topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Tuesday March 19, 2024, 12:46 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Best free firewall for Windows?  (Read 247468 times)

lanux128

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 6,277
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #50 on: January 17, 2008, 11:22 PM »
Well, outbound protection lets you know when something has gone wrong and can help minimize the damage.  I also like to make sure I know what the "benign" apps on my system are doing.

can't argue with that, if it works for you then there is a point to it..

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #51 on: January 18, 2008, 05:02 AM »
Well, outbound protection lets you know when something has gone wrong and can help minimize the damage.  I also like to make sure I know what the "benign" apps on my system are doing.
That is, theoretically, an argument in favor of outbound firewalling... problem is that anything worth protecting against will be using covert channels (ie, injecting code into internet explorer and communicating over port 80), so the net worth is... nothing.
- carpe noctem

nontroppo

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 649
  • spinning top
    • View Profile
    • nontroppo.org
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #52 on: January 18, 2008, 06:56 AM »
I don't remember about Windows firewalls, but my outbound filter Little Snitch gives you the parent app, so:

APPX called WGET to request blah on port 80

Thus you know from who the request is really from, not just who is making it. I'm pretty sure  many apps do this?
FARR Wishes: Performance TweaksTask ControlAdaptive History
[url=http://opera.com/]

Liquidmantis

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 64
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #53 on: January 18, 2008, 05:35 PM »
Yup, and they monitor for code injection.

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #54 on: January 22, 2008, 01:40 PM »
Online Armor seems like a nice firewall too. There's a free version.

Screenshot - 2008-01-22 , 14_31_57.jpg

Some good comments at Wilders Security.
Seems to do good at the Matousec Leak Tests... for what it's worth (no idea).

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #55 on: January 22, 2008, 08:02 PM »
btw, i'm behind a secure router, so much so that i've ditched 3rd-party firewalls for the Windows firewall, even though i came to know that it does only offers inbound protection.
Who cares about outbound "protection" anyway? When you get to the point where it kicks in, your PC has already been compromised... I see it as fixing the symptoms instead of curing the problem.

:greenclp: Nailed It! :greenclp:

I do believe we have the same opinion on this :)

Software firewalls fall into a category I like to call "Baby-Sitter" software ... The user just sits there tra-la-lips'ing about the web expecting it to auto-magically deliver them from "evil". Which makes exactly half as much sense as expecting ones insurance company to prevent them from running into a tree ... while driving drunk.

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #56 on: January 22, 2008, 11:21 PM »
I wonder about the validity of the arguments behind the idea of the relative futility of outbound protection. I know what Riley & others think of it, but, somehow, I don't understand the logic behind the arguments (and should I automatically trust Microsoft security experts when they ask me to believe them??). Isn't the "real" question : "which is more secure : inbound filtering only, or both inbound + outbound filtering" ?

Are you implying that once your computer as been "infected" or breached, no Outbound filtering is going to be able to prevent leaks?? (Even with good code injection detection techniques?) 

I Personally tend to want to know if an application (even supposedly inoffensive) is sending info in the WWW. I like and want to be in control (as much as possible) of what I send and what I receive. Corporations try to get any info they can from the users -- whether they want it or not. Why should we allow that? What about personal sensitive data?

Also, what about others? There's the "me" point of view -- it's to late for "my" computer, etc, "my" security has already been compromised, etc. --, but what about others, those who might get infected by "your" virus which eventually sought a breach to propagate ? So i's basically okay if your computer is infected and infecting other computers because of a lack of outbound protection ?

Isn't saying :
Who cares about outbound "protection" anyway? When you get to the point where it kicks in, your PC has already been compromised... I see it as fixing the symptoms instead of curing the problem"
a bit like saying "if the thief is in your house it's already to late : just let him take all your stuff and run", or "if you get sick, it's already too late : go for a walk and infect everybody else".

What's a "symptom" seems to be a matter of perspective. One thing is always the symptom (or effect) of an another thing (action or cause). Isn't it?

I tend to find these arguments a bit more convincing (I know, they're partial! And so are Microsoft's).  But, please, teach me... I want to understand.
« Last Edit: January 22, 2008, 11:24 PM by Armando »

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #57 on: January 23, 2008, 12:27 AM »
I have run a number of firewalls (still have a current licence for ZoneAlarm Pro) over the years and just recently uinstalled the latest of them - Webroot's Desktop Firewall. There is the overhead, which I object to, and then there is the intrusiveness. I surf the web behind a wireless router with a hardware firewall so don't feel that I am compromising on security (I run A/V and A/S and have XP Sp-2's firewall enabled). I should probably re-install a firewall and have it available to run when I am surfing the net in airports and other public places, but those times are so predictable that I will have lead time to install something when the need arises.

Am I mistaken in thinking that I am secure?

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,640
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #58 on: January 23, 2008, 03:55 AM »
I've run a few firewalls over the last couple of years.  I had ZA for a while, then ZA Pro (had 2 licenses for it until recently), but somewhere they lost the plot and it just started bogging down the system, corrupting it's own files, and all the extra crap they kept adding - damnit! I just want a firewall.

I've tried:
Tiny Personal Firewall - Last free version before it became Sygate, (IIRC).  A bit too 'Tiny'.

Ghostwall - Very fast but a pain to set up for every one of your apps.

Primedius Free - Very fast lightweight firewall that will run with other firewalls.  Use it with Windows Firewall for incoming protection and let Primedius handle the outgoing stuff - however the list of applications does get cluttered.

Sygate - Tried it for about 30 mins, didn't like it.

Comodo - Used it for quite a while, a very good firewall but it's interface and rule creation let it down.

And a few others I've long since forgotten, I've finally settled on:

Zyxel Prestige 660HW - The routers firewall is turned on plus NAT is also running, however I have a couple of ports left open for servers.

So for a software firewall I've settled on PCTools Firewall V3.  It doesn't slow down my PC at all, (not that I've noticed anyway, pings are still sub-40ms for gaming), and the ease and variety of rule creation for both network and apps is far ahead of Comodo.  The interface is also a lot better than Comodo.

And bliss, it allows you to export and import rule sets - set it up, export the rules, install on another PC, import the rules.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #59 on: January 23, 2008, 05:56 AM »
Thanks for the summary of your experience 4wd -- since your opinions seem close to mine i think i'll give PcTools firewall a try soon.
Recently i moved from Comodo to Eset's new firewall, and been pretty happy, but not totally satisfied, so i'm always looking for another.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #60 on: January 23, 2008, 07:40 AM »
Yes, thanks 4WD - looks like we've had similar experiences. I'll take a look at PcTools as well.

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #61 on: January 23, 2008, 10:00 AM »
So for a software firewall I've settled on PCTools Firewall V3.

With or without ThreatFire ??

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #62 on: January 23, 2008, 01:46 PM »
I guess a firewall with outbound protection is a good idea, as you may know Microsoft implemented outbound filtering in Vista's firewall, mostly because people complained about it. So far so good.

Problem: Most modern firewalls recycled the original notion of a "firewall". A firewall is, essentially, a program that does not let any program connect to the Internet unless you say it so, and even then, the firewall limits the connection to the program and to a given port or range of them, all using a particular protocol. Some other firewalls, work with IP addresses, but of course, this is nearly unusable at a user level, and only used at enterprise level, as pointed by Liquidmantis below.

By opposition, firewalls like Comodo, ZoneAlarm, etc., work like a firewall and as a all-around security suite, implementing all kind of mechanisms to detect and patrol aspects of the system that a normal firewall would never care about, some of them are even application specific (for example, IE extensions, that I saw Online Armor analyzes), or totally unrelated to the Internet, like controlling startup entries.

The question is: Is all of this really necessary or are security makers playing with our paranoia? It's accepted that an antivirus is somewhat useful, considering all of the things the Internet is up to these days, like malware using JavaScript code (I came across one of those, avast! took care of it), this worm that it's still not controlled and uses cross-site scripting, or those popups that come up from nowhere and try to install "nice" software in the PC (adblocking to the rescue).

OK, based on this, one can say more protection is necessary, if the antivirus fails, you have the "firewall", but then, why do all security makers try to offer everything-in-one suites instead of selling you layers of it? A traditional firewall is useless in this situation, the thing you need is something to scan up particular locations of the system, something you can do later with free and very light software. I've seen during quite some time how everyone tries and fails miserably to design a competent one, now it seems that MAYBE Eset finally came up with something worth having, but mostly because they opted for a light firewall, and they have a good antivirus, that gets more things than the rest, all while being lightweight (again, it seems they borked the thing judging from some opinions I've read).

While not going for the opposite, selling applications separated and, if you wish, opting for a security suite, to get some people happy? Alwil Software seems to be going this way, which is something I applaud, and Eset, while not selling the firewall as a separate product, at least offers the antivirus, which is something other competitors are not doing, maybe because they don't even have that.

It's clear that, judging from the pace at which virus databases are growing (a-squared currently detects more than 1,000,000 million), proactive detection is needed, but at this cost? Do these applications guarantee me that if I go to a really nasty site, my computer will make it out of it? And then, why would I go to such site in first place? Would not be better to use a sandbox to be "absolutely secure"? Probably, and a much better option.

So then, if I restrict myself to good sites, that virtually won't be attacked and plagued by unknown malware, where's the need of such security on my back? Even if you do heavy torrenting or frequent eMule, I think there's no possibility of an attack using the application unless you're using a old version. OK, maybe the file could be infected, but you do analyze it before using it.

That's why I'm wary of using "firewalls", though I stated several times before that I'd try this or that firewall (that, and lack of time for such testing :P). If you use good practices and a router, I would go even as further as to say that an antivirus is unnecessary, except for scanning what you download from the Internet, and provided you use some passive protection (adblocking, blacklisting, whatever). I use an antivirus, because I prefer to do so, and saved my back a few times, complemented with a spyware scanner, mostly because it monitors autostart sections, and though I stated that good practices would make this unnecessary, it does not get in the way, and provides me information about what applications are doing, thus saving me of launching Autoruns to see if that installation did this or that.

The more I think about it, the more I'm convinced that modern security software is designed to protect us from ourselves, that from the outside, watching everything in the computer, and asking for our permission... wait, when you're doing something on the Internet, YOU decide if something should be done or not, so why do we have to answer two times to the same question? And most times it's easier to check before jumping, that than to discern what the dialog is talking us about (cryptic descriptions, unknown executables, etc.). For a newbie, such software is unusable, because they have no clue about what the application is asking them, an expert or experienced user does know beforehand what do with that link or that file, don't they?

The funny thing is that people that used to preach the usage of layers and layers of security, like Gizmo, are now taking the minimalistic approach, yet more and more security software makers continue to jump aboard with more complicated software, while things are not as bad as they used to be in the darker years (pre-SP2). Man, it used to be a jungle back then >_<

Maybe malware is quite more sophisticated than before, and uses other avenues to attack (it used to be vulnerabilities, now it's all about social engineering), but people is smarter, and malware writers seem more keen on spying on us, demanding money or making our computer "join the army" than destroying up data, which is quite a relief ;D

Em, phew! :P

EDIT: Rephrasing and fact correction
« Last Edit: January 23, 2008, 07:10 PM by Lashiec »

Liquidmantis

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 64
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #63 on: January 23, 2008, 03:21 PM »
Some other firewalls, work with IP addresses, but of course, this is nearly unusable at a user level, and I don't know if it's ever used at an enterprise level.

Huh?  Other than HTTP, everything we filter is done by IP address.  Our particular policy for HTTP access from our production network is to only allow access to a predefined list of URLs that the firewall appliance resolves.  My firewall policies always start from a blank slate, no access config then get built up with the smallest possible pinholes as needed.  And from too many lengthy negotiation and explanation meetings with our clients' IT staffs they are similarly restrictive.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #64 on: January 23, 2008, 08:04 PM »
Microsoft implemented outbound filtering in Vista's firewall - To shut people up. They created UAC to actually solve the problem.

Don't do everyday tasks with administrative rights. <- There you have it problem and solution in one simple sentence. Security companies don't give a damn about your computer's safety ... They're in business to make money, and scaring the $hit out of you works... Cha-Ching!!!

I only go to "Safe Sites" ROFLMAO ...Really? As defined by whom? I watched my granddaughter (on a pre SP2 machine) Surf for the Disney channel's Hillary Duff CD's for about an hour. The Machine was clean, when she started, it wouldn't boot when she was done. Now how much safer can you get than the freaking Disney Channel?!? *Sigh*

Hardware firewalls/routers on the other hand are wounderfull things.

Armando

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,727
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #65 on: January 23, 2008, 09:29 PM »
"ROFLMAO" ??... anyway. I still have a few questions :

- So... What are you saying exactly about a firewall's outbound protection ?
- How does UAC + IL (Integrity Levels ) mechanism directly protects your data (I'm not talking about protection of of "higher integrity objects" here...)  ?
- How is inbound protection only better than outbound + inbound ?

Target

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 1,832
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #66 on: January 23, 2008, 09:55 PM »
having just had to rebuild my machine I'm following this thread with interest, but am starting to feel a little frustrated

I've been using Comodo (v2x) for sometime so I'm interested to see whether or not I need to continue to use something like this, or whether something not so 'cutting edge' will do the job (eg Kerio 2.15, sygate, agnitum, etc??)

We've had references to several app's, some of which are quite old (and/or no longer available??) and which the users seem quite happy with, and some of which are 'new' and which people aren't happy with.  

Unfortunately there doesn't seem to be much in the way of objective info regarding the relative merits of any given app (4WD went some way towards this...).

also, while there seems to be a consensus that a properly configured router is the way to go, for the purpose of the OP they are pretty much off topic.  Granted they are the defacto standard, but they're not free, and they're not for everyone (eg they aren't an option for dial up users...)

it's also worth remembering that PCs are inherently insecure (firewalling aside), so there will never be a substitute for common sense and a bit of knowledge.

nice piece by Lashiec, BTW

Target

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #67 on: January 24, 2008, 12:16 AM »
4WD - thanks for directing me to PCTools Firewall Plus 3http://www.pctools.com/firewall/. I've been running it for a few hours and it is proving to be very lightweight and relatively inobtrusive  :Thmbsup: Have to see what I think in a week, but so far I am impressed.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #68 on: January 24, 2008, 12:20 AM »
PS I didn't go for the offer to install Threatfire with the firewall but have just been reading about it - anyone have any experience with it? How does it "play" with a traditional AV solution? The website suggests that it complements traditional AV solutions, rather than replaces them.

CodeTRUCKER

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,085
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #69 on: January 24, 2008, 01:11 AM »
PS I didn't go for the offer to install Threatfire with the firewall but have just been reading about it - anyone have any experience with it? How does it "play" with a traditional AV solution? The website suggests that it complements traditional AV solutions, rather than replaces them.

I have been using Threatfire for a couple of months.  It has thrown a couple false positives, but it has stopped three attacks.  It weighs in at about 8.3 MB (split evenly between TFTray.exe and TFService.exe)
I use it in harmony with Avast Free AV and so far have not suffered any damage that I know of.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #70 on: January 24, 2008, 07:58 AM »
Thanks for the input, CodeTrucker. I might as well give it a "go". I'm running BitDefender as my real-time AV and will report back with my experience. The firewall continues to be well-behaved, using no CPU that I can detect and 17/39 MB of RAM/VM split between its two processes.

Nod5

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,169
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #71 on: January 24, 2008, 03:43 PM »
Does anyone here have experience from using an old computer, two or more network cards and running some linux firewall distribution ( http://en.wikipedia....irewall_distribution )? If so, then I'd love to hear what you think the pros and cons of that compared to a regular software firewall are, since I'm thinking of putting such a "home made hardware firewall" together from various old computer parts.
« Last Edit: January 24, 2008, 03:45 PM by Nod5 »

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #72 on: January 24, 2008, 05:07 PM »
We've had references to several app's, some of which are quite old (and/or no longer available??) and which the users seem quite happy with, and some of which are 'new' and which people aren't happy with.

Yes, for example Gothi[c] told me a while ago in DC's IRC channel that he uses Sygate to firewall one of his computers. Being a server administrator, I guess his opinion is one not to be taken lightly.

nice piece by Lashiec, BTW

Thanks! It's something it has been roaming my head for quite some months, and I finally decided to wrote about it. I would probably end up installing a firewall anyway, despite what I said there, but I don't have a router, so it's impossible for mean to have a fine-grained control over the applications accessing the Internet. Now, the riddle is to find something that works like a firewall, and nothing more, since the antispyware is caring about the system internals protection. And finding time to test them all :)

BTW, something I remembered about outbound protection is that, even if f0dder point about that such ability is useless once your computer has been compromised is a good one, is that thanks to it, you can prevent the malware from sending sensitive information to its creator. That is, if you caught malware that spies on you. Then again, something should be done to prevent the software from entering in your computer, and the firewall is not the candidate for doing that. It's either you or monitoring software.
« Last Edit: January 24, 2008, 05:16 PM by Lashiec »

CodeTRUCKER

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,085
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #73 on: January 24, 2008, 05:18 PM »
Thanks for the input, CodeTrucker. I might as well give it a "go". I'm running BitDefender as my real-time AV and will report back with my experience. The firewall continues to be well-behaved, using no CPU that I can detect and 17/39 MB of RAM/VM split between its two processes.


FWIW, keep in mind this is not really a "firewall," perse.  It is what is called a "HIPS."  The acronym HIPS stands for Host- based Intrusion Prevention System.  You may want to give this a read if you are unfamiliar.  The article is a bit dated, but it is still informamtive.  Also, the "CyberHawk" in the article is now the present-day "Threatfire." AFAIK.  BTW - if you learn something significant beyond the article, let me know as I haven't looked to far beyond it yet. :-[ (there I used one of your favorite smilies <cheesy grin>)

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Best free firewall for Windows?
« Reply #74 on: January 24, 2008, 05:27 PM »
(there I used one of your favorite smilies <cheesy grin>)

 :-*

Ah... I am aware of HIPS, but was unaware of what ThreatFire was about. Thanks for clarifying that. I suppose that reading it's website might have alerted me to that, but I haven't gotten that far in my cunning plan to try it, yet! I am currently trying out PCTools Firewall Plus 3, as recommented about 4wd. It's nice and light, so far.