going to speak plainly here. I don't have a high opinion of "Phantom" at all. I mean, the guy still thinks that LNS uses Windows LSPs, when in actuality it uses an NDIS driver. Huge distinction. I loaded one of his rule sets a long time ago, glanced at it, and laughed. There were redundant rules, unnecessary rules, and total garbage in it.
You're better off carefully configuring it yourself, perhaps going from the default or enhanced rule set. If you have more than 30 rules, you may be doing something wrong.
I've been using the beta driver for awhile now. I haven't tested it against all the leak tests (problem testing comes first), but it has been solid for me.
-
I kind of miss the days when a 486 was a smokin' machine.
It would still be a "smokin" machine. Just try loading WinXP on it--it'll smoke, believe me.
-
trying to use dreamweaver with Jetico and connect to my remote site to upload files but the firewall is preventing me form doing it. I've told it that Dreamweaver is a trusted app, but it didnt work.
Any advice?
-
trying to use dreamweaver with Jetico and connect to my remote site to upload files but the firewall is preventing me form doing it. I've told it that Dreamweaver is a trusted app, but it didnt work.
Any advice?
What indication do you get that the firewall is stopping Dreamweaver?
-
I kind of miss the days when a 486 was a smokin' machine.
I used to have an Intel key chain with a 286 in plastic.
Then there were 8086's and before that 8088's.
Zilog Z80 anyone?
I never saw the 286, but I've seen a bunch of the Pentium-1's and actually a bunch of Pentium Pro keychains (remember the Pentium Pro floating point bug)? In fact, you can still have one of these on eBay (with some other junk too, no it's not my auction) ...
http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&category=21092&item=7116327221&rd=1&ssPageName=WDVW
I don't remember the Zilog Z80, I must admit, but I do remember my TR[a]S[h]-80 and programming BASIC (with line numbers and all) on my TI-99. That one hooked up to your TV and (oooh) was in COLOR!!!
Those were the days, my friends, those were the days. ;)
-
dreamweaver tells try to connect to the remote server but then a window comes up saying server not responding and "waiting for server". then it times out and quits.
I tried allowing everything i can see linked with dreamweaver in Jetico, and when I dont have the firewall running I can connect, so I wonder what I need to change in the firewall software.
Anybody else run Dreamweaver with this firewall?
-
Go into your Jetico settings and go under Ask User. Then scan through and delete anything referring to Dreamweaver or any other Macromedia program you may have. Then restart the computer just for good measure. Then run Dreamweaver. Set anything that pops up during the Dreamweaver launch to App Trusted. Then see if it will connect. If it does, go back into your Ask User section in Jetico and check just to make sure that nothing nasty and unfamiliar was given permission. If everything looks ok, then leave it alone and go on your merry way.
If that doesn't work, then I'm just as puzzled as you are.
Just a side note... I'm running Dreamweaver just fine.