topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 10:30 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Firewalls - please, i can't be bothered.  (Read 49324 times)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #50 on: March 04, 2007, 10:04 AM »
iphigenie: you don't really need a perimeter firewall if you use NAT - of course you can think of NAT as a sort of firewall, but it isn't. Of course if you run some static mapped services or are corporate sized, a firewall and some intrusion detection is probably a good idea.

But you do make a good point (which I already mentioned :) ), even with a perimeter firewall (or NAT), you still need some per-host stuff... Windows Firewall from XP should handle the basics, and add antivirus ontop of that to protect less savvy users from themselves, and the rest of us from exploits :)
- carpe noctem

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,066
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #51 on: March 04, 2007, 11:06 AM »
A sad story, Carol.  :(

I think the answer is to be found in the settings.

That is the sad thing - each time it was installed I accepted the default 'easy' setup and usually accepted the default suggestions for known applications when they popped up. For others I either accepted or denied access to inbound or outbound access depending on what I thought of the app making the request.

This seems to me about as basic as it gets for using Outpost and yet version 4 continually BSODed even on fresh winodws installations on more than one system. I spent a long time in the early days of version 3 with BSODs too but they eventually disappeared when Agnitum finally produced a stable version.

I am sure the ideas behind Outpost are really good - I just really wish that Agnitum actually tested their software before making it live - instead they appear to run a live Beta program without telling anyone that is what they are doing. Not only do they charge for buggy new versions but they seem to move on to the next buggy version as soon as they manage to get the thing running stable. OK I could go back to the last build in version 3 which did work but I really got sick of being told it was time to upgrade to version 4 (and I couldn't see any way to turn off program updates without disabling all updating).

dk70

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 269
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #52 on: March 04, 2007, 11:40 AM »
True iphigenie, the guy I called Dr. Firewall certainly also promoted inbound firewall, router or Windows Firewall. He was defending the position of that being enough and for many people the better setup - as opposed to many security guides and well meaning forum posts claiming XP default is a risk to users, perhaps accompanied by link to a leak test as proof. Look around at a place like Wilders to get the idea but you see similar recommendations/warnings all over tech side of internet.

The layer thinking is nice, even MS says that is how you must look at security, but this advanced firewall demand should not be at top of list of things to do. Good practices and some awareness of being responsible for computers and own actions is way more important. Not like "attacks" come from out of the blue, sources/reasons are the same old. Many people still have not upgraded to SP2 and could not care less. Depends who you are. If every other layer including user behavior is in place I really dont see much of a need for outbound control. I see and recognize the need to tinker and feel in control etc. - why they temporarily have caught my interest.

Go crazy http://www.wildersse...wthread.php?p=351107 ;)

Btw, Im not so sure those fat do-it-all packages is a bad thing. I wouldnt mind one if I had that desire. Must be flexible and modular build of course. You see all the known companies trying to justify their AV, their Anti-Spyware, their Firewall - all with more and more features and yet melting together. Bundle make sense to me, also thinking of subscription fee! If well done package should be easier to install and maintain for most people. No compatibility issues should be guranteed. I dont think majority is willing to have an arsenal of security programs. Geeks will always prefer special programs, the not so popular but much better product.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #53 on: March 04, 2007, 11:46 AM »
Many people still have not upgraded to SP2 and could not care less.
And if those people aren't behind a NAT, it's their own fault when they get hit by the same-old worm, and they shouldn't whine and bitch about security.
- carpe noctem

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #54 on: March 04, 2007, 11:58 AM »
That is the sad thing - each time it was installed I accepted the default 'easy' setup
-Carol Haynes (March 04, 2007, 11:06 AM)

Your struggles are a mystery to me. Yes, I too have had struggles with Outpost, but after visiting Wilders forum always found the error to be some 20 inches in front of the screen. But that was my fault; I know you are a lot smarter than me when it comes to IT, and therefor I am even more puzzled by your bad experiences with Outpost.

dk70

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 269
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #55 on: March 04, 2007, 12:13 PM »
Many people still have not upgraded to SP2 and could not care less.
And if those people aren't behind a NAT, it's their own fault when they get hit by the same-old worm, and they shouldn't whine and bitch about security.


Who cares, they just reformat :) Probably those aware of security who cry/shake head. The Myspace banner virus or what it was only affected people on unpatched XPs. Tons of people got caught, http://blog.washingt...ed_adware_to_mo.html Sad but just the way it is. 3rd party firewalls is like ages beyond this problem and those related (with some imagination I think those users approach to cracks, warez, porn, p2p etc. is easy to guess). Those not in direct danger get scared by such stories and barricade them self even more, heh. Business play on this of course.

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,170
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #56 on: March 06, 2007, 01:01 PM »
thanks for looking into the file sharing side of things, iphigenie.

i'd tried setting up a few rules inside 'pc tools firewall plus' using the tcp and udp ports specified by microsoft but it made not one jot of difference. i shall try your recommendations later what i get chance as they sound very likely to work.

Have you had any luck after unblocking those two rules?

nudone

  • Cody's Creator
  • Columnist
  • Joined in 2005
  • ***
  • Posts: 4,119
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #57 on: March 06, 2007, 01:51 PM »
iphigenie, i'm sorry, but i haven't yet tried.

i was going to, but i sort of completely gave up altogether when i found that 'pc tools firewall plus' didn't like the rules i put in to allow utorrent through.

you'd think it obvious - state the port that utorrent uses and away you go. well, this particular firewall requires more - but what i have no idea. i don't mind trying to figure these things out but in the end i just have to think what's the point - zone alarm works so i'll just keep using it and recommending it to everyone else.

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,170
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #58 on: March 06, 2007, 03:58 PM »
no need to be sorry  :P, i was just curious whether you'd made it work or not

i haven't tried it but just from reading that thread it seems to me pc tools has some "cryptic" default rules which block a lot but don't necessarily make it obvious to you what they do without opening each rule to figure it out. I mean what would you guess hides behind a rule called "Block winNuke" - I sure wouldn't. Probably one of those rules is overriding your torrent rule...

In a way that's why i like the "simple" rules based firewalls - one rule per line... at least there i can figure out what happens.

Although at the moment i'm just using the fw that came with bitdefender, so I really can't brag much about my clever choice of firewall. It's not bad, app+protocol+direction+port+IP based filter, but without any sort of checksum on the executables, i think. My biggest gripe with it is the absence of log... totally stupid oversight in a firewall!

But I am too lazy to switch to a standalone product.

brownstudy

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 28
  • Pantaloon
    • View Profile
    • Oddments of High Unimportance
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #59 on: March 10, 2007, 01:35 PM »
Here's someone's experience with Sygate:

The Little Firewall That Could | klaatu
http://klaatu.anastr...firewall-that-could/

And someone on this board posted a positive review:
Sygate - Very Strong Firewall
https://www.donation...ndex.php?topic=605.0

I've not tried it yet myself as I'm still OK with Windows Firewall.

nudone

  • Cody's Creator
  • Columnist
  • Joined in 2005
  • ***
  • Posts: 4,119
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #60 on: March 11, 2007, 01:56 AM »
It really will depend on what you are trying to do on your machine but Sygate really didn't work well with what i was doing - and i wasn't doing anything particularly weird. similar problems were encountered on other peoples machines i know of.

but, i'm sure it's a very good firewall for a vast number of people.

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,641
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #61 on: March 11, 2007, 06:01 AM »
Hi nudone, if all you want is a simple firewall, (or just a program), for outgoing program access control, see if you can find the latest version of Primedius Firewall Lite, 1.6 here: http://www.majorgeek...wall_Lite_d4146.html

It's small, you can start or stop it at any time, seems very low impact.  The interface is a little outdated but it seems to work fine.

I used to use it with Ghostwall, (gave me more control over incoming connections).  They had no problem co-existing together.  However, it does basic inbound filtering so you don't need to install anything else, just use XP's or rely on your router's NAT/firewall.

The only thing that annoyed me about it was the fact that if you updated a program, after asking for access permission, it would add it to the program list leaving the old program version in the list - so every so often you'd need to go through the list and clean out the old entries.

Now-a-days, I use Comodo on my main machine and laptop, (gives more control), and nothing on a download-only machine, (it relies on NAT and the router's hardware firewall - it runs 2 programs and doesn't execute anything it's downloaded so it's fairly safe - runs AVG as a basic precaution).
« Last Edit: March 11, 2007, 06:03 AM by 4wd »

nudone

  • Cody's Creator
  • Columnist
  • Joined in 2005
  • ***
  • Posts: 4,119
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #62 on: March 11, 2007, 06:27 AM »
thanks, 4wd, i'll try Primedius sometime this week, but it sounds like it might not exactly fit what i want to do - it sounds like it would be okay for my own personal use but not something i could recommend to 'firewall novices' (because of the cleaning the list out problem that you mentioned).

jdmarch

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 186
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #63 on: March 11, 2007, 03:21 PM »
Under Win2K: Comodo Firewall Pro (with NOD32), clean, resource-light, all well.

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #64 on: March 11, 2007, 07:10 PM »
Anyone else finding that the latest build of ZoneAlarm Pro takes about five minutes (or more) to start up? I keep getting popups stating that ZA is loading and that I can hit cancel to shut it down. It disappears only to pop up again after 30 seconds or so. Makes my notebook slow as molasses booting into Windows (I have WinPatrol setup to delay SnagIt 8.2 starting until 5 minutes after Windows starts - SnagIt loads at about the 15 minute mark). Anyway, just curious - I'm off to post in the ZA forums (been too lazy to do so of late)...

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #65 on: March 11, 2007, 07:34 PM »
Hmmm... a search of ZA's forum finds at least one other person with the identical problem. The answer (it's not a solution as such) is that this is not normal but can occur if startup is taking a long time. So I guess this is a symptom, not the cause, of my slow boot times... Just FYI!

ravenlaughs

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 16
    • View Profile
    • Fire From The Sky
    • Read more about this member.
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #66 on: March 11, 2007, 08:18 PM »
Safety.Net -
http://www.netveda.com/

I discovered it last year, have been using it ever since.

Speaking of multiple-function security tools, I am quite favorably impressed with Spyware Terminator -
http://www.spywareterminator.com/

It surprised me, I'm hard to impress. Would be a good compliment to XP's firewall, I think.

I used to use Outpost, but it was a headache sometimes. I think ZoneAlarm is a ho, I tried it a long while back and said never again. I can't respect proggies that tell me what a good job they are doing without my asking "howzit going?"
Happiness is a warm reboot

biox

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 74
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #67 on: March 11, 2007, 10:56 PM »
As I'm certainly the one who knows the least here please allow me an innocent question.

I've been using Blackice defender for quite a while but haven't seen any comments about it from others. So, what do you think?

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,566
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #68 on: March 12, 2007, 02:36 AM »
I've been using Blackice defender

Link to BlackIce  ;)

Welcome at DC, biox  :up:

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #69 on: March 12, 2007, 06:50 AM »
I tried out BlackIce briefly, but it bogged down my system and caused a couple of BSODs, so I removed it again. Dunno if it conflicted with NOD32 (or did I run Kaspersky at that time?), but I wasn't impressed  :-\
- carpe noctem

biox

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 74
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #70 on: March 12, 2007, 07:14 AM »
I've been using Blackice defender

Link to BlackIce  ;)

Welcome at DC, biox  :up:

Thanks for both, the link and the welcome. I've been reading this board for centuries but never posted.

Anyone else finding that the latest build of ZoneAlarm Pro takes about five minutes (or more) to start up?
-darwin

Yeah, I think it's a bit slower but 5 minutes??? :huh:

I work a lot at night (GMT+8) and get roughly every 4-5 sec a hacking attempt or at least a port scan, most of them can be back traced to my service provider. :D I was thinking about using Blackice on the other one too but then again I got the whole ZA security suite on that one. Would be quite a waste of money.

ZA's spy scan is pretty weak so I use AVG spy. ZA gave me an incompatibility warning when I upgraded. Had to un-install AVG, let ZA finish and re-install AVG. Seems to work now.

biox

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 74
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #71 on: March 12, 2007, 07:18 AM »
I tried out BlackIce briefly, but it bogged down my system and caused a couple of BSODs, so I removed it again. Dunno if it conflicted with NOD32 (or did I run Kaspersky at that time?), but I wasn't impressed  :-\

Didn't do this to me. I ran it together with McAfee and Ewido v.?old.

anastrophe

  • Participant
  • Joined in 2007
  • *
  • default avatar
  • Posts: 1
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #72 on: March 13, 2007, 02:50 PM »
It really will depend on what you are trying to do on your machine but Sygate really didn't work well with what i was doing - and i wasn't doing anything particularly weird. similar problems were encountered on other peoples machines i know of.

but, i'm sure it's a very good firewall for a vast number of people.

hi, i'm the author of that blog entry 'the little firewall that could'. i'm curious what problems you had with sygate. i regularly run uTorrent, have used the Tor/onion network, i ssh into my server all day/every day, and in general do everything one can do over an internet connection, and Sygate has never been a problem. when you first install it, you spend a fair amount of time 'approving' applications that are allowed to send TCP/IP packets, but once you've approved the app, it stays approved. I have a symmetric 2mbit connection, and can saturate the link easily. i've done speed tests with sygate installed and without, and there's no difference.

yeah, yeah, i'm shaking my pom-pons for sygate, just like in the blog entry. oh well. there's been software out there that's caused me problems yet others have reported none, so i guess it's 'just one of those things'...

nudone

  • Cody's Creator
  • Columnist
  • Joined in 2005
  • ***
  • Posts: 4,119
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #73 on: March 14, 2007, 02:54 AM »
anastrophe, i'll put sygate back on my machine later in the week and let you know how things go. if i get chance to do it sooner then i will try. the problem was always utorrent related - or maybe it was emule - one of those but it definitely had the same problem on other peoples machines.

EDIT:

BIG APPOLOGIES to everyone that mentioned sygate firewall - i've just realised it was the 'kerio' firewall that i'd tried and NOT sygate at all.

you can still get sygate firewall from http://www.oldversio...program.php?n=sygate it sounds like from what anastrophe has said that i shouldn't have any problem using it but i'll still not have chance to try until later in the week.
« Last Edit: March 14, 2007, 03:07 AM by nudone »

richiesan

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2
    • View Profile
    • Donate to Member
Re: Firewalls - please, i can't be bothered.
« Reply #74 on: March 14, 2007, 04:10 AM »
If you have no luck finding free software that does what you want, you could try Symantec Client Firewall which is what I use. It does quite a few things, but amongst them is the capability to monitor applications as they try and make contact with an external address and give you the opportunity to approve or deny access, permanently or temporarily, for each application. It's very easy to use - and I'm not an expert.

Good luck with your search!

Richard