Best free firewall

Why? The Windows-Firewall works well, in contrast to what crap usually is called "Personal Firewall".

Yours, VB.

Ok But everywhere else you look it says that the built in friewall is not good enough. Is it true that =EDt is only blocking incoming traffic and not the outgoing. ?

That's correct. That's the limitation of XP's Windows Firewall. It does not have a notion of egress filtering on a per application basis, which really is the primary benefit of a "personal firewall" versus an appliance as it pertains to securing machines from network-based threats from the Internet.

Well, that's the nature of so called common knowledge.

Yes. Which makes good sense.

That's not a limitation. It's a sensible design choice.

Only a clueless moron would call that non-working and highly problematic functionality a benefit.

I'd say it's an insensible design choice. How would you apply egress filtering when using the Internet Connection Sharing or at least the IP routing functionality?

Apparently not, as I'm in neither the categories you cite.

Were you not breastfed as a child or something? Did your mother say she only liked you as a friend?

None of the personal firewall programs are perfect by ANY stretch, and they are circumvented by a lot of malware, but to say they lack any benefit at all is just as clueless as your stance on antivirus software.

Yer off in the weeds, but at least consistently so.

Aside from my stance on "anti-virus" software being anything but clueless, I never claimed that "personal firewalls" wouldn't provide any benefit - only that application control provides no benefit. Not even mentioning that all "personal firewalls" are horribly broken implementations and don't even get the most trivial things right.

You didn't answer the breastfeeding question.

snipped-for-privacy@toddh.net (Todd H.) wrote in news: snipped-for-privacy@ripco.com:

Why would you want to block outgoing traffic?

Several reasons. To catch any "phone home" operations that a program has that they didn't make clear. To get notified if a program tries to open up a listening port on your computer that could be vulnerable to attck. To catch any non-disclosed internet connectivity in a program that doesn't have any need to talk to the internet... things like that.

As these programs are relatively easily subverted by malware, its' certainly not 100% effective, as Sebastian's point was, but it beats just letting any program talk out to the itnernet without ever telling you.

It seems that everyone forgot to answer your question in the heat of battle . Have a look at ZoneAlarm and PC Tools Firewall Plus. Both are freeware and will make the status of your connections a lot more obvious.

Both are notoriously broken, have known unpatched vulnerabilities and are introducing a lot of additional attack vectors. Unless he really wants to break his system, such recommendations are about the worst he could get.

Doesn't work, by design.

Windows Firewall supports this very well.

And why exactly should such a malicious program let itself get detected?

If you consider a program as malicious, then you should also expect it to bypass your trivial measures.

I guess I'm imagining things that pop up on Symantec's Corporate security suite on my work laptop (actually amazingly non-annoying in stark contrast to the consumer Norton crap) that sometimes surprise me on commercial software from time to time?

And why do you keep avoiding the breastfeeding question? Did they have to tie a porkchop around your neck to get the dog to like you?

Oh ya, it's a "feature" by it's absence.

No, you're not imagining. However, you fail to address the cases where a communication takes places *without* a popup occuring. For a malicious program, this is trivial to achieve.

Well, if it surprises you then you really have a problem. Didn't you read the documentation or didn't you get the configuration right?

Because I won't feed you, troll!

is your name Rod Speed???