Freeware firewalls

[xmp]

I've been writing an Oracle client app and Kerio catches any change in
the .exe. I can remove a space character, recompile, run the program
and Kerio alerts me before allowing any connection. This is pretty
valuable in itself. The program .exe cannot be spoofed to another app
or changed without notification.

yes, a good set of comments from you. i agree with most of what you
said. firewalls do a lot of scrubbing and aren't dumb packet filters
anymore.

it checks the exe's most likely with a cryptographic or traditional
checksum. in this way it's harder for trojans to disguise themselves
and connect to the outside. better personal firewalls prevent more
advanced techniques like DLL injection.

michael

 

[Full Name]

G'day mate!

http://www.diamondcs.com.au/ (Process Guard) together with XP
firewall!

 

[g]

I have recently come back to ZoneAlarm after a short stint with both Sygate
and Kerio. ZoneAlarm does the trick for me and I find it much easier to
use and understand than the other two.

I have to agre here.. use what you understand. For me that's sytgate,
but I suspect it is different for everyone.

On other topics... Is it true that the windows xp firewall only stops
unsolicited incomming traffic. That function is adequately covered by
a NAT router. I thought the whole point of a firewall was to contorl
outgoig traffic, so that one could catch the odd trojan that slipped
onto the computer

 

[jo]

On other topics... Is it true that the windows xp firewall only stops
unsolicited incomming traffic.

Yes.

 

[Mel]

I have recently come back to ZoneAlarm after a short stint with both Sygate
and Kerio. ZoneAlarm does the trick for me and I find it much easier to
use and understand than the other two.

I've also tried these three firewalls again recently (after my ZA Pro licence expired)

I find ZoneAlarm free hassle free and perfectly adequate for normal use.

I preferred Sygate because it provided better logging and information and
advanced rules. But on my rather slow windows 98 based system it used
significantly more processor time that the others and more annoyingly stopped
the system going into standby - this may not apply to XP systems.
(Hitting the sleep key locked up the PC on one or two occasions)

I found Kerio 4.12 the least straight forward to set up, but it does have some nice
features such as modem hijacking protection - an alert to inform you if your
dial-up number has been changed, although this only pops up after establishing
a successful DUN connection.

I had to turn off DNS resolution and a couple of other options to stop it
opening a dial-up requester during start-up which was rather annoying.

It also seems to be incompatible with WinPCap on windows 98 systems
(this definitely doesn't effect XP) so I couldn't capture with Ethereal, this
was why I went back to ZA.

 

[Al Smith]

I have recently come back to ZoneAlarm after a short stint with both Sygate

and Kerio. ZoneAlarm does the trick for me and I find it much easier to
use and understand than the other two.

Me too. I've tired Kerio, Sygate and a couple of others, but
ZoneAlarm is best from the viewpoint of simplicity coupled with
security.

 

[Cool Guy]

[...] that should be ok for dialup.

Why would it matter whether or not dial-up is in use here?

 

[elaich]

Me too. I've tired Kerio, Sygate and a couple of others, but
ZoneAlarm is best from the viewpoint of simplicity coupled with
security.

Zone Alarm does not give you port control. To me, that's not very secure at
all.

 

[Rod]

XP sp2 has its own firewall that should be ok for dialup.

Oh dear, look over here:

http://support.microsoft.com/kb/886185

"After you set up Microsoft Windows Firewall in Microsoft Windows XP
Service Pack 2 (SP2), you may discover that your computer can be accessed
by anyone on the Internet when you use a dial-up connection to connect to
the Internet."

 

[scootgirl.com]

G'day mate!

http://www.diamondcs.com.au/ (Process Guard) together with XP
firewall!

Not freeware.

Karen
http://scootgirl.com/

 

[scootgirl.com]

nb00s0.nbnet.nb.ca:


Zone Alarm does not give you port control. To me, that's not very secure
at
all.

Does Sygate allow this? I'm considering trying it as I could use that level
of control.

Karen
http://scootgirl.com/

 

[schrodinger's cat]

Does Sygate allow this? I'm considering trying it as I could use that level
of control.

Karen
http://scootgirl.com/

Sygate's Advanced Rules (under the Tools menu) allows you to block
specific protocols (UDP,TCP, etc.), on any port or combination of
ports, for incoming traffic, outgoing traffic, or both, for selected
hosts, on chosen network interfaces, either always or as scheduled,
when the screensaver is on or off, and for specific or all
applications. Does that qualify as sufficient control?

 

[Aaron]

Sygate's Advanced Rules (under the Tools menu) allows you to block
specific protocols (UDP,TCP, etc.), on any port or combination of
ports, for incoming traffic, outgoing traffic, or both, for selected
hosts, on chosen network interfaces, either always or as scheduled,
when the screensaver is on or off, and for specific or all
applications. Does that qualify as sufficient control?

Sure, too bad sygate has a serious problem with handling loopbacks, which
makes it unadvisable to use with proxomitron, webwasher etc etc

 

[schrodinger's cat]

Sure, too bad sygate has a serious problem with handling loopbacks, which
makes it unadvisable to use with proxomitron, webwasher etc etc

Fortunately, I haven't needed Proxo since I switched to Firefox.

 

[me]

Fortunately, I haven't needed Proxo since I switched to
Firefox.

You don't mind 1 x 1 iFrames, nosey JavaScript, webbugs, ...?

J

 

[schrodinger's cat]

You don't mind 1 x 1 iFrames, nosey JavaScript, webbugs, ...?

J

It sometimes used to seem that I spent more of my time tweaking Proxo
than actually browsing. With Firefox, Adblock, and other extensions, I
can eliminate 95% of the clutter and live with the rest, and web pages
load much faster than when I was waiting for Proxo to rewrite them.

 

[me]

It sometimes used to seem that I spent more of my time
tweaking Proxo than actually browsing. With Firefox,
Adblock, and other extensions, I can eliminate 95% of the
clutter and live with the rest, and web pages load much
faster than when I was waiting for Proxo to rewrite them.

Hey, lucky you! Me on dialup and a slooow box - every little bit
helps.

BTW, can you (or anyone else) recommend a NG and/or page for
"yap&swap" Proxomitron's filters? (other than
groups.yahoo.com/group/prox-list/)

TIA
J

 

[Aaron]

(e-mail address removed) wrote in

 

[me]

(e-mail address removed) wrote in
net:

Fantastic. Thank you very much.

J

 

[KHaled]

@newsread1.mlpsca01.us.to.verio.net:

Does Sygate allow this? I'm considering trying it as I
could use that level of control.

Karen
http://scootgirl.com/

You may also want to try OutPost. I used Sygate for a while,
but eventually moved on. Do read the docs first though, and
keep in mind that there are features that may be provided by
other programs, such as ad. filtering, dns, etc. These
however can be turned off.

--
KHaled

e-mail: khaledihREMOVEUPPERCASELETTERS at fusemail dot net
(correcting antispam crap..)
please start your subject line with the string "==NG=="