Messages - BinderDundat [ switch to compact view ]

Pages: prev1 [2] 3 4 5 6next
6
General Software Discussion / Re: Best free firewall for Windows?
« on: March 11, 2008, 12:08 AM »
It's not that NOD32 and firewalls don't co-operate, it's just that you have to choose between firewall control of your outbound connections and NOD32 filtering of the source programs.  The proxy setup for NOD32 means that you only see NOD32 as the source for connection requests in your firewall.  That makes it impossible to write firewall rules restricting connections.  You may want to have NOD32 in control of the connection, but you lose the firewall's filtering ability.  You can also choose to restrict NOD32 filtering to certain types of connections - email and browser say - but you then do not inspect the other connections for bad guys sneaking in or out.

7
General Software Discussion / Re: Best free firewall for Windows?
« on: March 07, 2008, 05:52 PM »
I've been spending time getting to know Comodo Firewall, and I like it a lot, but it does have its drawbacks.  What's to like?  Well it is probably the best firewall for dealing with malware.  Leak test results are better than almost any other firewall - free or not.  The HIPS means that the firewall will survive shutdown attempts from any source.  It is also configurable.  That is also one of its drawbacks.  You have to get friendly with writing application rules for both the firewall and the HIPS component to get the most out of it.  There are a number of applications that have to be hand-configured to work - like games, xBox units, VPN's, torrent clients, and a bunch of others.  It also has fairly light resource usage by comparison to others.  That said, it still has a lot of rough edges.  There are still a couple of applications that don't work well with Comodo's firewall.  NOD32 in its current incarnation uses a proxy to filter all the web pages email through its on-access scanner.  That means that all the connections appear as originating from NOD32, so there is no firewall filtering of connections as a result.  There is also a problem with a MS VPN connection involving Outlook - something that is more due to the way Outlook handles the connection (proprietary bonding protocol - trust MS to do it their own way) than anything else.  The thing to bear in mind is that their firewall is only 3 months out of beta on a complete version change (2.4 to 3.0).  I would advise anyone interested in trying it to install the HIPS.  It does take a few days of training to reduce the alerts to a reasonable level, but the extra security makes me feel more secure.  You can always put the HIPS into training mode for a few days if you are happy that you are not infected.  That keeps it quiet while it learns your normal usage patterns.

8
General Software Discussion / Re: program to kill established tcp connections: suggestion?
« on: December 04, 2007, 03:40 PM »
If you know the process name, you can kill the process using pskill from sysinternals: http://www.microsoft.com/technet/sysinternals/Utilities/PsKill.mspx - but I can't promise that the TCP connection is dropped as well.  The post above for curports does offer a close command line.  See: http://www.nirsoft.net/utils/cports.html

9
Post New Requests Here / Re: IDEA: File lister
« on: November 14, 2007, 12:04 AM »
Looks like a winner!  I have determined that it was a false alarm, but a tool for comparing file listings (I'll let excel find the differences) is a great way to discover hidden rootkit files.  Thanks again!

10
General Software Discussion / Re: Does reliable PC security have to cost money?
« on: November 07, 2007, 10:46 PM »
Hi y'all - There is a new tool that looks really powerful as well as being free.  Comodo Firewall is in the process of beta testing a new version.  It has one of the best Firewalls available already (the XP firewall has really dismal test results) and they are adding a Host Intrusion Protection System (HIPS) to it.  It can configure itself for programs that Comodo has on record as signed applications (10,000+ according to them) and you can define programs as safe yourself for stuff you run that isn't signed.  You can control an application's rights for internet access, disk writes, keyboard control, monitor, control, process modification and more.  The charming part about it is that it prevents unknown applications from even starting a process in memory without your approval.  This means that you have to know enough to recognize when a rogue process is trying to do something odd, so that you don't just automatically approve it.  It also means that there is a time when you have to put up with queries about your software as you run programs that CFP has not encountered before, but I have been beta testing the newest version for about a week and the pop-ups are rare except when I install new software.  There is an "installation mode" that allows you to do an install without a dozen pop-ups and a messed up install, but you have to tell it that the installer is actually an installer and permitted to make a bunch of changes.  It also has a series of configurations that promise to make it usable for novices, but that takes all the fun out of it!!  It is still a beta, but getting nearly ready for release candidate status.   I think that this warrants keeping an eye on.  The firewall forum is at: http://forums.comodo.com/comodo_firewall-b50.0/ and the front door is: http://www.comodo.com/  There are a few other goodies there, but the only ones I can suggest are V-engine (web site verification) and BOclean.  They also offer free personal email security certificates.

Pages: prev1 [2] 3 4 5 6next
Go to full version