What's the best firewall?

Xarog

Xarog

Honorary Master
Joined
Feb 13, 2006
Messages
19,038
Reaction score
175
I'm looking for a firewall that you can actually run on the PC in question; I'm not so worried about attacks from the outside as I am from things like spyware sending stuff OUT. So basically I need something that can restrict access on an application by application basis.

At the moment I'm using Sygate Personal Firewall, but it's killed the startup times for my PC and also slowed the loading of things like FireFox dramatically.

Also, I really really really hate bloatware. Is there anything else out there that's effecient yet also effective?
 
Comodo / Jetico

Hi

In a recent firewall test (search: firewall leak test) two strong freeware products came out with higher scores than most commercial firewalls. The tests paid particular attention to outgoing security. I had issues with Comodo; so I'm using Jetico Personal Firewall 1 (version 2 is not freeware). Comodo also has a free anti-virus package, making a good case for it.

Jetico Personal FW 1 is pretty good for freeware - sometimes too good and a bit irritating but maybe I could set it up properly.

Make system restore points though because I have had some issues playing around with firewalls to the point that some windows files or configs were ruined. :sick:

Also make sure your PC is up to date with security patches, I use www.autopatcher.com as they have intuitive download options as well as an App that at least attempts to manage all the updates. It also includes a few nifty XP "powertoys" type tweaks & helper apps.

Let me know how it goes, and I hope someone can tell us more about some other good options w.r.t. application & hopefully eventually even b/w management.

- q
 
Zonealarm can also be tried out.


Or you can stick in 2Gb of RAM and install M$ ISA server and firewall... :p :D

But seriously, if you're serious about blocking outgoing packets then you'll need to look at an dedicated firewall like Smoothwall.
 
Last edited:
How does smoothwall work at blocking individual apps if it's on a seperate box? :confused:
 
I like Sygate, I have the personal(free) edition and I am very happy with it.

I dont think that Sygate is your problem because me and quite a few of my friends have been using it without any problems.

Before Sygate I used kapersky and that had quite an effect on performance
 
Last edited:
Xarog said:
How does smoothwall work at blocking individual apps if it's on a seperate box? :confused:
Click to expand...
It won't be able to block individual apps - if you want that sort of control then you will still need a personal firewall on your machine. The better way to approach this problem is to keep an eye on what is installed on your machine and do a spyware and virus scans regularly - that is a much cleaner approach.

The external firewalls (like IPcop or Smoothwall) simply block protocols - and generally their default config is orientated towards preventing any rogue traffic from entering your LAN and usually fairly open to traffic travelling outwards.

A big advantage of the external firewall is that they are
A) almost always linux/freeBSD based and therefore much more secure to start with.
B) as they are independant of you machine - even if your desktop is compromised it is much less easy for your entire network to be compromised.
 
I'm not worried about spyware so much as I am worried about my privacy in general. These days every second game/application you install tries to phone home during the installation.
 
ambo said:
It won't be able to block individual apps - if you want that sort of control then you will still need a personal firewall on your machine. The better way to approach this problem is to keep an eye on what is installed on your machine and do a spyware and virus scans regularly - that is a much cleaner approach.

The external firewalls (like IPcop or Smoothwall) simply block protocols - and generally their default config is orientated towards preventing any rogue traffic from entering your LAN and usually fairly open to traffic travelling outwards.

A big advantage of the external firewall is that they are
A) almost always linux/freeBSD based and therefore much more secure to start with.
B) as they are independant of you machine - even if your desktop is compromised it is much less easy for your entire network to be compromised.
Click to expand...

But it is also easier to see whether your Internet Exploder has been infested or hijacked - simply fire up a copy, browse for a while on "clean sites", and peruse the logs to see if any other sites has been visited or not.

You can then block such sites, either by URL or IP adress.

Also, some nasty r00tkits might have the ability to slip past Sygate/Zonealarm etc, so you will be able to pick up this unwanted traffic from your Smoothwall should this occur.

Got a spam trojan that's chomping up bandwidth and you can't find the pesky bugger? Simply block port 25 SMTP outgoing until you've dealt with this problem.

I personally use Zonealarm/Sygate on my PC to block on an app basis, while I use Smoothwall to monitor for, and block unwanted sites.
 
That is a very re-active way of advocating security. Even if, theoretically speaking, you have all your OS patches loaded and you have strict browser settings and take all the other good and ever changing advice you shouldn't need a firewall any more complicated than XP's built-in version.

Practically you need to assume that through any contact with the internet you do run the chance of bumping into some nasties. Having control over your internet to the point where you are warned before network connections are made sounds tedious and sometimes is but it is a very good measure seeing as the Windows OS doesn't supply information about applications' network usage. But lets not go there - the point is actively accepting/denying outbound network connections (which includes all ports) on a per application basis is safer than periodically analysing HTTP logs in the hope tha the malware uses the HTTP protocol on port 80.

If you suspect anything on your PC, run at least two or three different scans to determine how bad the problem is. Many times the best solution is to re-install. This is especially true if you use your PC for banking or storing information that you consider important or valuable. Spybot Search And destroy will pickup and clean a lot of them. Disconnecting from the network is also preferable rather than just trying to plug the leak with a finger.

Kerio Personal does have application level protection, the Winroute pro version however does not - but it is still very good as it allows you to control your network users' internet access. I install winroute on a PC used as a server/semi-dedicated server where no email or strange applications or even browsing is done from, this limits the chances of rogue applications getting on to the machine. Personally I wish they would include application control into all firewalls.

ZoneAlarm does have some level of application protection, but be warned, some firewalls clash with other software on your PC. ZA in some cases clashes with Java based network apps like Azureus - causing your CPU to be maxed out by the ZA/Azureus process.

So far I still recommend Jetico Personal above all the others for a "user" PC.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X