Main Area and Open Discussion > General Software Discussion
Best free firewall for Windows?
Armando:
1) that the systray icon doesn't pop up any menu when the icons are "hidden" inside PS Tray Factory. Online Armor Free is the only program I have with this weakness.
-Curt (January 29, 2008, 05:28 PM)
--- End quote ---
Actually, X1’s icon does the same. So my wild guess is that there are a bunch of other tray icons that might not behave properly in ps tray factory — not only OA or X1. Isn’t giving a firewall a :down: because it’s not perfectly compatible with PS tray a bit… extreme (Curt : do you have Irish blood? :P) ??
And concerning the other problem you had, which ciderman addressed :
To Curt that is the Hips side of the Online-Armor which is doing that. I agree that it can be annoying at times, but then again i dont install/uninstall lot of programs. If i do, i use the learning mode, because this way it doesnt pop up...well i am cheating a bit :)
-ciderman (January 31, 2008, 04:42 AM)
--- End quote ---
Exactly. This is actually one purpose of the learning mode : before uninstalling an app, just click on "learning mode"! That's it. It pretty much has the same function as Comodo's "installation mode" (or something like that). Because a good HIPS (Host-based Intrusion Prevention System) WILL tell you if an app wants to make changes to your OS or to installed programs… unless you explicitly tell it to NOT to do it. Which you can do with OA’s HIPS. No problem there!
The only ting that could be sexier is if OA could detect when one is actually installing/uninstalling an app and automatically offer the “learning mode” — like Comodo (and I believe Vista's firewall) does. As far as I’m concerned, the first security popup appearing when I install/uninstall something reminds me to do it. But then, what would be good is if a second popup could also remind me of putting the firewall back into normal mode… That is lacking. But, no big deal, really, IMHO.
Oh, I'm not using Defense+, chose not to install it. Forgot to mention. I've used anti-spyware apps in realtime mode to know exactly how much havoc they can wreak. :'(
-nosh (February 03, 2008, 12:08 PM)
--- End quote ---
Oh! that explains much. Because Comodo with defense+ DID slow down my internet connection + 6s freeze with farr and Gridmove (both slowdowns related to INI files see this thread : https://www.donationcoder.com/forum/index.php?topic=11871.msg96875#msg96875, and this post https://www.donationcoder.com/forum/index.php?topic=11871.msg97613#msg97613 — NOD32 had a part to play, but was easily fixed, Comodo with Defense+ had the biggest part when t came to farr’s freezes). That'S the main reason why I finally decided to drop Comodo entirely, especially after reading that Comodo without Defense+ isn't worth much... See that post in this thread : https://www.donationcoder.com/forum/index.php?topic=6059.msg98810#msg98810 .
I've used Outpost Pro Firewall (non-free) in the past. What I like about it is the level of detail in the information it provides me and in the range of actions I can choose from. But despite being better at such things compared to other software FW I tried it was still somewhat limited. It often asked me for decisions based on scarce information and few choices.
Example 1: some component had changed but there was no easy way for me to get more details about it (its path, its "track record" of changing, related components and I couldn't just copy its name to the clipboard for web searches)
Example 2: some process wants net access but I can only choose between "create rule" (subcategories always allow/always block/custom), "allow once" and "block once". (I don't remember the names Outpost uses exactly, but something like that). I would often have preferred "allow the next ___ minutes" where a dropdown would let me set the time.
So, can anyone here point me to an in other regards decent free firewall that provide VERY much information and have VERY many alternative actions?
-Nod5 (January 30, 2008, 04:02 AM)
--- End quote ---
I am/was personally happy with Comodo or Online Armor’s degree of precision. But I guess that it’s a personal thing. As for the "allow the next ___ minutes" — a very good suggestion IMO, if you know what you’Re doing ! — I don’t remember seeing that anywhere… Or maybe have I seen it in ZoneAlarm, at some point? Dunno.
Now, after almost one week of heavy testing, I’m happy to semi-confirm that OA's works really well on my system, with 99% of my applications. Only one old app I purchased years ago, “Audio Caller ID”, refuses to start if Online Armor is already running; BUT it will run if I temporarily disable OA, execute ACID, and restart the firewall. I haven’t tried to find what’s the source of the problem yet... and I probably won’t wince it works with that small workaround. Lazy me.
1- Online Armor generally doesn’t slowdown my 1.5 years old 1.8 ghz dual core. Its process is generally between 0 and 5%, and when doing heavy downloading (tried downloading the last Ubuntu with uTorrent!) or browsing, it doesn’t go much higher (some temporary peaks at 30, but it doesn’t stay there all the time — and that’s really not a problem for me since I’m not a heavy torrent user). And that’s with HIPS enabled.
2- Promptly blocks everything I haven’t given any special permissions/given any privileges (yes, you can choose to “permanently” lower an applications’ privilege with OA — “run safer”);
3- No internet perceptible slowdowns after intensive testing with different “speed testing” Web sites. (I'm not talking about about the firewalls popups for application permissions, etc.);
4- IMHO, the interface is much more cleverly designed than Comodo’s (and MUCH MUCH less sluggish) : simpler and more intuitive, less features though. Yes, the free version has simpler features (lacks some of the more advanced features of the advanced version, off course), but it's still effective. See Matousec's leak tests results.
Now, I’m not saying OA’s perfect. I’ve had enough problems with firewalls to know that some can appear after a month of daily use! Darwin obviously had problems with it, and I did have some small issues (with StrokeIt — but that’s easily fixed). But, as far as I’m concerned, it’s the best firewall I’ve tried so far… If they can fix some of the CPU “peaks” with uTorrent (and maybe others… like in Darwin’s case, I don’t know), it would be almost perfect for my needs. (I'm talking about the free version here -- the paid version might be even better... who knows.)
Grorgy:
While not strictly a free firewall i suppose, eset here in Australia are offering ESS for the same price as for NOD32, well it may not be the best firewall in the world I really couldnt say, but it does all i need and the price was right (50% student discount as well ;) )
Darwin:
1) that the systray icon doesn't pop up any menu when the icons are "hidden" inside PS Tray Factory. Online Armor Free is the only program I have with this weakness.
-Curt (January 29, 2008, 05:28 PM)
--- End quote ---
Actually, X1’s icon does the same. So my wild guess is that there are a bunch of other tray icons that might not behave properly in ps tray factory — not only OA or X1. Isn’t giving a firewall a :down: because it’s not perfectly compatible with PS tray a bit… extreme (Curt : do you have Irish blood? :P) ??-Armando (February 03, 2008, 04:12 PM)
--- End quote ---
Yeah, I've a number of icons that I can't hide using PSTrayFactory and still access context menu functionality for - Broadcom's Bluetooth controller app is one of them. Can't recall the others as I got fed up and simply stopped having them run in tray!
nosh:
Armando,
Thanks for the heads up! I reinstalled with Defense+ to see what kind of an impact it would have on my system and ... how shall I put this... everything went down the tubes! It didn't just slow down the PC, it brought almost everything to a complete halt for full five minutes.
In my defense...
Defense+ is an out and out anti-malware app and asks me crazy stuff like "Process Explorer is trying to create a file, would you like to allow this?"
Anyhoo - I will look into the HIPS issue in some more detail tomorrow, maybe the truth lies somewhere inbetween "isn't worth a s***" and "industrial strength" ;D - my needs for outbound protection are limited, I just want to stop regular apps (as opposed to malware intelligently finding its way around things) calling home without my permission. I think Comodo just might suffice.
Target:
thanks for the, err...'passionate' responses regarding the NForce firewalls, they echo what I'd been seeing in a lot of places...
FWIW I gave PC Tools a whirl and have to say I was mightily disappointed.
first problem (for me) - it blocked the internal network for some reason (and I'm not even on a network!!!), wouldn't let me play CounterStrike (single player). Tried tweaking the rules to no avail (probably my lack of expertise didn't help here...)
second problem - inability to connect to the net. It may be a good firewall, but I never found out 'cos it either blocked my connection, or dropped it after a very short time. I spent well over an hour trying to establish a reliable connection, and in the end simply disabled the firewall (problem solved!!). Maybe I'm a slow learner, but I can't for the life of understand why an app that is apparently as well considered as this one appears to be shouldn't work straight out of the box...
On top of that it was so intrusive (I'm still installing stuff after a rebuild) - every install required a response (some several).
Now I know this is a 'good thing', but it's irritating in the extreme. Clicking on the 'remember this' option shortcuts some of this, but creates a useless rule. Uninstalling was an equally frustrating exercise (why would I want to create a rule to uninstall something???).
all in all a very unproductive session (well, apart from the fact that now I know not to use PC Tools firewall)
Target
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version