Yeah, yeah. I've already seen some of the opinions in the group re software firewalls.... :) I've lurked here for quite a while.
Anyway, I'm looking for comments on current software firewalls, preferably in the free category. This is for use on WinXPproSP3 and possibly Win2KproSP4 as well.
Of interest is controlling outbound communications, something windows firewall does not do. What I have now has helped me keep programs from dialing home and other such silliness.
This has worked...so far...but suddenly I'm having probs with a game communicating between these two machines and I've traced it to the software firewall on the XP machine. It blocks port
49000 always, even with a rule to always allow. Only disabling the firewall allows it to work. Not a preferred solution. (interestingly, both computers have the same firewall, but only the xp machine is giving me problems)
My current program may just be borked and a reinstall may fix this, as I've googled myself silly trying to figure this out.
But I thought I'd consider newer software as what I have now is probably antiquated by internet standards - KPF4.
And with that statement you think that anyone here believes you will now consider their opinion as valuable?
Comments can consume a lot of space as each feature gets hashed over regarding applicability, reliability, usability, and completeness. If you instead are looking for recommendations, here's the top two free firewalls:
- TallEmu Online Armor - Comodo Firewall (in their Internet Suite) o In CIS, disable their weak anti-virus component (CAV) and use it only for on-demand scanning as a 2nd check. Use a different AV product for on-access (realtime) protection.
Windows 7 has outbound filtering but not of value to XP users. 3rd party firewalls are needed in XP for outbound filtering.
But you don't mention what you have now so recommendations might duplicate what you are already using now.
(UPDATE: I saw later that you mentioned what you use at the very end of your post instead of at the very start.)
Alas, some firewalls seem to forget their rules. I ran into this with Symantec's and Sygate's firewalls a long time ago. You had to delete the rule, reboot, and then recreate the rule and suddenly the firewall would honor that rule.
If you're using the firewall in Symantec or McAfee products, also make sure you use their cleanup utilities to thoroughly wipe them after an uninstall before you reinstall them (or install something else).
Oh, that must be Kerio Personal Firewall v4. Yep, that's old. I'd go with the above recommendations. Online Armor is probably easier to use, especially when it comes to defining rules. Plus it has its Run Safer feature which can make a process (started by you or as a child process started by another process) forced to run under a LUA (limited user account) token which means it runs under reduced privileges, something handy for improved security with Internet-facing applications (e.g., web browser, e-mail client, newsreader).
However, I haven't found a firewall yet that may not sometimes interfere with the use of your "good" apps. I use a video stream capture utility that dynamically loads its driver when run and firewalls don't like that despite defining a rule to grant all privileges in the HIPS portion of the firewall (i.e., an app rule versus a network rule). Disabling the firewall doesn't always work so I have to configure the firewall to NOT enable on Windows startup and have to reboot.
VanguardLH wrote in news:i4rna3$trh$ snipped-for-privacy@news.albasani.net:
I was simply trying to avoid rehashing old matter, and just cut to the chase. I do value peoples opinions here, otherwise I would not have asked. This appears to be one of the few remaining newgroups where most people seem to actually know WTF they're talking about.
I originally wasn't planning on mentioning it at all. Adding it in was an afterthought. Yes, I realized the recommendations might duplicate what I have, and if that was the case, then I would have considered fixing what I have instead of getting something new. New isn't always better.
The funny thing with my port rule is I added it AFTER I started having problems. I probably should also mention that the problem didn't start UNTIL I installed KPF4. I've used it for years on my Win2k machine just fine, and when I decided to ditch XP's firewall I figured I'd use what I know. After all, it's worked fine all this time, right? HA!!! Silly me....
But thank you very much for your thoughts. They're exactly the kind of comments I was hoping for.
Not to mention, there's far from a consensus on the subject of whether third party firewalls have value, or if there's really mostly a vocal minority that has strong opinions against them, and a majority that do find value in their outbound filtering capabilities and more easily configured inbound flow management that simply doesn't want to take the time arguing. :-)
Regis wrote in news: snipped-for-privacy@e6g2000prf.googlegroups.com:
From the opinions I recall off hand, it seems those most vocal against such firewalls are arguing against its use as an exclusive security measure. I have to agree. There is no one-size-fits-all solution when it comes to internet security. A software firewall can, if implemented properly, be one element of a total package.
Further, security is not an install-and-forget solution. As for the general internet user, my experience has been that most computer problems are CAUSED by the user doing something, rather than some attack sneaking into their computer.
I don't claim expertise. I have no formal training in this. I just use my noodle and years of experience (and a dose here and there of reading what others say). I'm apparently doing something mostly right based on my personal results.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.