Jump to content

What's the best firewall?

ODC

By ODC
in Networks and the Internet

 Share

What's the best firewall?  

432 members have voted

  1. 1. What's the best firewall?

    • ZoneAlarm
      54
    • Outpost
      35
    • Sygate
      53
    • Symantec
      17
    • Kerio
      26
    • Windows Firewall
      27

Recommended Posts

dale5605

dale5605

Posted
Posted
I have tried other firewalls like norton, and avg. But they are incredibly annoying and pesky, I get popups all the time, almost always false alerts too. With windows firewall I sometimes have to unblock a new program once, and that's it. It doesn't bug me all the time so I can get along with it.  :D

The big problem with the Windows firewall is that it is easily circumvented by malware and it doesn't scan outgoing traffic at all.

As for third-pary firewalls, I don't get any "pesky" pop-ups from Sygate, and I only need to allow the program access to the network once and it leaves me alone. I've never had a "false" alert with Sygate, perhaps one that Sygate thinks is a threat, but actually isn't. So I just adjust a setting and all is well. It's better to have a little bit of a tighter system that you then have to open up for your programs than a wide-open system (which is essentially what you've got now). I know other programs act in the same way (BitDefender, Kerio, etc).

My system isn't open at all. Windows firewall might not be completely conprehensive but it does enough. I still have a hardware router firewall and antivirus/antispyware programs.

Link to comment
Share on other sites

Zxian

Zxian

Posted
Posted
My system isn't open at all. Windows firewall might not be completely conprehensive but it does enough. I still have a hardware router firewall and antivirus/antispyware programs.

Many people misinterpret the term "open". Your computer/network may be secure enough to stop something unwanted from entering the network, but the Windows Firewall and hardware firewall won't do anything to stop a Trojan or other malware from sending information out from your computer. A proper software firewall is the only thing that will prevent this.

Link to comment
Share on other sites
Shotgun

Shotgun

Posted
Posted
I have tried other firewalls like norton, and avg. But they are incredibly annoying and pesky, I get popups all the time, almost always false alerts too. With windows firewall I sometimes have to unblock a new program once, and that's it. It doesn't bug me all the time so I can get along with it.  :D

It also lets anything Microsoft wants to communicate from your computer to the outside world go by without even reporting it back to the user. I do not consider it a firewall but more like a "third party blocker". It lacks most of the things a true firewall must have. :}

Link to comment
Share on other sites
maxamoto

maxamoto

Posted
Posted (edited)
Windows Firewall.  :)

Lemme guess, because it's included in the OS which means you don't have to waste your time downloading and setting up something else, that just so happens to be better? :hello:

While you're trolling around, maybe you'd care to tell us what's better about the 'something else' you're referring to?

Windows firewall is just like every other software-based firewall on the market today. It has it's ups and downs. Listening to people rant about how skilled they are because they use kerio or ZoneAlarm makes me sick. If you want to impress your friends, get an old PII 300 or equivalent with 256MB of PC133 and a 1Gb hard drive, head over to Google and learn how to set up a dedicated multi-homed OpenBSD firewall. Chicks dig them, your little script kiddie friends will ooh and ahh and you'll gain instant popularity and acclaim (not really, but **** they're cool). And then you really can say you have the BEST firewall. Is it software or hardware? You decide =]

For the record, OpenBSD has only had a single remotely exploitable flaw in the default install in over 8 years. One. No Linux solution can claim that bragging right, and it puts to shame all contenders.

Edited by maxamoto
Link to comment
Share on other sites
maxamoto

maxamoto

Posted
Posted (edited)
I have tried other firewalls like norton, and avg. But they are incredibly annoying and pesky, I get popups all the time, almost always false alerts too. With windows firewall I sometimes have to unblock a new program once, and that's it. It doesn't bug me all the time so I can get along with it.  :D

It also lets anything Microsoft wants to communicate from your computer to the outside world go by without even reporting it back to the user. I do not consider it a firewall but more like a "third party blocker". It lacks most of the things a true firewall must have. :}

*sigh*... I remember the days when we could slip right past every single software-based firewall on the market just by renaming a virus to explorer.exe. I'm pretty certain most of them will still fall for that one. Good thing XP has System File Checker. Unless you turned it off. You didn't turn it off just so you could load pretty eye candy, did you?

If you know how to sniff packets on your subnet, you'll quickly discover that a correctly configured XP firewall does indeed keep everything to itself. Your paranoia has no scientific basis and your statement is inaccurate.

Edited by maxamoto
Link to comment
Share on other sites
Mekrel

Mekrel

Posted
Posted

Maxamoto, fantastic posts mate. Couldnt have put it better myself.

Outbound protection is worthless, if something is already on your PC that wanted to comunicate with exterior networks then they would. With or without the likes of kerio.

There was a fantastic post on one of the forums I post on by an advanced Windows user who explained why this is with evidence too. Unfortunaly that forum has had many a clean ups and that post no longer exists.

Link to comment
Share on other sites
atomizer

atomizer

Posted
Posted
...Outbound protection is worthless, if something is already on your PC that wanted to communicate with exterior networks then they would. With or without the likes of kerio.

hmmm... i'm one of those who has been saying that windows firewall is a joke. and i will argue that outbound protection is absolutely not useless -- it depends on what you're wanting to know. however, i'm starting to reconsider my opinion on the windows firewall after reading some of these posts. what i'd like to know is if anyone has done any research on windows firewall verses other products as far as introduced latency and system resources usage?

i've been using Kerio, or a flavor thereof, for a long time and i really like the control and configurability that goes along with it; block all traffic during boot, knowing what's going out, NIPS, HIPS, advanced rules, blocking all traffic with 2 clicks, viewing traffic in real time, decent logging, etc., etc.. the windows firewall, in comparison, seems very sub-par in features and configurability.

still, i'd be interested in the opinions of others, especially with respect to my question above.

Link to comment
Share on other sites
Clint

Clint

Posted
Posted (edited)

My opinion:

If you are the only user of your puter and do not have any weird/shady surfinghabits you will be just fine with a good software based FW that has the basic functionality like not responding to those glue-sniffing lower teens network-poking.

I use both, the software-based FW I use mainly for controlling applications/wincomponents outbound requests and browser popups....and for that Outpost is just the best in my opinion.

Edited by Clint
Link to comment
Share on other sites
maxamoto

maxamoto

Posted
Posted
...Outbound protection is worthless, if something is already on your PC that wanted to communicate with exterior networks then they would. With or without the likes of kerio.

hmmm... i'm one of those who has been saying that windows firewall is a joke. and i will argue that outbound protection is absolutely not useless -- it depends on what you're wanting to know. however, i'm starting to reconsider my opinion on the windows firewall after reading some of these posts. what i'd like to know is if anyone has done any research on windows firewall verses other products as far as introduced latency and system resources usage?

i've been using Kerio, or a flavor thereof, for a long time and i really like the control and configurability that goes along with it; block all traffic during boot, knowing what's going out, NIPS, HIPS, advanced rules, blocking all traffic with 2 clicks, viewing traffic in real time, decent logging, etc., etc.. the windows firewall, in comparison, seems very sub-par in features and configurability.

still, i'd be interested in the opinions of others, especially with respect to my question above.

It does pretty much the same thing all others do, and it's integrated. System resource usage is negligible (no worse than installing a 3rd party solution) and the security is the same. All software-based firewalls do a decent job of dropping remotely-initiated connections, and if you know what you are doing, you can block outbound connections as well by setting up TCP/IP filtering on the adapter. Of course, if you're like any other home user, you'll instantly switch back to having all traffic be allowed out once you realize how hard it is to track down all the different ports you need to open just to do your day to day surfing. So, do you really trust that software-based firewall to anticipate your needs, or are you going to take the time to learn how to secure your box? With inexperienced users, no product will protect you 100%. Read my post above about firewalls letting viruses communicate with their masters just because it was named explorer.exe. File streaming is another way to slip past most software-based solutions. You can have your opinions, but unless you really, really know how to lock yourself down, Windows Firewall is just perfect for you. Anything else is chosen based on personal taste (you like the interface, less popups than the competitors, etc) and not on merit. See my post above on setting up an OpenBSD firewall if you are truly concerned with what goes out your network card. And I'm out.

Link to comment
Share on other sites
Zxian

Zxian

Posted
Posted
*sigh*... I remember the days when we could slip right past every single software-based firewall on the market just by renaming a virus to explorer.exe. I'm pretty certain most of them will still fall for that one. Good thing XP has System File Checker. Unless you turned it off. You didn't turn it off just so you could load pretty eye candy, did you?

If you know how to sniff packets on your subnet, you'll quickly discover that a correctly configured XP firewall does indeed keep everything to itself. Your paranoia has no scientific basis and your statement is inaccurate.

I'm not sure about other firewalls, but I know for a fact that Sygate wouldn't fall for the "explorer.exe" trick. I just made a "program" using Quick Batch File Compiler that would simply ping Google and write the entries to a text file. I named the executable explorer.exe and ran it. Sygate immediately popped up and asked me what I wanted to do.

Maxamoto, fantastic posts mate. Couldnt have put it better myself.

Outbound protection is worthless, if something is already on your PC that wanted to comunicate with exterior networks then they would. With or without the likes of kerio.

There was a fantastic post on one of the forums I post on by an advanced Windows user who explained why this is with evidence too. Unfortunaly that forum has had many a clean ups and that post no longer exists.

It does pretty much the same thing all others do, and it's integrated. System resource usage is negligible (no worse than installing a 3rd party solution) and the security is the same. All software-based firewalls do a decent job of dropping remotely-initiated connections, and if you know what you are doing, you can block outbound connections as well by setting up TCP/IP filtering on the adapter. Of course, if you're like any other home user, you'll instantly switch back to having all traffic be allowed out once you realize how hard it is to track down all the different ports you need to open just to do your day to day surfing. So, do you really trust that software-based firewall to anticipate your needs, or are you going to take the time to learn how to secure your box? With inexperienced users, no product will protect you 100%. Read my post above about firewalls letting viruses communicate with their masters just because it was named explorer.exe. File streaming is another way to slip past most software-based solutions. You can have your opinions, but unless you really, really know how to lock yourself down, Windows Firewall is just perfect for you. Anything else is chosen based on personal taste (you like the interface, less popups than the competitors, etc) and not on merit. See my post above on setting up an OpenBSD firewall if you are truly concerned with what goes out your network card. And I'm out.

I'll have to disagree with both of you on this one. I have a friend who's computer I set up a while back with Sygate as a firewall (she had bought NAV and wanted to keep using it). She was using P2P programs in an uneducated way and came to me one day saying that Sygate was starting to ask her about all these new programs that wanted to connect to the internet. Turned out (after a visit to HouseCall) that a number of viruses/trojans had slipped past NAV and were trying to "call home". All I did to set up Sygate was ask her what programs she used on the net, ran them, and let Sygate ask me what to do (in this case, allow those programs access).

I'd really like to see someone with the Windows Firewall produce the same type of results. I'm not saying that Sygate is 100% (nothing is), but it's definately better than the default. I may not have "scientific" proof per se, but I have plenty of experience to backup my opinion.

(I use Sygate in all of my examples because it is the program I am the most familiar with. IMO, it is the best freeware software firewall available - note, IMO. Others may think otherwise, but for the common user a firewall that interacts with the user, at least on a first-time basis, is better than one that completely handles itself.)

Link to comment
Share on other sites
dale5605

dale5605

Posted
Posted
*sigh*... I remember the days when we could slip right past every single software-based firewall on the market just by renaming a virus to explorer.exe. I'm pretty certain most of them will still fall for that one. Good thing XP has System File Checker. Unless you turned it off. You didn't turn it off just so you could load pretty eye candy, did you?

If you know how to sniff packets on your subnet, you'll quickly discover that a correctly configured XP firewall does indeed keep everything to itself. Your paranoia has no scientific basis and your statement is inaccurate.

I'm not sure about other firewalls, but I know for a fact that Sygate wouldn't fall for the "explorer.exe" trick. I just made a "program" using Quick Batch File Compiler that would simply ping Google and write the entries to a text file. I named the executable explorer.exe and ran it. Sygate immediately popped up and asked me what I wanted to do.

Maxamoto, fantastic posts mate. Couldnt have put it better myself.

Outbound protection is worthless, if something is already on your PC that wanted to comunicate with exterior networks then they would. With or without the likes of kerio.

There was a fantastic post on one of the forums I post on by an advanced Windows user who explained why this is with evidence too. Unfortunaly that forum has had many a clean ups and that post no longer exists.

It does pretty much the same thing all others do, and it's integrated. System resource usage is negligible (no worse than installing a 3rd party solution) and the security is the same. All software-based firewalls do a decent job of dropping remotely-initiated connections, and if you know what you are doing, you can block outbound connections as well by setting up TCP/IP filtering on the adapter. Of course, if you're like any other home user, you'll instantly switch back to having all traffic be allowed out once you realize how hard it is to track down all the different ports you need to open just to do your day to day surfing. So, do you really trust that software-based firewall to anticipate your needs, or are you going to take the time to learn how to secure your box? With inexperienced users, no product will protect you 100%. Read my post above about firewalls letting viruses communicate with their masters just because it was named explorer.exe. File streaming is another way to slip past most software-based solutions. You can have your opinions, but unless you really, really know how to lock yourself down, Windows Firewall is just perfect for you. Anything else is chosen based on personal taste (you like the interface, less popups than the competitors, etc) and not on merit. See my post above on setting up an OpenBSD firewall if you are truly concerned with what goes out your network card. And I'm out.

I'll have to disagree with both of you on this one. I have a friend who's computer I set up a while back with Sygate as a firewall (she had bought NAV and wanted to keep using it). She was using P2P programs in an uneducated way and came to me one day saying that Sygate was starting to ask her about all these new programs that wanted to connect to the internet. Turned out (after a visit to HouseCall) that a number of viruses/trojans had slipped past NAV and were trying to "call home". All I did to set up Sygate was ask her what programs she used on the net, ran them, and let Sygate ask me what to do (in this case, allow those programs access).

I'd really like to see someone with the Windows Firewall produce the same type of results. I'm not saying that Sygate is 100% (nothing is), but it's definately better than the default. I may not have "scientific" proof per se, but I have plenty of experience to backup my opinion.

(I use Sygate in all of my examples because it is the program I am the most familiar with. IMO, it is the best freeware software firewall available - note, IMO. Others may think otherwise, but for the common user a firewall that interacts with the user, at least on a first-time basis, is better than one that completely handles itself.)

Windows firewall does the exact same thing. It asks you if you want to unblock a program that is trying to access the internet, or keep blocking it. Once you unblock a program that you use and trust it is added to the windows firewall exception list and is granted internet access.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...