Am looking for a free software firewall which can block specified ports (e.g. port 3137).
It's for a slow PC running XP and I do not want to slow it down more with HIPS, anti-phishing or other additional functions. Just want a plain but configurable firewall. Any recommendations?
I already tried these....
Agnitum Outpost Free has no fine tuning options.
I had bad experiences with Zone Alarm in the past long ago.
Comodo with HIPS disabled makes the PC run noticably slower.
You can give Sygate Firewall a try, I've been using it for quite some time now and have never had any problems. After reading a few forums, the version 5.5.2710 (my choice) got very good reviews. A few complained about having problems with 5.6.2808. But you can try out which version you like from here:
formatting link
It does have port blocking in the Advance Settings.
Stop lying. You have no idea which NAT router I use. Your stupidy on NAT routers was well exposed a few months ago.
FYI: "out of the box", most NAT Routers stop ALL incoming packets dead. That is what they're designed to do and that is why they're more secure than a PFW: bad packets never reach the LAN side computers. In use, NAT allows incoming packets for which there is a corresponding entry in the NAT table or where a port-forwarding rule exists and 1-2 other specific situations. But again, all other incoming packets are dropped.
Outgoing control is usually slightly more cumbersome as each blocking requirement needs to be supported by a rule entered into the router.
That is rubbish. There is little difference between a software firewall, and a Router in that respect. The issue with a 'software' firewall running on a computer is it's more vulnerable because of all the other shit running. A dedicated router won't get pulled down because an application crashes.
A hardware firewall is still software, however most cannot be altered easily, and a reboot will restore the image if it gets altered, in most, but /not/ all cases.
Actually, /NOT/, your shitty little router attempts to do that, however the limitations of stateful inspection, don't make that a certainty.
Outgoing control, don't make me laugh, what you are suggesting is ridiculous, and there are far more managable approaches. What you are suggesting just won't get done, and therefore is useless.
Look dumbo [hummingbird and several billion forgeries and nyms, all verifiable], I've slapped you so many times for this.
This is how you should set up a small network.
NAT router. Protects entire network, from non requested incoming pretty well.
Windows firewall on each machine. No outgoing control required. Protects individual machines from other machines on the same network which become compromised.
Anti malware suite on each machine. This is what protects you from malicious incoming, by stopping malware from requesting, because it stops malware from executing.
Exactly. That's what I said previously. Too bad you've still got a reading and comprehension problem, exacerbated by stupidity/arrogance.
Rubbish. Plenty of people like to control *outgoing* connections. PFWs are superficially better at controlling outgoing connections UNLESS some malware is designed to by-pass the PFW...and this is increasingly common. That's why a NAT router can be used to do it (by entering each banned IP/domain into the router manually using a simple interface). Then, when your system attempts to make contact with a banned IP, it gets blocked. That can be a tad cumbersome, but hey! you wouldn't install a program on your system which you didn't trust. Right? End of story.
Did you miss that last time you made a fool of yerself?
Rubbish. Anti malware s/w MIGHT protect you from "malicious incoming blah blah" but they have some serious issues on many systems. As the CEO of one AVG supplier said "they're nowhere near fulproof and can only look back". That should be obvious, even to a dork like you.
Gosh. Who-da-thunk-it.
Yes, you are simple, very simple.
I wouldn't let you anywhere near any system of ours, boyo.
Oh? So you don't consider interactive services running with SYSTEM privileges a design flaw, despite Microsoft's own design guidelines?
Really?
Sadly, reputation isn't necessarily based on technical fact. Paricularly when the target demographic of a product is end users instead of people with an IT background.
Yeah, that certainly are the two most important parameters I'd use for rating security software in general, and firewalls in particular. Not.
For which the followup-to was set to alt.comp.freeware only.
Cross posts are Teh Evil anyway, so decide if you want to discuss this either in comp.security.firewalls or alt.comp.freeware. For now I'm suggesting csf (f'up adjusted), as the subject is on-topic here.
You could always build a cheap *nix box to use a firewall/router. I've got an old ass P2 machine that acts as an IDS, Firewall, Router and also a simple NAS system. Took a few hours to get everything tuned in but after that it's easy sailing.
--- Posted via news://freenews.netfront.net/ - Complaints to snipped-for-privacy@netfront.net
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.