Firewall newbie! Which free one??

So if you're not using your computers in a productive way, why do you want a firewall?

It isn't. I've seen numerous system running too fine with ZoneAlarm installed, it should submit some more errors.

You should stop toying around if you're a student. There's no real purpose for testing a network error simulation tool that is satirically advertised as a security software.

You can't.

Why?

Why are you always condescending to people when the come here asking honest questions?

ZoneAlarm is at least as reliable as XP's built-in port blocker, and in the right hands, it's more reliable.

Sure it is, many people use it every day without any faults, without any compromise, without any problem, and the also learn about what is reaching their node/pc if they want too.

Strange, testing was not mentioned, in fact, you're being condescending to the OP again.

Yes, he can remove Zone Alarm, but there appears to be no reason to remove it.

Because it doesn't tell the OP anything about anything happening network wise , because applications can punch holes in it without the user knowing, because it doesn't report inbound/outbound traffic, because it's build by Microsoft (at least distributed by them), etc...

I use a router w/basic firewall and the XP firewall. This suite me fine as it is the least obtrusive setup. ZoneAlarm, Kerio etc. can notify you of something trying to connect out that you may not want connecting out but more serious malware can bypass the firewall so it is actually better to use a port monitor to see what traffic is connecting in/out. ZoneAlarm is the easiest to use but if you ant something more complete give NetVeda Safety.Net a shot, can be a bit daunting to setup though as it is much more than a firewall. Kerio is easy and ok too.

Maybe he's young and needs the fun.

ZA like all Personal-Firewalls is crap, has always been crap and will always be crap. You know, Sebastian knows and I know.

EOD

Wolfgang

LOL, you might as well ask a blind man from birth why he is blind. The response from the blind man will be *it's just the way it is and I am what I am.* Apparently, he don't know any better and he can't change, as he was brought up that way.

Duane :)

Yes, but it's still a LOT better than Windows XP Firewall.

What does "LOT" mean?

asks Wolfgang

LOT, means that it has more information for the user to determine access, more ability to block, and is less likely for a application to install a hole without the user knowing.

Then what kind of free firewall would you guys suggest using?

blocking incoming requests does the XP Firewall, blocking outgoing requests isn't possible at all.

For that, I inform me.

Wolfgang

Yes, it can't and doesn't do anything about outbound requests, it also doesn't provide a real-time means for users to monitor connections.

Code, by any vendor, AOL is a good example, can open a exception in the Windows XP Firewall without alerting the user.

Leythos schrieb:

How can crap be better than anything else?

no personal firewall can do anything about outbound requests. At least, Microsoft is astonishingly honest and tells you it cannot. Others claim they can, while they cannot either.

You do not really want to tell us that you trust any connection monitoring on an infected system, do you?

It can do so with any personal firewall.

Regards Thomas

If that's true then why is so much outbound crap caught by PFW's? I mean, if it is so easy to bypass then why aren't they all doing it? I've seen PFW's like Kerio etc. capture lots of shit the developer wished you didn't know about. I only use the XP firewall now as it is less obtrusive but I have used many other firewalls in the past so know they can stop outbound connections you might not want happening.

Like what? Can you provide an example? What developer are you talking about? It's only stopping a program from making an outbound connection that it can detect because it's running, which is not even a FW function the beloved App. Control. That doesn't mean that the PFW is stopping all outbound connections.

What about that period of time on the boot and login where malware can and does beat the PFW out on outbound before the PFW can be started? And I have tested most of the PFW(s) on the boot and login process and not a one of them could stop malware from connecting out, during this time period.

And if malware can get there and can be executed, it can circumvent or fool the PFW just like it can fool or circumvent the O/S.

If the O/S has not been hardened to attack, then nothing that's running with the O/S is secured. And most users flat-out cannot or don't even know how to secure the O/S. So what makes you think that some PFW is some stops all and ends all solution when it's not that, particularly when nothing has been done to the O/S?

A personal FW if you want to call it a FW is just a personal packet filter. It's not a FW. A FW separates two networks the one that it's protecting from usually the Internet and the one that it's protecting the LAN.

Duane :)

Because some crap stinks worse than others - windows XP firewall stinks more than anything I've seen in 5 years.

There are zillions of people that will tell you they can track outbound connections with their PFW solutions and they would be correct. We all know they are not perfect, but, they offer more information than Windows XP Firewall, and information is power.

No, absolutely not, but I trust monitoring on an uncompromised system.

Prove it - provide me a sample for testing against various PFW solutions. Have your proof enter a PORT 80 inbound exception in 4 different popular PFW's and it should also do the same in Windows XP Firewall (so 5 in total). Send the sample (and source code) to my email address (in sig) and I'll report back the findings.

Actually, I don't care about app control, I care about port control, and I want the PFW to tell me what is in/out in real time.

Lexmark printer drivers spying on customers printing habits.

Ubisoft HoM&M5 spying on customers to see how many times they play the game.

Game called Swat4 that injected dynamic advertising into the game via the internet.

Is that enough for you or do you want the whole f****ng list? And I never said a PFW can block everything, I made that quite clear in fact! Learn to read.

I consider it to be useless paranoia.

They installed it they have to suffer the consequences. And besides, the software developer is not hiding anything to begin with.

They installed it. So see above.

No you didn't. All you did is post some crap about a PFW and how great it is when it is not that great and can beaten. You didn't make a damn thing clear about anything.

And since you needed to get out of line here, you take your computer running the God Damn PFW and stick it right up your f****ng ass.

I read alright only to find out that you're a dumbass home user running off about the your stupid mouth and some persoanl packet filter.

Duane

But many home users do consider AC as part of some FW function when it's not. I consider what you're talking about to be part of a packet filtering solution.

Duane :)