So make 2 choices and use the second one if you find software not getting along with your first choice.this is the reason i had asked here (https://www.donationcoder.com/forum/index.php?topic=5632.0) about an alternative firewall.. now, i've made my choices: Windows Firewall (http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx) followed by ZA (http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp?dc=12bms&ctry=US&lang=en).-app103 (November 07, 2006, 12:56 AM)
If you plan on using IRC, forget Norton, it will block you from IRC for no good reason whenever it pleases.And IIRC (grin) it was also Norton that would BSOD if anybody on IRC wrote some special command (from a list of commands that Norton was monitoring because they were used by zombie bots).-app103 (November 07, 2006, 12:56 AM)
Personally I've stopped using software firewalls; I depend on my NAT'ing router to keep incoming traffic away, and Kaspersky to keep malware from running. Of course I can't detect "phone home" in regular software that way, but oh well.-f0dder (November 07, 2006, 09:18 AM)
I do exactly the same. Personally speaking, I have never used a software firewall that wasn't more of a nuisance for me than anything else. My computer habits are good enough where a good antivirus program and a few spyware programs is good enough for me. I don't know if my computer is vulnerable to attacks or anything, I hope not.If you plan on using IRC, forget Norton, it will block you from IRC for no good reason whenever it pleases.And IIRC (grin) it was also Norton that would BSOD if anybody on IRC wrote some special command (from a list of commands that Norton was monitoring because they were used by zombie bots).-app103 (November 07, 2006, 12:56 AM)
Personally I've stopped using software firewalls; I depend on my NAT'ing router to keep incoming traffic away, and Kaspersky to keep malware from running. Of course I can't detect "phone home" in regular software that way, but oh well.-f0dder (November 07, 2006, 09:18 AM)
I do exactly the same. Personally speaking, I have never used a software firewall that wasn't more of a nuisance for me than anything else. My computer habits are good enough where a good antivirus program and a few spyware programs is good enough for me. I don't know if my computer is vulnerable to attacks or anything, I hope not.Well, if you use Windows Firewall, that should hopefully protect you against worms etc. - which, with a decent NAT router setup, would only happen if somebody on your LAN got infected. Dunno if there's any remote exploits for the windows firewall, oh well :)-superboyac (November 07, 2006, 09:40 AM)
Well, if you use Windows Firewall, that should hopefully protect you against worms etc. - which, with a decent NAT router setup, would only happen if somebody on your LAN got infected. Dunno if there's any remote exploits for the windows firewall, oh well smileyActually, I don't even use Windows Firewall. Am I crazy?
I think that hackbusters URL needs some fixingYep, fixed it. Thanks.
Some thoughts:
a) ISTR XP's firewall doesn't stop outbound baddies.-OldElmerFudd (November 09, 2006, 03:58 AM)
I suggest taking looking at Comodo (http://www.comodogroup.com/products/free_products.html).-tinjaw (November 08, 2006, 07:14 AM)
Once you've got malware on your system, it's too late anyway.-f0dder (November 09, 2006, 04:25 AM)
We found a vast degree of difference among the three user memberships. On our Windows 2000 Professional client with User permissions only, none of the malware installed completely and two threats actually warned that the user had insufficient privileges.
A third loaded a malicious process into memory, but the threat did not reappear after reboot. The Sunbelt scan performed after the reboot could find only a single threat, which consisted of one file in the browser cache.
Once you've got malware on your system, it's too late anyway.-f0dder (November 09, 2006, 04:25 AM)
This is not entirely true *if* you run as a non-admin user. In that case you can unknowingly and inadvertantly download malware, and it will usually be unable to get itself installed or reconfigure your system (such as punching through firewalls).-mwb1100 (November 09, 2006, 04:55 PM)
Some thoughts:
a) ISTR XP's firewall doesn't stop outbound baddies.-OldElmerFudd (November 09, 2006, 03:58 AM)
Once you've got malware on your system, it's too late anyway. The only use outbound protection is, at the software firewall level, is to stop "regular" apps from phoning home. And if so inclined, it wouldn't be too hard for an app to target various popular products and punch holes through them, or use covert channels.-f0dder (November 09, 2006, 04:25 AM)
Well, sygate was indeed the best firewall i ever used for windows. RIP. I'd recommend anyone to try and find a copy of it.-Gothi[c] (November 07, 2006, 12:50 AM)
I've dumped A2, Prevx (tiresome), and TrojanHunter.
Well, sygate was indeed the best firewall i ever used for windows. RIP. I'd recommend anyone to try and find a copy of it.-Gothi[c] (November 07, 2006, 12:50 AM)
You can find Sygate 5.0 to 5.6.2808 here:
http://www.oldversion.com/program.php?n=sygate-laughinglizard (November 30, 2007, 01:59 PM)
I've dumped A2, Prevx (tiresome), and TrojanHunter.
Why dump TrojanHunter?-mrainey (November 30, 2007, 02:19 PM)
You do not need a firewall on a stationary PC if you are using a router...-wilfrednilsen (January 16, 2008, 11:40 AM)
You need a firewall if you are using a laptop on insecure networks, but…XP SP2 comes with a firewall for free, which uses very little CPU and memory... it's a smart idea to leave it enabled, unless you never have friends visiting with a laptop. Also, not all routers protect you, only if both of the following conditions are met:
You do not need a firewall on a stationary PC if you are using a router since the router is already working as a firewall. By default, all services are blocked by your router. It is for this reason unnecessary having a firewall installed on a stationary PC protected by a router. Using a firewall on a PC behind a router is a waste of money, CPU, and memory.-wilfrednilsen (January 16, 2008, 11:40 AM)
btw, i'm behind a secure router, so much so that i've ditched 3rd-party firewalls for the Windows firewall (https://www.donationcoder.com/forum/index.php?topic=5632.0), even though i came to know that it does only offers inbound protection.Who cares about outbound "protection" anyway? When you get to the point where it kicks in, your PC has already been compromised... I see it as fixing the symptoms instead of curing the problem.-lanux128 (January 16, 2008, 06:42 PM)
Who cares about outbound "protection" anyway? When you get to the point where it kicks in, your PC has already been compromised... I see it as fixing the symptoms instead of curing the problem.-f0dder (January 16, 2008, 06:52 PM)
Well, outbound protection lets you know when something has gone wrong and can help minimize the damage. I also like to make sure I know what the "benign" apps on my system are doing.-Liquidmantis (January 17, 2008, 01:55 PM)
Well, outbound protection lets you know when something has gone wrong and can help minimize the damage. I also like to make sure I know what the "benign" apps on my system are doing.That is, theoretically, an argument in favor of outbound firewalling... problem is that anything worth protecting against will be using covert channels (ie, injecting code into internet explorer and communicating over port 80), so the net worth is... nothing.-Liquidmantis (January 17, 2008, 01:55 PM)
:greenclp: Nailed It! :greenclp:btw, i'm behind a secure router, so much so that i've ditched 3rd-party firewalls for the Windows firewall (https://www.donationcoder.com/forum/index.php?topic=5632.0), even though i came to know that it does only offers inbound protection.Who cares about outbound "protection" anyway? When you get to the point where it kicks in, your PC has already been compromised... I see it as fixing the symptoms instead of curing the problem.-lanux128 (January 16, 2008, 06:42 PM)-f0dder (January 16, 2008, 06:52 PM)
Who cares about outbound "protection" anyway? When you get to the point where it kicks in, your PC has already been compromised... I see it as fixing the symptoms instead of curing the problem"a bit like saying "if the thief is in your house it's already to late : just let him take all your stuff and run", or "if you get sick, it's already too late : go for a walk and infect everybody else".
So for a software firewall I've settled on PCTools Firewall V3.-4wd (January 23, 2008, 03:55 AM)
Some other firewalls, work with IP addresses, but of course, this is nearly unusable at a user level, and I don't know if it's ever used at an enterprise level.-Lashiec (January 23, 2008, 01:46 PM)
PS I didn't go for the offer to install Threatfire with the firewall but have just been reading about it - anyone have any experience with it? How does it "play" with a traditional AV solution? The website suggests that it complements traditional AV solutions, rather than replaces them.-Darwin (January 24, 2008, 12:20 AM)
We've had references to several app's, some of which are quite old (and/or no longer available??) and which the users seem quite happy with, and some of which are 'new' and which people aren't happy with.-Target (January 23, 2008, 09:55 PM)
nice piece by Lashiec, BTW
Thanks for the input, CodeTrucker. I might as well give it a "go". I'm running BitDefender as my real-time AV and will report back with my experience. The firewall continues to be well-behaved, using no CPU that I can detect and 17/39 MB of RAM/VM split between its two processes.-Darwin (January 24, 2008, 07:58 AM)
(there I used one of your favorite smilies <cheesy grin>)-CodeTRUCKER (January 24, 2008, 05:18 PM)
BTW, something I remembered about outbound protection is that, even if f0dder point about that such ability is useless once your computer has been compromised is a good one, is that thanks to it, you can prevent the malware from sending sensitive information to its creator....unless the piece of malware is nasty enough that it evades the firewall/HIPS/whatever.-Lashiec (January 24, 2008, 05:07 PM)
true enough, but doing something might help, whereas doing nothing....
target-Target (January 24, 2008, 07:33 PM)
Yes, some kind of malware can do that. Recently, they discovered a specimen that can break out of a sandboxed environment like VMware and cause havoc in the host machine.Wouldn't be so effective if the VM was installed inside a Linux system. :)-Lashiec (January 25, 2008, 01:40 PM)
Yes, some kind of malware can do that. Recently, they discovered a specimen that can break out of a sandboxed environment like VMware and cause havoc in the host machine.Wouldn't be so effective if the VM was installed inside a Linux system. :)-Lashiec (January 25, 2008, 01:40 PM)-Dormouse (January 25, 2008, 01:49 PM)
true enough, but doing something might help, whereas doing nothing....
target-Target (January 24, 2008, 07:33 PM)
Personally I still believe that if you end up getting infected in the first place, and you're getting infected from something that's nasty enough to be a problem, it's going to be sophisticated enough to breach whatever software firewall you're running.-f0dder (January 25, 2008, 07:31 PM)
Makes you wonder "who" is actually putting all those "annoyance" virii on the web? I'm not a "conspiracy theorist" by any means, but neither do I pretend that the Emperor's New Clothes are anything but his B-Day suit. ;) There is LOTS of money in this business too. Something to think about.-CodeTRUCKER (January 25, 2008, 08:48 PM)
Maybe, but even if that was the case, even if that was some kind of "conspiracy" etc. (I understand the nuances, don't worry... ;)), one still has to adapt to these rules and constraints, even if they were artificially created. There are different ways to do that, one being to play it their way, or at least partly -- Comodo is not that expensive BTW...-Armando (January 25, 2008, 09:43 PM)
Because I have written in the recent past with an initially positive reaction to Comodo 3’s “Basic Firewall” installation option, I am honor-bound to post this quick message.http://blog.scotsnewsletter.com/2008/01/20/do-not-rely-on-comodo-3s-basic-firewall
I have learned directly from Comodo executives that the Basic Firewall installation option of Comodo 3 does not offer any outbound leak protection whatsoever. The company may add that protection in a future version of Comodo 3.x. The Basic Firewall option turns off Comodo 3’s Defense+ HIPS module (which constitutes the “Advanced” default installation mode). Defense+ provides the leak protection for Comodo 3.
The previous generation of the Comodo 2.4 provided anti-leak protection without the new HIPS module.
Not only does this mean that Comodo 3’s optional Basic Firewall mode is no longer a contender in this blog’s firewall evaluation, but if you’re relying on this version of Comodo 3 for your firewall protection, Windows XP users should switch to Online Armor FREE version 2.1.0.31 (or newer) and Vista users should uninstall Comodo 3 and reinstall it, choosing the “Advanced” installation option.
The problem you are referring to above, does it relate to Threatfire or to PC Tools Desktop Firewall?-Darwin (January 27, 2008, 05:00 PM)
Gothi[c] told me a while ago in DC's IRC channel that he uses Sygate to firewall one of his computers. Being a server administrator, I guess his opinion is one not to be taken lightly.
I installed Online Armor (free) earlier... Well, all is well... No noticeable slowdowns, all seems to be good. CPU (depending on network activity) and RAM usage are a bit higher than Comodo 3, but it seems to be worth it.
I'll keep testing it, of course, but it's looking good. It's detected every single dll injection etc. on my computer (compared to 0 detection with comodo "basic installation", without defense+). :Thmbsup:-Armando (January 27, 2008, 08:26 PM)
Hmm... I've grabbed the last release of Sygate (5.6xxx) from the link provided and am debating what to do :huh: PC Tools is working "fine" and with the most minimal footprint I've yet "enjoyed" in a firewall - I guess it's time to investigate further the dll issue...-Darwin (January 28, 2008, 08:24 AM)
I am using Online-Armor AV+ V2 and i am also lucky to be a beta tester. I have used Online-Armor for over a year. It s getting better all the time and development is quick. They really listen to their users, especially Mike Nash who is the front man. Online-Armor is one of the easiest firewalls i have ever used or tried. It is pretty much set it and forget it.-ciderman (January 28, 2008, 05:04 AM)
Here's an interesting/amusing read... someone who has a lot of contempt for software firewalls.-nosh (January 28, 2008, 07:32 PM)
If you'll feel safer sleeping at night knowing there's a 'personal firewall' running on your system, then install one. As long as you pay no attention to the "hack attacks" it reports it's better than nothing. A free one, ideally, as few of them are worth paying for.-article
Is it me or are lots of people really paranoid? It strikes me that some of the multiple solutions hinted at above would leave systems running at such a snail pace that it might be simpler to simply unplug from the internet and still have a faster surfing experience! :wallbash: :rip:-Carol Haynes (January 28, 2008, 08:01 PM)
time for a spin-off thread??-Target (January 28, 2008, 09:00 PM)
Update - first two hours with OnlineArmor have been a bit rocky but it has settled down now. First reboot was a long, protracted, and frankly worrisome affair. I haven't repeated that part of the experiement yet but hope that now that OA has configured itself it won't be so bad. Will report back tomorrow - if present level of resource usage and "intrusiveness" is representative of how its going to behave, I can happily live with it.-Darwin (January 28, 2008, 06:11 PM)
my only computer is a notebook and I am often on networks other than my own as I teach at two different college campuses and definitely feel that I need the extra protection afforded by a software firewall. Of course, at home I am behind a hardware firewall.-Darwin (January 28, 2008, 11:46 PM)
I was going to write that! (The magic router protection is not exactly possible when you're traveling with a laptop!)-Armando (January 28, 2008, 11:55 PM)
there are several threads already about firewall & security. here are a few..
Seeking opinions about combination antivirus/firewall products (https://www.donationcoder.com/forum/index.php?topic=8670.0)
How necessary is a software firewall? (https://www.donationcoder.com/forum/index.php?topic=3068.0)
Free Windows firewalls found better than commercial ones (https://www.donationcoder.com/forum/index.php?topic=6412.0)
Firewalls - please, i can't be bothered. (https://www.donationcoder.com/forum/index.php?topic=7576.0)
The Great Firewall Hunt ... frustrating ... (https://www.donationcoder.com/forum/index.php?topic=1695.0)
i think you get the idea..-lanux128 (January 28, 2008, 10:09 PM)
granted (I should have realised that this is one of those eternal chestnuts...), but after grinding through all of the quoted threads I'm none the wiser - seems someone had an issue with every one of the firewalls quoted and there didn't seem to be any consensus on whats acceptable-Target (January 29, 2008, 01:07 AM)
Everytime I opened up a new browser tab everything would freeze up for 5 or more seconds and TA reported OA using upwards for 30% of my CPU. I'm leaving the paranoid camp, for now...-Darwin (January 29, 2008, 12:03 PM)
The only two problems I have found after the first 24 hours of using Online Armor Free are 1) ....-And 2) that Online Armor is too intrusive when I want to uninstall some program. Why on earth must it know if it is okay that I am running an uninstaller?-Curt (January 29, 2008, 05:28 PM)
update - hmmm, after a little googling it doesn't seem like this is a particularly good option (though personally I don't recall it ever being a problem)-Target (February 01, 2008, 12:18 AM)
I think they even removed it completely for later chipsets, which screams "danger bloody danger!" to me.-f0dder (February 01, 2008, 05:58 AM)
STAY AWAY FROM THE NFORCE FIREWALL!(If there was only a bbcode tag for blink...)
It leaks like hell (try running a torrent client for some hours), it's unstable to the point of BSODs, it installs several megabytes of apache httpd server just for it's configuration, etc.
Sounded like such a great idea when nvidia introduced it, but implementation is so useless that you shouldn't bother. I think they even removed it completely for later chipsets, which screams "danger bloody danger!" to me.-f0dder (February 01, 2008, 05:58 AM)
1) that the systray icon doesn't pop up any menu when the icons are "hidden" inside PS Tray Factory. Online Armor Free is the only program I have with this weakness.-Curt (January 29, 2008, 05:28 PM)
To Curt that is the Hips side of the Online-Armor which is doing that. I agree that it can be annoying at times, but then again i dont install/uninstall lot of programs. If i do, i use the learning mode, because this way it doesnt pop up...well i am cheating a bit :)-ciderman (January 31, 2008, 04:42 AM)
Oh, I'm not using Defense+, chose not to install it. Forgot to mention. I've used anti-spyware apps in realtime mode to know exactly how much havoc they can wreak. :'(-nosh (February 03, 2008, 12:08 PM)
I've used Outpost Pro Firewall (non-free) in the past. What I like about it is the level of detail in the information it provides me and in the range of actions I can choose from. But despite being better at such things compared to other software FW I tried it was still somewhat limited. It often asked me for decisions based on scarce information and few choices.
Example 1: some component had changed but there was no easy way for me to get more details about it (its path, its "track record" of changing, related components and I couldn't just copy its name to the clipboard for web searches)
Example 2: some process wants net access but I can only choose between "create rule" (subcategories always allow/always block/custom), "allow once" and "block once". (I don't remember the names Outpost uses exactly, but something like that). I would often have preferred "allow the next ___ minutes" where a dropdown would let me set the time.
So, can anyone here point me to an in other regards decent free firewall that provide VERY much information and have VERY many alternative actions?-Nod5 (January 30, 2008, 04:02 AM)
1) that the systray icon doesn't pop up any menu when the icons are "hidden" inside PS Tray Factory. Online Armor Free is the only program I have with this weakness.-Curt (January 29, 2008, 05:28 PM)
Actually, X1s icon does the same. So my wild guess is that there are a bunch of other tray icons that might not behave properly in ps tray factory not only OA or X1. Isnt giving a firewall a :down: because its not perfectly compatible with PS tray a bit extreme (Curt : do you have Irish blood? :P) ??-Armando (February 03, 2008, 04:12 PM)
So for a software firewall I've settled on PCTools Firewall V3.-4wd (January 23, 2008, 03:55 AM)
With or without ThreatFire (http://www.threatfire.com/) ??-Curt (January 23, 2008, 10:00 AM)
Darwin,
I was tempted to try it myself but I read somewhere it doesn't have checks for dll injection. You may want to look this up (I'm not sure if it's been rectified in the newer versions) before you make it a permanent fixture.-nosh (January 27, 2008, 01:34 PM)
Now, I’m not saying OA’s perfect. I’ve had enough problems with firewalls to know that some can appear after a month of daily use! Darwin obviously had problems with it, and I did have some small issues (with StrokeIt — but that’s easily fixed). But, as far as I’m concerned, it’s the best firewall I’ve tried so far… If they can fix some of the CPU “peaks” with uTorrent (and maybe others… like in Darwin’s case, I don’t know), it would be almost perfect for my needs. (I'm talking about the free version here -- the paid version might be even better... who knows.)-Armando (February 03, 2008, 04:12 PM)
... Isnt giving a firewall a :down: because its not perfectly compatible with PS tray a bit extreme ?? ...-Armando (February 03, 2008, 04:12 PM)
I tried OA, it kept popping up runtime errors. The other apps didn't freeze up like with Comodo but everything went into slow-motion, including my download speeds. I have to assume that something on my system doesn't like HIPS or more likely, the other way round. Judging by the hit a PC takes with HIPS installed, anyone installing it should give some serious thought to whether it is _really_ worth it. For me getting rid of HIPS wasn't even a security decision, more like whether I wanted to keep using my PC or not. Am back with Comodo (sans HIPS, of course) Maybe my experience was a lot worse than some of you considering my P4 3GHz Prescott is kinda dated... and yet, kinda state-of-the-art, compared to other frying pans!-nosh (February 05, 2008, 06:03 PM)
FWIW I gave PC Tools a whirl and have to say I was mightily disappointed.
first problem (for me) - it blocked the internal network for some reason (and I'm not even on a network!!!), wouldn't let me play CounterStrike (single player). Tried tweaking the rules to no avail (probably my lack of expertise didn't help here...)-Target (February 03, 2008, 06:07 PM)
second problem - inability to connect to the net. It may be a good firewall, but I never found out 'cos it either blocked my connection, or dropped it after a very short time. I spent well over an hour trying to establish a reliable connection, and in the end simply disabled the firewall (problem solved!!). Maybe I'm a slow learner, but I can't for the life of understand why an app that is apparently as well considered as this one appears to be shouldn't work straight out of the box...
On top of that it was so intrusive (I'm still installing stuff after a rebuild) - every install required a response (some several).
Now I know this is a 'good thing', but it's irritating in the extreme. Clicking on the 'remember this' option shortcuts some of this, but creates a useless rule. Uninstalling was an equally frustrating exercise (why would I want to create a rule to uninstall something???).
Generally because the installer wants to connect to the net, accept connections, etc, (Microsoft Installer will). But at least you don't end up with 50+ uninstall/install/setup items in the Apps list like ZA, (mine has none). All the firewalls I've tried do this, (except purely rule-based), and personally I'd consider it a failing if they didn't, (open a requester when net access is happening during program install/uninstall).
This is one reason why the majority of programs I use are portable.Now I know this is a 'good thing', but it's irritating in the extreme. Clicking on the 'remember this' option shortcuts some of this, but creates a useless rule. Uninstalling was an equally frustrating exercise (why would I want to create a rule to uninstall something???).
Because, again, the uninstaller is trying to connect to the net, accept connections, memory injection, etc.
Maybe you have some conflicting antispyware or antivirus???-Armando (February 05, 2008, 06:28 PM)
list of Features and Bug fixes – In detail
General
Resizeable GUI - our customers have been asking us to resize the Online Armor GUI - now, you can.
Remove Spamshield - the previous flagging of suspect spam messages was based on checking messages for spam-vertised links on SURBL. As spammers changed their tactics, it became clear this it became clear this approach was no longer effective and so the feature was removed..
Multiple Desktop Support - users with desktop switching software could not use Online Armor as popups would appear on the default desktop and were not answerable. Now, this is solved.
Fixed bug with uninstall protection - Online Armor protects itself from uninstallation. In the recent release, some users were unable to remove Online Armor without entering Safe mode. This issue is now fixed.
Fixed unresponsive tray icon - A few users reported after changing some options in Online Armor that the Online Armor menu became unresponsive. This meant settings could not be changed. This has now been fixed
Added hotkeys disable option - Some users did not want hotkeys (me included) - so now they can be disabled
Autoruns Enhancements
Online Armor has always monitored autorun locations; The scope of protection has been significantly enhanced in Online Armor - (Thanks to Tony Klein)
Additional scan during SCW added (folders where start menu items reside).
Safety Check Wizard
Realtime update during SCW - When Online Armor first starts, a Safety Check Wizard runs. This allows the system to scan the start menu, autoruns and so on to detect components that are already installed on the computer. This step means that the user should not be inundated with popups after a restart.
The Safety Check Wizard has a local list of common files which it compares against; This has been updated to link with OASIS (Online Armor Software Information Service) in real time. What this means is that the absolute latest data will be used on each install.
Faster Saving - Saving of the configuration during the wizard has been optimised
OASIS
OASIS (Online Armor Software Information Service) has been significantly updated. OASIS 2 provides the users with this data whether or not the file has been assessed, information about what the program does, how many users have seen it and some information about what it does.
When a program runs that is unknown - you can click the "more" button to get the OASIS results for it. This might help you decide what to do as it provides aggregate information about what the other users did.
You can also right click inside programs -> File Information -> More to get information out of OASIS.
Firewall
Optimized Performance for Torrents - when using bittorrent, firewall processing created slowdowns. This issue has been comprehensively corrected. You should not see slowdowns caused by Online Armor Firewall.
Automatic Network Identification (Interfaces) - previously all interfaces were lumped in as one. Now, ONLINE ARMOR will allow interfaces to be selectively trusted/not trusted. This caters for the case of the rOnline Armord warrior that may plug into trusted/public networks. This now also includes VPN interfaces.
Manage Windows Firewall during ONLINE ARMOR Install - If the windows firewall is active, it will be disabled. If Online Armor firewall is removed, windows firewall will be reactivated.
Added firewall log viewer - Users requested the ability to see firewall logs, and now they can.
Block network connection on boot (optional) - Users requested the ability to block all traffic during boot.
Firewall Logs are defaulted to "Off" - users reported big log file sizes - since most users have neither the need nor desire to manage or view firewall logs, we believe this makes sense. Advanced users will easily find out how to turn logs on - Standard users would not even know they needed to turn them off, or otherwise manage them
ICMP traffic is now blockable per application.
Help
Our help file has been updated, and localised into Japanese and Turkish.
Video help has been added in the help file - "Show me how".
Program Guard
Install Mode added (paid version) - automatically allows trusted installers to install without further prompting.
Allow blocking of trusted programs - We resolved a bug where users could not prevent safe programs from running.
Runsafer - probaby one of the coolest features of ONLINE ARMOR allows a user logged in as Admin to run a program with lowered rights (like dropmyrights) - but automatically. We added the ability for the user to run a "Safer" program normally, or a normal program "Safer" from inside the program guard.
CPU Limiter added to control runaway processes;
CPU Affinitity control to show which processor a program may use.-ChangeLog
Help the average user to change and manage settings of the embedded firewall
Is a free tool that can help the average user to change and manage settings of the embedded firewall in Windows XP giving many extra options regarding the firewall
apologies for resurrecting a dead thread, but it seems appropriate...-Target (February 28, 2008, 12:58 AM)
There are still a couple of applications that don't work well with Comodo's firewall. NOD32 in its current incarnation uses a proxy to filter all the web pages email through its on-access scanner. That means that all the connections appear as originating from NOD32, so there is no firewall filtering of connections as a result.-BinderDundat (March 07, 2008, 05:52 PM)
There are still a couple of applications that don't work well with Comodo's firewall. NOD32 in its current incarnation uses a proxy to filter all the web pages email through its on-access scanner. That means that all the connections appear as originating from NOD32, so there is no firewall filtering of connections as a result.-BinderDundat (March 07, 2008, 05:52 PM)
The NOD32 ekrn proxy doesn't just affect Comodo though. There's been a lot of complaints about it rendering ANY firewall useless.
See: http://www.wilderssecurity.com/showthread.php?t=192305-taichimaster (March 08, 2008, 06:27 AM)
@ taichimaster - Yes, it is sad that so many people don't take the time and effort to set up their security programs the proper way. There is absolutely nothing wrong with the cooperation between my NOD32 3.0 and my Outpost Pro 6.0 - Outpost is doing all it is supposed to do.-Curt (March 08, 2008, 12:58 PM)
Er... but that's a frontend for FFmpeg :huh:-Lashiec (March 11, 2008, 07:28 PM)
try this - <a href="http://www.bestsecuritytips.com/content+index.id+16.htm">XP Firewall Commander</a>-Target (March 11, 2008, 07:37 PM)
reading back in this thread I came across the above -... Isn’t giving a firewall a :down: because it’s not perfectly compatible with PS tray a bit… extreme ?? ...-Armando (February 03, 2008, 04:12 PM)
I have a license for Outpost Pro, so I don't have to tolerate any problems. ;)
The Danes ruled certain parts of Ireland a thousand years ago, so there may be some Irishmen with Danish blood, but I am quite sure that I don't have Irish blood...-Curt (February 05, 2008, 06:08 PM)
...Isn’t giving a firewall a :down: because it’s not perfectly compatible with PS tray a bit… extreme (: do you have Irish blood? :P) ??...-Armando (February 03, 2008, 04:12 PM)
Oh! that explains much. Because Comodo with defense+ DID slow down my internet connection + 6s freeze with farr and Gridmove (both slowdowns related to INI files see this thread : https://www.donationcoder.com/forum/index.php?topic=11871.msg96875#msg96875, and this post https://www.donationcoder.com/forum/index.php?topic=11871.msg97613#msg97613 — NOD32 had a part to play, but was easily fixed, Comodo with Defense+ had the biggest part when t came to farr’s freezes). That'S the main reason why I finally decided to drop Comodo entirely, especially after reading that Comodo without Defense+ isn't worth much... See that post in this thread : https://www.donationcoder.com/forum/index.php?topic=6059.msg98810#msg98810 .-Armando (February 03, 2008, 04:12 PM)
A new version of Online Armor was launched today: 2.1.0.85
You can get the "pro" version with a $15 rebate, using dicount code OAFEB-Curt (February 21, 2008, 07:09 AM)
Use the promo code OAMAY anytime in the next 15 days and you can get $15 off any Online Armor product (except renewals).
https://www.tallemu.com/buy_now.html-Online Armor promotion email
Use the promo code OAMAY anytime in the next 15 days and you can get $15 off any Online Armor product (except renewals).
https://www.tallemu.com/buy_now.html-Online Armor promotion email
Firewalls? I haven't smelled smoke..oh, THOSE firewalls.
Some thoughts:
) ISTR XP's firewall doesn't stop outbound baddies.
2) Yes, I know ZA's gotten fat over the years, but I use it on all our machines. Bite-sized trouble and I also sit behind a hardware firewall, and I routinely install multiple layers of AV, anti-spyware, anti-adware, and anti-trojan screeners and sweepers in every machine I get my hands on.
III) I check all the boxes all the time.
Software I use: AVG Free, Eset NOD 32, Spybot, Spywareblaster, SpywareGuard, SpySweeper, A2 Free, ZA, AdAware, TrojanHunter, and more. Not to mention WinPatrol Plus, Prevx...guards! Seize him! OK, I'll go quietly now.
I'm not really paranoid, just kind of a-retentive thorough about this stuff. Depending on the machine, I'll even use (shudder) payware.
OEF-OldElmerFudd (November 09, 2006, 03:58 AM)
You can find the results of a very good firewall challenge at the following link:-40hz (July 24, 2008, 09:32 PM)
I am not all a fan of Matousec, because I don't fully trust his methods to be as relevant, as he would like us to think, but I don't think his affiliate deals are a problem, on this matter. One is a magazine, hakin9 (http://www.en.hakin9.org/), and the other is the Anti Rootkit (http://antirootkit.com/) site. How can such affiliates be a problem?-Curt (July 25, 2008, 06:00 AM)
Yes, it's important to make sure your firewall program is always running, but some would argue that its not the job of the firewall program to do that.-cthorpe (July 25, 2008, 12:37 AM)
In my opinion, the firewalls that have branched out into HIPS functions like process termination protection can be more trouble than they are worth as they have to dig themselves so deep into the OS to provide those functions.-cthorpe (July 25, 2008, 12:37 AM)
That set of tests and the results posted are misleading.-cthorpe (July 25, 2008, 12:37 AM)
I am not all a fan of Matousec, because I don't fully trust his methods to be as relevant, as he would like us to think, but I don't think his affiliate deals are a problem, on this matter. One is a magazine, hakin9 (http://www.en.hakin9.org/), and the other is the Anti Rootkit (http://antirootkit.com/) site. How can such affiliates be a problem?-Curt (July 25, 2008, 06:00 AM)
No, I said affiliate deals with some of the software vendors.
(see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=6059.msg122180#msg122180))-PhilB66 (July 25, 2008, 07:01 AM)
No, I said affiliate deals with some of the software vendors.
(see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=6059.msg122180#msg122180))-PhilB66 (July 25, 2008, 07:01 AM)
I never knew!
---
Did we learn elsewhere that Eset (NOD32) Security Suite is one of the best?
- matousec doesn't seem to think so:
(see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=6059.msg122358#msg122358)) (see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=6059.msg122358#msg122358))
- or is "Smart Security" perhaps something else I have forgotten about?
Edited for spelling-Curt (July 27, 2008, 07:50 AM)
Sorry for not making myself clear. I didn't care to download matousec's test report to see why this security suite from Eset presumably is totally worthless. To the best of my understanding Eset Smart Suite may be the best protection I can get at all.
Recent Eset Smart Suite awards:
(see attachment in previous post (https://www.donationcoder.com/forum/index.php?topic=6059.msg122376#msg122376))-Curt (July 27, 2008, 10:29 AM)
His tests have caused many developers to focus like crazy on developing functionality to beat the tests, making the firewalls just about useless for anyone without enough technological insight to know how to answer the overload of (usually worthless) questions it presents you with.-Dirhael (July 27, 2008, 04:17 PM)
It's telling that several (well at least two as far as I know) of the high-ranking products in his tests doesn't even include proper firewall functionality at all.
It's telling that several (well at least two as far as I know) of the high-ranking products in his tests doesn't even include proper firewall functionality at all.
Even more interesting. Could you elaborate? Thx. :)-40hz (July 27, 2008, 11:45 PM)
Even more interesting. Could you elaborate? Thx. :)-40hz (July 27, 2008, 11:45 PM)
Even more interesting. Could you elaborate? Thx. :)-40hz (July 27, 2008, 11:45 PM)
Looks like cthorpe beat me to it :D-Dirhael (July 28, 2008, 06:21 AM)
Any security system that can be terminated without authorization is no security system at all. I really don't see how anyone can seriously advance the argument that it's not the responsibility of a security product to protect itself.As soon as you have malware running on your system, you're game over. If a HIPS/firewall/antivirus solution can't keep stuff from coming in, forget about it. And yes, I believe that outbound filtering by software firewalls is basically useless.
HIPS may be yet another case of "putting lipstick on the pig," but until somebody in Redmond decides to audit and (potentially) rewrite something like 50+ million lines of source code, I'd like to have all options available.Bullocks - NT is safe. You just need to run as a limited account instead of having admin privileges. Yes, this can be a pain because of how the non-kernel components of NT are done, but just drop your rights (http://cybercoyote.org/security/drop.shtml) for internet-facing stuff, then.
As soon as you have malware running on your system, you're game over. If a HIPS/firewall/antivirus solution can't keep stuff from coming in, forget about it.
At least NT has proper fine-grained permissions, unlike the owner/group/world crap from the *U*X mentality smiley
Isn't that why it would make sense to have HIPS active during an install?Yep, just don't get too caught up on the issue of whether there's outbound filtering or not, and whether the application can be auto-terminated or nto :). IMHO power-users shouldn't really need anything but a NATing router and windows built-in firewall (in case you have a friend visiting you with an infected computer), but for the less techy (and more click-bloody-anything naïve), and corporate certification-hungry needs, it's of course another scenario.
A bit :) - the NT kernel is (mostly) a pretty fine piece of work, and it's ACL security model is nice and flexible. The problem lies with the non-kernel part of the system ;)At least NT has proper fine-grained permissions, unlike the owner/group/world crap from the *U*X mentality smileyHmmm....are you Tux baiting? :P
Lashiec I hope you are not making fun of me by offering WF as asolution, because I said that my budget is tight this year. I see no shame involved with being under funded nowadays.There's no shame in being under-funded, and there's not much reason to use anything but Windows' built-in firewall.-kartal (October 23, 2009, 08:51 PM)
The free version of Online Armor Personal Firewall (http://www.tallemu.com/) suits my limited budget very well. OA offers excellent protection and solid customer support.
Hurry to their site before Oct. 31st for a 40% discount on their paid versions.-sajman99 (October 24, 2009, 12:16 AM)
Lashiec I hope you are not making fun of me by offering WF as asolution, because I said that my budget is tight this year. I see no shame involved with being under funded nowadays.There's no shame in being under-funded, and there's not much reason to use anything but Windows' built-in firewall.-kartal (October 23, 2009, 08:51 PM)-f0dder (October 24, 2009, 05:53 AM)
I am also thinking to turn my laptop into a firewall with internet sharing. Would that be a good solution?If it only works as a firewall and any other internet devices are behind it: Yep. That's how a firewall works.-kartal (October 24, 2009, 06:10 PM)
Actually one of the things I am really wanting is to see which application is trying to connect outside.Trojans and worms usually run on your user account. What should keep them away from registering themselves in your "firewall" software?-kartal (October 24, 2009, 06:10 PM)
I think most of these windows firewalls show that.There is no Windows firewall.-kartal (October 24, 2009, 06:10 PM)
Is there such thing under linux?I don't actually hope so. Linux users don't tend to install anything anyone says of it's great.-kartal (October 24, 2009, 06:10 PM)
PFWs do filter incoming data too, so they are firewalls.That's not the point of a firewall.-f0dder (October 25, 2009, 08:10 AM)
Think Rapidshare, p2p, illegal software - some of incomings can be tricky to deal with. Like wanting to "phone home", check serial numbers and such.Seriously: If you tend to install software from suspicious sources, not even a firewall of any kind can prevent you from serious damage.-Bamse (October 25, 2009, 09:25 AM)
Same goes for illegal software, if done right - and if even possible to avoid risk that way.Why should anyone try illegal software at all?-Bamse (October 25, 2009, 09:41 AM)
Lashiec I hope you are not making fun of me by offering WF as asolution, because I said that my budget is tight this year. I see no shame involved with being under funded nowadays.-kartal (October 23, 2009, 08:51 PM)
The point of a firewall is protecting machine(s) from network-based attacks, and PFWs (and Windows' builtin firewall) do that just fine - as long as the TCP/IP stack isn't seriously flawed, it doesn't matter much if you drop packets at the gateway or the individual machines, really. The focus is not exposing ports you don't want exposed, and possibly some SPI as well. Also, keep in mind that a gateway firewall only protects against WAN-originating attacks, not LAN-originating... even with a powerful gateway firewall with SPI and whatnot, I'd still be running Windows firewall (or iptables/ipfw/whateveryourOSofchoicehas) on the client machines.PFWs do filter incoming data too, so they are firewalls.That's not the point of a firewall.-f0dder (October 25, 2009, 08:10 AM)
And a PFW can't filter incoming data, as it runs on the system you actually want to protect. Any packet from outside can reach your computer before the PFW actually notices it, right?-Tuxman (October 25, 2009, 09:17 AM)
Not all who are into illegal stuff trust keygen.exe. I almost don't use such things any more, but when I did arming computer with "firewall" was considered common sense among those who did not just click, click.If you don't trust keygen.exe, you're a moron for running it on your machine - a VM beats outgoing filtering any time any day.-Bamse (October 25, 2009, 09:25 AM)
Not everybody is stinking rich or idealist.Same goes for illegal software, if done right - and if even possible to avoid risk that way.Why should anyone try illegal software at all?-Bamse (October 25, 2009, 09:41 AM)-Tuxman (October 25, 2009, 09:49 AM)
Not everybody is stinking rich or idealist.Most "pirated" software is something you don't need. You see, people say "hm, I want to edit my holiday pictures, so I'll pirate Photoshop". You use three or four editing functions, nothing else. So why the hell do you want to pirate it? Because you can? Come on...-f0dder (October 25, 2009, 10:10 AM)
The cool stuff is typically expensive Tuxman. Games, Adobe, MS.Adobe is not cool, Adobe is bloated crap. I don't know any home user who really needs their stuff.-Bamse (October 25, 2009, 10:13 AM)
Most do not know much about free or fairly priced alternatives either.Of course they do, it's just that they don't want to use them. It's more "cool" to say "lol I own Photoshop y00!" instead of "hi I use GIMP" or something. However, I can't get it why anyone has to pirate these apps. I am a proud Open Source and Freeware user and even own some legally bought licenses for a couple of applications (I even spent some money for the Vim developer).-Bamse (October 25, 2009, 10:13 AM)
Photoshop is highly recommended for resizing picsWTF? For resizing?!-Bamse (October 25, 2009, 10:41 AM)
If you really want it locked down, you're going to combine border gateway firewall (with SPI) with per-machine PFWs.-f0dder
You failed with that effort-Bamse (October 30, 2009, 04:16 PM)
Is there a point to your post?yes-Bamse (October 30, 2009, 06:39 PM)
Thanks guys..- oops, SORRY, 40Hz! I was not aware how bad my wording came out. Not intended! :-[Sorry I misunderstood you. My apologies in return. :-[ :)-Curt (October 03, 2009, 10:13 AM)-40hz (October 03, 2009, 12:39 PM)
* jgpaiva loves DC spirit-jgpaiva (October 03, 2009, 12:50 PM)
You are wrong Mrs. If you turn down sensitivity level a tad you will see and get over it. Regardless, this thread is about firewall not your concerns for other members well being.-Bamse (October 30, 2009, 08:39 PM)
And comments like your previous one don't go over too well here.
Perhaps after you've been here a little longer you'll start to show a bit more courtesy towards your fellow members; and hopefully develop a better appreciation for the social norms at Donation Coder?-40hz (November 09, 2009, 06:27 PM)
And comments like your previous one don't go over too well here.
Perhaps after you've been here a little longer you'll start to show a bit more courtesy towards your fellow members; and hopefully develop a better appreciation for the social norms at Donation Coder?-40hz (November 09, 2009, 06:27 PM)
I'm hoping that as it appears that Bamse is not a native English speaker he doesn't mean the brash way some of his remarks are coming off.-Innuendo (November 10, 2009, 12:25 PM)
FWIW I'm really liking Online Armor's (http://www.tallemu.com/) new pricing structure with $19.95 for a single user license for OA Premium.-sajman99 (November 09, 2009, 12:38 PM)
[...] my normal defense system of Avira and Online Armor is generally strong [...]-Steven Avery (June 08, 2009, 10:27 PM)
FWIW I'm really liking Online Armor's (http://www.tallemu.com/) new pricing structure with $19.95 for a single user license for OA Premium.-sajman99 (November 09, 2009, 12:38 PM)
getting back on topic - anyone know does that work well with AntiVir (Avira) (full version)
edit/ found this via search[...] my normal defense system of Avira and Online Armor is generally strong [...]-Steven Avery (June 08, 2009, 10:27 PM)-tomos (November 10, 2009, 12:55 PM)
[...]
http://fileforum.betanews.com/detail/Privatefirewall/1059097279/1
Reviews of Privatefirewall
Rating 4 out of 5 stars
by CyberDoc999
Reviewing 7.0 (Oct 15, 2009)
Firewall Works great......
and it is free !
the HIPS (Host-based Intrusion Prevention System)
is Lame.....
I tested it on 5 differents programs and it blocked none of them....
HIPS that worked would make this a killer app
Has anyone else on this forum tried Privatefirewall out? If you just wanted a firewall and no HIPS, then presumably this could be quite a useful firewall proggy.-IainB (November 10, 2009, 01:26 PM)
...It still is an experiment, but this is what I have lived with for months, but then again I never open any attachment that I do not recognize the sender. Even if the sender is known (it can be counterfeited) the subject and body must reflect the contact's writing style and habits.
however, if you're sitting behind a hardware home router with basic security features there's also good argument that the built-in firewall that comes with Windows is more than adequate.-Gwen7 (September 02, 2010, 08:07 PM)
I am almost thrilled by the timing... Just today I got fed up with OA++ and went back to Outpost Security Suite. And now everything is going faster!-Curt (September 02, 2010, 04:56 PM)
i've been generally happy with comodo's offering provided all you use it for is the firewall.
the rest of the "internet security" features comodo bundles in cause more headaches than they're worth imho.
however, if you're sitting behind a hardware home router with basic security features there's also good argument that the built-in firewall that comes with Windows is more than adequate.-Gwen7 (September 02, 2010, 08:07 PM)
...
So here you go. HIPS can be useful (for me at least, maybe not for the other superhumans here) when, once in a while I act stupidly. I'm generally careful, but when I lack sleep, I sometimes do stupid things... :)-Armando (September 02, 2010, 10:55 PM)