alternate to firewall?

ATM I am using Tiny Firewall but i no longer have a need for it apart from popping up when a new process starts up and asking whether it should be trusted (this time only / always) or not, etc.

are there any programs available that do just this? any recommendations?

ashecorven

what else is it doing that you don't want it to do?

if it did 'just that' then it wouldn't be a firewall. firewalls block incoming too. but that's mostly invisible. So you gotta say what it is doing that is a nuisance to you. Maybe the graphical user interface is cluttered. Sygate has a nice interface, you might want to try that.

Yes, free Sygate v5.6 can be set up to meet only the requirements. Only setup the application/services rules. Disregard the advanced rules and the security features at tools/options/security (turn features off). Free Sygate doesn't have intruder detection enabled.

If your Router is filtering, then you're right.

This is only making a show by the "Personal Firewalls". Better forget that.

Yours, VB.

that's 90% right 'Home Routers' block incoming, (the main security advantage)

Thoguh if you wanted to run a server, then you migt want to tell your software firewall to restrict access so that it's not open to any IP.

And also, the PFW offers a second layer of security.

What you need or don't need is relative to you. But if you were runnign servers and you don't want anybody to connect to them, then you would need a firewall.

And you will probably want to run servers. Running an FTP or similar server is almost the only easy way to transfer files. And you wouldn't want anybody conecting, so a firewall blocking or restricting incoming is important.

that is blocking outgoing and prompting with a popup there are no programs to block just outgoing. So your software firewall would be blocking incoming superfluously/redundantly . The incoming packets wouldn't actually reach your PFW, they would stop at the router. your PFW won't use up much resources from blocking incoming (especially since there's nothing to block if your router is stopping it and you don't want it to reach one of your servers)

I just ask a few people, they usually rate Sygate very highly. I've heard Kerio rated highly. I prefer sygate, nice gui.

but, I don't think sygate prompts when a file has changed like your current PFW does! sygate does has a nice port logger updated in real time. maybe some other PFWs don't have that. The windows firewall doesn't.

There is debate as to whether it's worth blocking outgoing at all. See recent threads where VB demonstrates how a malicious program can easily get aroudn this.

You shouldn't worry about a firewall using resources blocking incoming. It really doesn't use much resources. I know sygate has an option to "allow all" but that'd allow all incoming and outgoing. Leaving you with the port logger as the only feature left!

Thankyou VB, james and casey for your responses.

I should have explained some more. I have being using tiny firewall for quite a while but now i have bought a router and i do believe (please correct me if i'm wrong) i don't need the "main" use of the firewall anymore. But tiny like other firewall products i have used in the past (ZA, Sygate) it pops up when a new program starts and asks whether it is trustworthy etc. or if the file has changed since the last time is was run etc. I find this quite useful and was wondering whether there were any programs that did JUST that.

However i would like to know which firewall software is currently regarded as the best. I would rather a firewall that uses minimum system resources. Any trustworthy third-party websites with features, effectiveness, etc?

All comments welcome. AHA

ashecorven

"ashecorven" wrote in news:dh8tic$1lth$ snipped-for-privacy@otis.netspace.net.au:

Well, some say yes and some say no. If you're practicing safe hex, have a router that does logging so you can watch inbound and outbound traffic to and from the router and basically know what you're doing like looking for dubious remote connections and using proper tools to help in the detection process, then no you don't need a PFW/packet filter solution to supplement the router.

But most home users don't know how, and therefore, some use a PFW/packet filter solution to supplement the router as most routers for home usage cannot stop outbound if needed. And I am not talking about the worthless Application Control in PFW solutions but rather the ability to stop outbound by at least setting filtering rules to stop outbound by port or IP.

It's worthless as malware can circumvent and defeat it. It can be defeated at the computer boot process as malware can get to the TCP/IP connection first and be done before the PFW solution can even start and get there to do anything. Anything running at the machine level with the computer's O/S suspect to being attacked and defeated.

None of them as they all do the same thing some with more bells and whistles than others.

I would rather a firewall that uses minimum

Snake oil

Duane :)

BTW: that's not true. It's enough, if those servers are configured not to accept connections apart from out of the LAN.

It's not only old-fashioned, it's also ugly and difficult to secure. There is WebDAV, there is even CIFS. Also SFTP is very easy. So why recommending FTP?

And if the server is only for LAN, then CIFS is a very good way to have files.

Sygate "Personal Firewall" installs SYSTEM-Services, which open windows. This is a gross error, because this breaches security. Sygate show here, that they never read Microsoft's design guidlines for system services:

Yes. But this has nothing to do with securing your system.

Yours, VB.

Understood.

Guess should have a look at Zone Alarm