simple firewall for windows that doesn't do invisible stuff

Hi. I am currently using outpost and it pisses me off, it's screwing up my VPN connection for no apparent reason (no blocking logs are present but nothing works over VPN unless I disable Outpost), some invisible rules that cannot be turned off pop up, the experience is very annoying.

Is there any simple firewall for windows? I don't need ad blocking, attachment checking, DNS cache and all that, I just need a simple network forewall that does what I tell it to do and doesn't do what I DON'T tell it to do and is not pain in the ass to use.

Is there such a firewall?

Reply to
Sergei Shelukhin
Loading thread data ...

Yes.

Yes. What windows version?

No.

which is?

Reply to
Straight Talk

Dobry den, Sergei Shelukhin, ty skazal:

Is wipfw that what you want? It comes from BSD.

Nadeyus on pomogaet. Wolfgang

Reply to
Wolfgang Ewert

Try Sygate 5.5 b 2710 for Win98 or Sygate 5.6 b 2808 for Win98 and XP

formatting link

Reply to
Casey

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ahem... maybe you should take a look at the requirements again. Sygate shit surely is PITA, since it allows any random attacker to crash the system run arbitrary code, escalate privileges etc.

Anyway, I can't see how you could build a firewall with the Sygate HBPF. I'd say it's impossible.

Reply to
Sebastian G.

My main purpose in running a firewall is to keep malware out of my machine. Sygate's ability to do that is dependent on the users ability to write Advanced Rules to keep the crap out. If the crap can't get in, it can't do harm. My Sygate serves me very well--has for 6-yrs. C

Reply to
Casey

Why don't you consider a decent AV application?

Reply to
Kayman

No rule could help if it's trivial to circumvent. Trivial as in "exploit_of_your_choice | fragrouter -relay $TARGET_IP" to create overlapping IP fragments, which bypass all of Sygate's rules due to a bad implementation of IP fragment reassembly.

Sygate is the REASON why crap can get onto the machine in first place. Heck, just visiting a website is enough to exploit one the many buffer overflows in the HTTP filtering module.

Yeah, and we'd surely believe an incompetent fool who isn't even aware of the well-known vulnerabilities in his crapware (and therefore never bothered to actually audit it).

Reply to
Sebastian G.

And how is that supposed to work? Dude, you're even abusing MSOE as a news reader.

Now consider receiving a mail, encrypted via S/MIME and the key retrieved via OCSP (just in case you're actually scanning POP3/IMAP connections, as stupid as this might be). MSOE decodes it in memory, then the exploit is triggered, and the malware executes in memory. It load arbitrary libraries, calls all the way to shutdown your AV application, which doesn't even get the chance to intercept this trivial process.

Reply to
Sebastian G.

q.v. force.coresecurity.com

Reply to
Gary

When did a personal FW become a malware solution? The PFW/packet filter's job is to stop traffic/packets. Its job is not to be stopping malware.

Reply to
Mr. Arnold

If you don't have SG killfiled, I suggest you just ignore SG. He is about to have another one of his ridding up on his cockroach and laying down his 10 Commandments from his cockroach episodes if you let him get started.

Reply to
Mr. Arnold

Yes, the Windows-Firewall. It comes with your copy of Windows.

Yours, VB.

Reply to
Volker Birk

Because :)

Darn, should I apologies to MSOE? I really don't have any regrets, though :)

This really makes sense... unfortunately the uninitiated may not quite follow you; But this is really an old chapeau :) Now, keep 'em educational posts coming, won't you!

Reply to
Kayman

"Sebastian G." schrieb

Does this also work when using a software such a "mail security" or "Postpruefer"

formatting link
or
formatting link
which allow to check and delete mails and attachments on the server without using the mail client?

Corinne

Reply to
Corinne F.

  1. Wipfw comes from BSD/FreeBSD's 'ipfw' (an ipfw2 port can be found in the SVN), whereas CoreForce comes from the way more complicated OpenBSD's 'pf'.
  2. CoreForce is f***ed up by bundling it with "application control" and other stuff that messes up the system, thus at the current stage is definitely no option.
Reply to
Sebastian G.

Yes, ipfirewall was developed for FreeBSD[1].

By complicated do you mean "feature rich"? Because their syntax is unsurprisingly similar. But it hardly matters with CoreForce since there's a GUI included[2]. Wipfw, on the other hand, is not bundled with a GUI. I suppose one could use Firewall Builder[3] with it, though.

It possible to use just the firewall portion. There are several host based IPSs for Win32[4] but I've not had the time or need to investigate them all.

-Gary

  1. formatting link
    formatting link
    formatting link
    formatting link
Reply to
Gary

Sorry, you misunderstood my post. Once again (simpler): The main purpose of a firewall is to control connections from internet into your machine. To control virus, trojans, etc., use AVG, Adaware, Spybot S&D, Spyware Blaster, etc. C

Reply to
Casey

Not in this port. Anyway, it's also the architecture that is pretty complicated.

There's also a GUI for Wipfw (just look at the SourceForge Project website). Anyway, you normally want a scriptable command line.

AFAICS you always install all parts and then you can only disable some particular modules. "Disable" as in still existing hooks, but allowing everything through.

Reply to
Sebastian G.

ACK.

To control virus, trojans etc. I use access control (surfing as a restricted user) and try to use actually patched software not vulnerable for spyware and other types of malware a.s.o.

Wolfgang

Reply to
Wolfgang Ewert

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.