topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Saturday December 14, 2024, 11:53 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: The Great Firewall Hunt ... frustrating ...  (Read 47316 times)

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
The Great Firewall Hunt ... frustrating ...
« on: December 02, 2005, 12:14 PM »
OK - since Outpost 3 is out of favour what are people using ... (and is still available) ?

I refuse to use Norton, McAfee or Trend Suites on principle.

ZoneAlarm seems not to work brilliantly on my system (it keeps jumping to 100% CPU and staying there) - it may just be I need to install my system from scratch and clear out some of the rubbish.

I want something that

  • Works well
  • Isn't a resource hog
  • Is regularly updated
  • Is configurable
  • Compatible with NOD32 AV

I'm completely stumped. Anyone got any realistic suggestions for a simple firewall that works ??

I was contemplating dumping NOD32 (reluctantly) and trying F-Secure Internet Security 2006 which gets good reviews everywhere I look - has the advantage that it is updated daily and F-Secure have a great reputation that includes free phone support. I was a bit put off by one review that said the built in anti-spyware component insists on uninstalling all other anti-spyware software during installation (including Spybot and AdAware) which is just plain daft.

Anyone tried the F-Secure product - is it worth giving up all other products to give it a try?

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #1 on: December 02, 2005, 12:30 PM »
outpost 3 might be worth a try if you are willing to take a chance; it certainly works for many and it's a nice program if its stable on your pc.

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #2 on: December 02, 2005, 02:11 PM »
Someone said:

AS OF NOVEMBER 2005 WE ARE RECOMMENDING THAT NO ONE PURCHASE AGNITUM OUTPOST FIREWALL.
AGNITUM OUTPOST IS NOW AT VERSION 3, AND WE HAVE FOUND IT TO BE BUGGY, AND NOT READY FOR PUBLIC USE.

Second thoughts?

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #3 on: December 02, 2005, 02:34 PM »
hehehe.. well
im feeling a little guilty.. as usual my frustration sometimes boils over and i get carried away..
usually jibz can talk me down but when he is not around..

i wouldn't say im retracting that statement - just that the basic featureset of outpost is great, and the interface is great.
it does seem to be to be a bit unstable/buggy.  but many people are clearly happy with it, so it might still be worth a try if you are evaluating firewalls.

i will stop cheerleading for it though, until they get it stable.

mrainey

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 439
    • View Profile
    • Website
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #4 on: December 02, 2005, 03:38 PM »
I've been using ZoneAlarm Free for several years, and Avast Free for one.  I have few complaints with either program, all things considered.  Avast is very configurable and has daily updates.  From what I can tell, I've been virus-free.  Occasionally I run the Trend Micro online check to get a second opinion.

My wife and I both use XP SP2, and I set the security up identically on both systems.  A recent ZoneAlarm update to V6.xx cause occasional blue screens on both systems.  The most-recent update, from a couple weeks ago, seems to have corrected the problem.

I use CounterSpy (a REAL memory hog) and TrojanHunter as well.  The combination of these four security programs appears to be conflict-free on our two systems.  CPU and RAM usage don't appear to be a significant problem.  My wife has an "aging" Athlon 850 with 768 MB RAM, and it's surprisingly zippy running multiple applications in XP.

You want a memory gobbler - sometimes an hour of heavy surfing with Firefox will get me into three-digit megabyte readings in Task Manager.


Software For Metalworking
http://closetolerancesoftware.com

tinyvillager

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 444
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #5 on: December 02, 2005, 10:35 PM »
Outpost needs better support,from the company.While i appreciate the user created forum,i feel this is not enough
considering a company that charges 39 bucks for a single lincense and 200 bucks for the office model,if i shelled out 200 bucks and was referred to a user created forum(absolutely great forum :Thmbsup:)i'd flip.The responses
from the actuall company is in the neigborhood of a week's wait.I just snapped up a two year renewall a month or
so back so i'm hangin in there.I guess i just want more life from a company.I've seen similar feeling in another thread about trillian.You shell out your money,you want to be in the loop.I should get an email from the company,
especially if it's a security company if issues have been found with a current release. 

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #6 on: December 03, 2005, 04:25 AM »
I don't really feel like shelling out 2 year subscriptions any more - who knows when Symantec is going to snap up Agnitum?

I have been burnt by the demise of Sygate during a long subscription. I have emailed Symantec to ask them what they are doing about existing customers with active subuscriptions - but since I haven't even received an email from either party to tell me that Sygate Firewall is dead and gone I am not holding my breath.

There can't be many firewalls left for Symantec to hoover up, but I'd guess some of the free ones are likely to be vulnerable to the Symantec machine ... however committed a developer is to free software it would take a lot of willpower to turn down a hefty offer to remove the product from the internet!

Trouble is I am quite happy using Sygate for a while ... it works as well as any others out there, but without updates how long is it going to be safe-ish?

johnk

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 245
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #7 on: December 03, 2005, 02:33 PM »
Neat bit of marketing...any Sygate and Kerio users tempted by Outpost can get a 50 per cent discount (higher than the normal competitive upgrade discount):

http://agnitum.com/p...ost/sygate_kerio.php

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #8 on: December 03, 2005, 04:56 PM »
If anyone is interested I had a look at this offer. It doesn't say anywhere that the Sygate/Kerio product has to be a bought version (both did free versions) and it looks like the key supplied works with version 2 and 3 (according to their letter). Hence I have decided to give version 3 a go, and if I get problems ask some kind version 2 user for a copy of he installer and try that.

At no point in the order process are you asked any questions about previous Sygate/Kerio products.

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #9 on: December 03, 2005, 06:51 PM »
I probably have a different point of view on the Firewall thing.
I had happily dumped every personal firewall software from my PC from when I had installed a simple NAT router + switch + firewall + ADSL combo. So much for intrusion from the external. No additional software loaded, no slowing down, etc.

As for the traffic from the PC to the outside, I simply think that the outbound per-application control is a lost cause; there are so many ways to circumvent this or that firewall controls that it's not worth the hassle, IMHO.

In addition, if you have a malicious software running that's trying to "phone home", you are already in bad waters.

Bye!
« Last Edit: December 03, 2005, 06:52 PM by Mark0 »

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #10 on: December 03, 2005, 06:58 PM »
In addition, if you have a malicious software running that's trying to "phone home", you are already in bad waters.

You stand more chance of noticing it though if you have outbound blocking software - and it saves you from being investigated by you ISP and/or legal action for spamming/virus spreading. If you have a firewall active on your system I think you would have some defense if not you could potentially be held liable.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #11 on: December 03, 2005, 07:03 PM »
if you have truely malicious software then you are probably going to be in trouble no matter what; though a fireall can be a  very nice early warning system... otherwise you'd never know anything was wrong.

but just as important, short of malicious software, an outgoing firewall will show you all the spyware/adware apps as they try to silently connect home.  and for those of us that like to know whats going on on our computers and don't like programs going behind our backs, its nice to see when programs try to check for updates, or programs like real player is trying to connect home, etc.  in other words, for programs that are not evil but are annoying and misbehaved, having an outgoing firewall alert can be a very nice thing.  i wouldnt dream of not using one.  it's not perfect of course, but it is an extra line of defense, and one well worth the cpu/mem cost.

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #12 on: December 03, 2005, 07:21 PM »
On a side note, one may give a try to this: Leakout
It's something I coded a long time ago, that try to phone home and send some data (name of the PC, user name & Win system dir) to a page of mine.

It do it in the most stupid and non-smart way; but in many case is enough to pass trough a personal firewall with per-application control, without any warning.

Bye!

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #13 on: December 03, 2005, 07:37 PM »
Look n' Stop Firewall
http://www.looknstop.com/En/index2.htm

looks interesting.

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #14 on: December 03, 2005, 08:24 PM »
Kerio & Tiny both get my recommendation, but they are very complex and not for the newbie. However, the rewards are great. They offer vast amounts of power and protection for those willing to master them.

F-Secure is very nice with an all-in-one solution, but some people complain that it is a little bloated & sluggish, though I didn't have that problem when I used it. They use Kaspersky as well as two other AV engines to cover the AV end of it so you'd definitely not be giving up anything by using their AV solution.

I would not recommend ZoneAlarm at all. Lots of people have no problems, but lots of people do have problems with their TrueVector engine.

I went the same way Mark did, but as Emeril would say I kicked it up a notch. I've got a Cisco router/firewall sitting here. Provides both inbound and outbound protection for my entire network. I keep a very tight reign on what is installed on any PC on my LAN so I don't require the hand-holding of some of these software firewalls.

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #15 on: December 04, 2005, 08:52 PM »
Interesting news here:

Breaking News: Sunbelt To Acquire The Kerio Personal Firewall
Here are some of the highlights:
The acquisition is expected to be finalized by the end of this month.
The Kerio Personal Firewall will be re-branded on an interim basis as the "Sunbelt Kerio Personal Firewall".
All existing customers of the Kerio Personal Firewall will be able to receive support through Sunbelt once the acquisition is completed.
Upon the close of the deal, Sunbelt will also announce new reduced pricing for the full version of the product and a variety of special offers for both Kerio and Sunbelt customers.
Additionally, Sunbelt will continue Kerio's tradition of providing a basic free version for home users.
During the transition period, Kerio will continue to support the product and users are encouraged to download the Kerio Personal Firewall from the Kerio website at www.kerio.com until the acquisition is completed.
We are thrilled with this acquisition, it's our personal favorite. We just really like how it operates. It's straightforward, very effective and also has cool features like ad blocking and intrusion prevention.

The deal will be closing at the end of the month and at that point we'll reduce the price. Sunbelt customers will also get the opportunity to buy the Kerio Firewall at a discount and we'll also be offering Sunbelt products to Kerio users at a discount. Such a deal.

From a technical standpoint, this product is pretty amazing. We were blown away during our technical due diligence with the quality of the coding and the many security features built into the product. This product is hot. This should all be wrapped up in a couple of weeks. If you want to check it out now, scroll down to the Product Of the Week section. We have a link there. (Tip 'o the hat to Alex.)

jpfx

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 155
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #16 on: December 05, 2005, 05:09 PM »
atguard was wonderful in its time (til symantec got hold of it!).

but I would suggest setting up ipcop on an old machine and not having to bother about resource usage on your main pc.
       |\      _,,,---,,_         
ZZZzzz /,`.-'`'    -.  ;-;;, 
      |,4-  ) )-,_. ,\ (  `'-'    
     '---''(_/--'  `-'\_)
« Last Edit: December 05, 2005, 05:11 PM by jpfx »

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #17 on: December 06, 2005, 04:19 PM »
Another one, if someone want to check it: Core Force, of OpenBSD-esque roots.

Bye!

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #18 on: December 08, 2005, 10:48 AM »
Well, if we are all going to talk about Linux-based and OpenBSD-based firewalls then I guess I'll mention m0n0wall. A lot of people swear by it though I have never used it.

m_s

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 433
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #19 on: December 08, 2005, 11:20 AM »
I have pretty much decided to dump Outpost and opt for Look 'n' Stop.  I am one of the people who suffers with a repetitive BSOD - oops, something's done something bad and we're going to have to stop everything right now, so just back away from the machine, buddy! and then it shuts down.  This is documented on their forums, and for awhile it worked for me run the firewall in background mode - this also solved an issue with Limewire connecting, though that was likely caused by an error on my part in transferring config instructions from the forum (and if it wasn't then is it safe to run in background mode?).   But the last few times I have restarted, Outpost has freaked out again and reported a crash and the need to call home...  Look 'n' Stop seems really good - it's very light (running at 6mb at the moment), and it's simple to configure.  At least I am having a holiday from Outpost - if at the end of the L'n'S trial I decide to return to OP, I think I might opt to return to 2.7.

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #20 on: December 12, 2005, 08:12 PM »
Note if anyone wants a copy of Sygate Personal Firewall (that was the free version) is is still available on TUCOWS at the moment, though I shouldn't imagine it will be there for much longer.

Try http://www.tucows.com/preview/213160

I'm not using it myself anymore but some people may be interested.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #21 on: December 12, 2005, 08:18 PM »
CoreForce, which somebody else posted a link to somewhere on donationcoder.com, seems pretty interesting & powerful, and is free... http://force.coresecurity.com/
- carpe noctem

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #22 on: December 13, 2005, 02:45 AM »
CoreForce, which somebody else posted a link to somewhere on donationcoder.com, seems pretty interesting & powerful, and is free... http://force.coresecurity.com/


Looks interesting, but does the Firewall protection have the depth of other products? Only asking 'cos I don't find the website terribly clear.

Also I can't find any reviews on the internet which suggests it is very much in the early stages. May well be worth watching though.

Not sure how their model works - how do they raise money if it is free to home and business users?

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #23 on: January 03, 2006, 03:10 PM »
Well, if we are all going to talk about Linux-based and OpenBSD-based firewalls then I guess I'll mention m0n0wall. A lot of people swear by it though I have never used it.

I setup a machine with m0n0wall just today at my office:



I have to say that it's really great. It's feature packed, the HTTP GUI is very practical to use, and is very fast to setup. Just get an old PC, two spare NIC, a floppy driver and it's up & running in minutes.

Link: m0n0wall



Feature list:

    * web interface (supports SSL)
    * serial console interface for recovery
          o set LAN IP address
          o reset password
          o restore factory defaults
          o reboot system
    * wireless support (access point with PRISM-II/2.5/3 cards, BSS/IBSS with other cards including Cisco)
    * captive portal
    * 802.1Q VLAN support
    * stateful packet filtering
          o block/pass rules
          o logging
    * NAT/PAT (including 1:1)
    * DHCP client, PPPoE, PPTP and Telstra BigPond Cable support on the WAN interface
    * IPsec VPN tunnels (IKE; with support for hardware crypto cards, mobile clients and certificates)
    * PPTP VPN (with RADIUS server support)
    * static routes
    * DHCP server and relay
    * caching DNS forwarder
    * DynDNS client and RFC 2136 DNS updater
    * SNMP agent
    * traffic shaper
    * SVG-based traffic grapher
    * firmware upgrade through the web browser
    * Wake on LAN client
    * configuration backup/restore
    * host/network aliases

Bye!

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: The Great Firewall Hunt ... frustrating ...
« Reply #24 on: January 17, 2006, 03:31 PM »
For anyone interested, there's a new Firewall from Lavasoft:
Link: LAVASOFT PERSONAL FIREWALL

Bye!