Firewall Discussion

[Andavari]

Split from Problems with computer.

 

For continued discussion about firewalls, faults of specific firewalls, and/or which one to use please use this thread.

[Andavari]

So you dont think it's a problem that the windows firewall dosent scan out going traffic?

So what if you download a program that connects to the internet without your knowledge and downloads a virus? With zone alarm all I have to is click deny access and problem solved, not so with the windows firewall. Also right when sp2 first came out wasnt their a problem with certain viruses and worms that could actually shut it down? I have no clue if this was fixed.

 

What problems did you have with zone alarm? I have been using it for about two years and it has never crashed or anything. Once I allowed firefox and thunderbird and my games access to the internet and turned off the notifications I dont even know its running. I just click allow when a program wants access and thats it.

 

Look at this (look under other firewalls)as well. Zone Alarm recommended on a microsoft site? Sounds like the windows firewall is a stinker to me.

 

<{POST_SNAPBACK}>

 

 

I completely understand what you're saying, please don't take what I've written below as being hard-headed.

 

---

 

Since the Windows Firewall doesn't scan outgoing traffic that is my major gripe about it so no I'm not o.k. with that missing feature. The other major gripe is not having a systray icon to indicate it's functional.

 

I do full system scans everyday for viruses, spyware, adware, trojans (malware). I never knew anything about Windows Firewall being remotely shutdown. If Windows Firewall is shutdown I'd think the Windows Security Center would notice that.

 

Problems with third-party firewalls I've had:

 

Sygate Personal Firewall:

* Blocks a bunch of websites such as www.apple.com/quicktime including the QuickTime Player update program. Blocks some stuff when trying to register extended warranties for products purchased at Staples.

* The only virus activity I know of that can shutdown a firewall happened twice with Sygate Personal Firewall. Get a virus stuck in the log that it blocked, and as soon as an antivirus scanner tries to deal with it it'll immediately cause Sygate Personal Firewall to shutdown. When the antivirus scanner tries to repair the log file it can't. Of course the log file has to be manually deleted to get rid of the virus since antivirus software isn't capable of removing the virus from the log.

 

ZoneAlarm (free):

* Not a bug an annoyance; Too many distractions always popping up a blocked attack. I say just log minor, and medium attacks and only display a popup when there is a major attack that requires the user to consider applying the lock for a few moments.

* When making some setup packages I noticed they were automatically configured as trusted applications for what reason I don't know. When removing them from the Programs List in ZoneAlarm they immediately reappear even if the setup package is renamed the original .exe file name reappears. That's enough of a bug for me not to trust ZoneAlarm (free).

 

Kerio Personal Firewall v2.1.5 (don't like version 5 at all):

* On my WinXP system it will periodically and completely lose my custom configuration and custom rule sets.

 

---

 

In another firewall dicussion on Hydrogenaudio.org Peter Pawlowski (zZzZzZz) wrote this. The most powerthing he stated was in the first sentence and second sentence of this post. I respect his opinion very much, and have found third-party firewalls to be buggy.

 

His statement really set off a lightbulb in my head, and that is:

Software-based third-party firewalls need to be certified by Microsoft.

[Tarun]

Windows Firewall is better than nothing. However; it only blocks SOME outbound items, and I've seen it allow spyware without asking once.

 

ZoneAlarm Pro is good too, same with the free version. Frankly, if you want a great firewall then I highly recommend Outpost Pro.

[rridgely]

I dont think theirs anything else I can say to deter you from the windows firewall, but I can solve your first gripe with zone alarm just go to alerts and logs and turn them off then it blocks the bad stuff automatically and no more annoying pop ups.

 

As far as sygate and kerio go I have tryed them but only for about an hour a piece before I would switch back to ZA. But to be honest most of the time I hear that software firewalls arent the greatest anyway. I have a linksys router with a built in firewall that I got from staples on sale for about $50(802.11G and a firewall.)

[DjLizard]

I only use the Windows Firewall myself, and I've seen it catch a lot of things too (what, do you think that it's a full featured program? It's a hotfix to a long running issue of Microsoft leaving tons of useless ports accessible by default -- it is a direct response to Blaster/Sasser type worms.) The point is, the Windows firewall does what it was designed to do, and does it with low overhead. It's the only thing I use (I don't have antivirus, I don't have antispyware, I don't have a firewall, and I'm set as DMZ on my router, which means I'm exposed to the universe, and I don't care).

[agumon]

which means I'm exposed to the universe, and I don't care

that's cool.. anyway, a question here... is Windows Firewall in stealth mode?

[DjLizard]

stealth mode?

[agumon]

"Stealth mode. Your computer is hidden and protected from hackers... ... "

i am currently using zonealarm and this is quoted from it...

[DjLizard]

Oh. That's just a concept. It's not really guaranteed to be hidden, nor guaranteed to be protected from hackers, since anything could happen (bugs in zonealarm, exploits for zonealarm, end user makes a mistake, etc, etc)

 

Windows Firewall is too simple to have that concept

[Andavari]

Windows Firewall stealth. Well according the the ShieldsUp tests on http://grc.com it passed as TruStealth on my system. Of course that doesn't mean it will pass as TruStealth on other systems depending upon the network configuration, and what other programs are doing.

 

"Perhaps" my configuration of it helped it pass since I unchecked the two allow items on the Exceptions tab.

 

I just only wish I would've been using it all along to negate dealing with and living with bugs in third-party firewalls on a daily basis.

[agumon]

Windows Firewall stealth. Well according the the ShieldsUp tests on http://grc.com it passed as TruStealth on my system. Of course that doesn't mean it will pass as TruStealth on other systems depending upon the network configuration, and what other programs are doing.

 

"Perhaps" my configuration of it helped it pass since I unchecked the two allow items on the Exceptions tab.

 

I just only wish I would've been using it all along to negate dealing with and living with bugs in third-party firewalls on a daily basis.

i like windows firewall a lot... very easy to use... and i think it uses much less resources than zonealarm, which is what i am currently using... the only program i have with windows firewall that it does not have good outbounding connections guard...

[Eldmannen]

Windows firewalls are a joke. If they even can be called firewalls.

None of them offer true SPI (Stateful Packet Inspection).

Many of them consist of a "Firewall ON" and "Firewall OFF" button.

 

They all seem to include IDS (Intrusion Detection System) and fancy things. Many people who start use firewalls see things blink on their firewall and gets paranoid and assume someone is trying to hack them.

 

True firewalls are the ones in Linux (iptables/netfilter) and *BSD systems (ipfw/ipf).

[agumon]

Windows firewalls are a joke. If they even can be called firewalls

but i still like it...

[Eldmannen]

but i still like it...

 

<{POST_SNAPBACK}>

 

 

 

They are bad and lack configuration that I desire.

However, still they are in most cases better than nothing.

I run the firewall that comes with SP2.