Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Cactusjack on October 30, 2006, 11:54:38 PM
-
I have now 3 days AVAST4Home,and i am looking for the best Free
Firewall for this program,version 4.7
Who can help me?
-
my reccomendation would be Kerio (google will find it) and set it up for simple or advanced depending on how seriously you want to monitor its performance.
good luck :)
-
I have now 3 days AVAST4Home,and i am looking for the best Free
Firewall for this program,version 4.7
Who can help me?
I just love the great free firewall Comodo Personal Firewall
http://www.personalfirewall.comodo.com/
Work just fine for me with Avast
-
I am looking for the best Free Firewall
I just love the great free firewall Comodo Personal Firewall
The *best* :o
Comodo Personal Firewall ;)
-
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php. Also see http://www.thefreecountry.com/security/firewalls.shtml
-
Comodo is great!
-
I'm using Sunbelt Kerio Personal Firewall. I love its simple interface which easy to understand, I like its application behavior blocking that gives me some kind of proactive protections.
-
:) Hi Cactus :
There is NO "best free firewall"; just need to find one that
suits you . For starters, would recommend you view the
info at www.spychecker.com/software/freeware_firewall.html .
I, personally, like the FREE Sygate, that is listed at
www.filehippo.com/software/firewalls/ because there is
a "Setup Guide" available .
-
COMODO or Jetico 1.0.1.61 are very avast! friendly ;)
-
Another plug for Comodo. Apart from an old Norton one (2000 I think, it was great!) and XP's inbuilt, it's the only other I've used. Seems effective, easy to use, passes the ShieldsUp test (all service ports) and doesn't use much cpu/ram.
-
I read the leaktest a few weeks a go.
And see the Firewall of Windows. very bad.
Now must i tell you that i earlier this year used the Kerio Firewall,
and this is a very good one,only now i have him in the freeversion
on me computer. So i ask by my self ,is the Free Kerio O,K?
Then have i running Webroot Spysweeper (very good) and now Avast4Home.
A few guys prefeer Comodo, and i think that i Comodo install and then
can i say whats better is.
I know its a personal tasty,but there is no Firewall (even Buy) with
a score off 100% .
Let me thank all off you for reacting on me question,and the fact
that i already have a good one.
-
Is the Free Kerio OK?
Yes, it is a very good firewall.
can i say whats better is.
The one you like, works, does its job.
Both Comodo and Kerio are good firewalls.
-
My friend - a big guru in IPS - says he won't recommend COMODO anymore. :) The reason is as follows (from his words): COMODO doesn't process connections at high-number ports from 65000 to 65535. :)
-
So then... what to use? ???
-
If you look for a free firewall, Kerio will be a good choice. It may defend you from unknown viruses. :) It has deep drivers, it is practically fully functional, etc.
-
My friend - a big guru in IPS - says he won't recommend COMODO anymore. :) The reason is as follows (from his words): COMODO doesn't process connections at high-number ports from 65000 to 65535. :)
Hi ,I did a port scan at grc.com on ports 65001-65064 and got stealth results.See screenshot of cpf logs.
-
I use Sygate for 5 years with Avast and other anti-virus with Windows XP/SP2
Sygate is a freeware; it's very easy to use and to control
Claude (FR)
-
Yes agree Sygate is a good Firewall,but
i have problems whit the use of CPU,this is very high,i think.
-
If you look for a free firewall, Kerio will be a good choice. It may defend you from unknown viruses. :) It has deep drivers, it is practically fully functional, etc.
O.K.Its true the firtst month after install you get the full PRO
programm,but i pay never whit creditcards,so if i not pay is the Kerio Firewall
automaticly Freeware.
And thats means,no virus or Troyan horse and other stuff are cathing annymore.
Olso a few other things are in the Freeversion not working.
But it is and stay a good and very to understand Firewall.
The fact that Kerio now not running on virus,etc,is for me not bad,becouse
i use Webroot Spysweeper and this programm replace The Kerio Pro,
in combination whit SpywareBlaster and AVAST4Home.(whit the Free Kerio)
-
Anyone considering Sygate should consider a couple of things, it is no longer in development since it was bought out. It has a localhost loopback weakness, in that it can't tell what programs are using the localhost proxy it only identifies the local host proxy. So it is possible that a malicious program could use the localhost proxy and not be challenged if the proxy is allowed permission to connect to the internet.
avast's Web Shield proxy is one such proxy, however avast's web shield doesn't allow all and sundry to use the web shield proxy only browsers that are known not to cause problems, so this might limit exposure to the Sygate weakness.
To further improve this security, you should disable transparent use of the web shield proxy. How to disable transparent web shield proxy and allow only those browsers you want use it:
In avast! go to Web Shield provider, Customize..., Basic tab, blank the redirected HTTP port field (remove the 80). Now no browser can use web shield unless you manually configure it to use Web Shield.
Example of manual browser set-up:
For IE - broadband users: - Tutorial - Web Shield Proxy Set-up for IE (http://www.avast.com/files/tutorials/ws_ieproxy.htm)
For IE - dialup users - Tutorial - Web Shield Proxy Set-up for IE (Dial-up) (http://www.avast.com/files/tutorials/ws_ieproxy_dialup.htm)
For Firefox users - Tutorial - Web Shield Proxy Set-up for Firefox (http://www.avast.com/files/tutorials/ws_ffproxy.htm)
-
timcan, :D Of course, outbound connections, not inbound! :D
-
If you look for a free firewall, Kerio will be a good choice. It may defend you from unknown viruses. :) It has deep drivers, it is practically fully functional, etc.
O.K.Its true the firtst month after install you get the full PRO
programm,but i pay never whit creditcards,so if i not pay is the Kerio Firewall
automaticly Freeware.
And thats means,no virus or Troyan horse and other stuff are cathing annymore.
Olso a few other things are in the Freeversion not working.
But it is and stay a good and very to understand Firewall.
The fact that Kerio now not running on virus,etc,is for me not bad,becouse
i use Webroot Spysweeper and this programm replace The Kerio Pro,
in combination whit SpywareBlaster and AVAST4Home.(whit the Free Kerio)
The only difference between payed and free version is disabling of Web blocking that doesn't work anyway. :) Overall all the functions remain the same. :)
-
My friend - a big guru in IPS - says he won't recommend COMODO anymore. :) The reason is as follows (from his words): COMODO doesn't process connections at high-number ports from 65000 to 65535. :)
Well... can you post a link to this guru's option...
Seems it's not truth... Does this guru works for other firewall manufacturer? ;D
-
???I have visit all the websites from almost every Firewall today.
No not that i remove KerioFreeFirewall today or coming weeks, but
i read all the things and setups(if it can) and then i see Outpost Free.
Outpost must be olso good,but the interface is not so easy to understand.
And i look on the Forum off Comodo,and there is a heavy discussion
about COMODO Free? Forget it,or it is true or not, this is nice to follow it.
Comodo said it is not true,but costumers says No its a TRIAL.
And on the homesite i read that there is coming a new version the
6 or7 nov.
If i am completely missing this message,than you reacthing please.
It must be said that i never learn English, but i try it. (TV English)
No i take no lessons, becous i am 60+and i hate schools!!
-
Comodo said it is not true,but costumers says No its a TRIAL.
Trial for what? Right now the application is full free...
-
2 Tech: he doesn't work for other firewall vendor.. :D I can't give a link, but I will quote his msgs to me 2morrow. :)
-
Like i said,on the ComodoForum can you read the discussion
about ComodoFirewalls.
So there are costumers who said that the first month a trial is.
After registrating going something wrong,becourse the key for activating
is not working.
And it seems it is no incidently, becourse so many users reacthing on it.
No said Comodo The Firewall is Free for livetime.
This is what i read,but yes me English is not so good. ::)
-
No said Comodo The Firewall is Free for livetime.
Then I said it now...Comodo Firewall is free for lifetime! :)
And if you don't believe me...read it on their homepage:
http://www.personalfirewall.comodo.com/
Comodo Firewall - It's Free. Forever. No Catch. No Kidding
And the big boss at the Comodo company says it's free:
http://forums.comodo.com/index.php/topic,2672.0.html
-
Yes, BLUESMAN,this is what i mean!
This is the reacting from COMODO,and i believe it.
THX.
-
4U, Tech:
that's what he wrote.
Message 1
By the way, I found a VERY interesting leak in COMODO yesterday. I was downloading CureIt! and it needs port 21 (FTP) and a very high port (somewhere around 64.000). I had it set to VERY HIGH security, which means it is supposed to let you know EVERY connection to EVERY remote port. It didn't recognize and/or warn me about the 64.000 range! So, it's either a bug, or COMODO itself is calling home through that range, which wouldn't surprise me. Too much 'snake oil' around this product if you ask me...
Paul
Message 2
Hi, Nick!
I got some BS letter as a reply today from the COMODO dev guys. They are trying to say that this is not a remote address issue. The remote address 'just spawns the ftp' or something. According to them, this is not a remote connection issue. My logs show SYN flags from my computer to the addresses below on high ports, but this is not a remote connection issue... :=)
Here are the addresses that have to be allowed to download Dr.Web's CureIt! Of course port 21 (ftp) but also:
* us.drweb.com (209.160.33.73) port range 64000-65535
* msk+msk2+msk3.drweb.com (81.176.67.170-81.176.67.172) port range 64000-65535
* msk1.drweb.com (192.168.255.255) port range 64000-65535
* msk4.drweb.com (83.102.130.174-83.102.130.178) port range 64000-65535
* If you allow ALL TCP Out to Any address, Any port you can download CureIt, but you won't get an alert about high ports in COMODO.
* If you restrict remote ports (21, 80, 90, 443, 5190) then you cannot download CureIt and you will see an Outbound Policy Violation log. No alerts however.
* If you allow the addresses above, you can download CureIt, but you won't get an alert about high ports in COMODO.
It's very strange also that there are no application logs. Only Netmonitor (packet logs).
I think I've witnessed a very bad case of 'snake oil' here and I will never again recommend COMODO to anyone. And the lesson is clear: packet rules should be VERY rigid, whatever firewall you are using.
Paul
-
O.K. I understand that i now have the Free KERIO Firewall,and i hold him.
i should not take the Comodo.
Thank You for the support!!
-
Reading this thread ... now I really do think Comodo is worth a try.
-
You said TRY it.
But PAUL (message2) should never recommend Comodo.
And Nick have olso this meaning,so why should i change me Kerio
for Comodo.
True, its a nice programm,but the experts says take not Comodo.
If comodo whit a new version better is than the Kerio,then i am the first
to download COMODO. O.K.?
-
I was speaking for myself and my intention to try it.
I have not seen any expert opinions ... just posts and reported emails from an unknown individual - I suggest they have as much value as any other posts in the thread.
-
I would also recommend to anyone to try comodo as well as any other firewall they might feel suits them .
at the end of the day the best protection comes from a hardware firewall rather than a software one.
A little read from an expert who has his own opinion about software firewalls and their merits
http://www.samspade.org/d/firewalls.html
Edit, the link is dead but here,s an excerpt...
...
...If you want to play with a piece of windows software that makes you click all over the place, there's always minesweeper.
If you'll feel safer sleeping at night knowing there's a 'personal firewall' running on your system, then install one. As long as you pay no attention to the "hack attacks" it reports it's better than nothing. A free one, ideally, as few of them are worth paying for. Turn off all the alerts and logging - you'll just waste your time (and, more importantly to me, my time and the time of other network administrators your complaints go to) increase your blood pressure and provide no benefit to you. If you really want to leave them turned on and see where traffic is coming from, feel free, but remember that most of the traffic you see is harmless, and that even if it isn't harmless it can't affect your system (if it could, it wouldn't be logged). Oh, and try not to waste admins time with frivolous complaints...
good luck ;D
Link to a review on CPF I was involved in when it was first released http://forum.avast.com/index.php?topic=17020.msg151965#msg151965
-
And i look on the Forum off Comodo,and there is a heavy discussion
about COMODO Free? Forget it,or it is true or not, this is nice to follow it.
Comodo said it is not true,but costumers says No its a TRIAL.
I have Comodo installed on 6 computers. On one of those the program reported that the trial period expired after about one month of use (I didn't pay attention to the exact time frame). Re-registering solved the problem.
-
MAUSERME,6 compu"s whit the COMODO Firewall and how are they
running?
So let me forget the comodo forum,becourse you have no struggles.
But how long do you use this Firewall and have you complains?
Maybe i ask to much,but you are user,and so the only one on this
forum(i think)with 6 comp"s,so you can say COMODO is good or not.
-
I started using Comodo on single computer about 3 months ago (mostly because of Tech's continued recommendation) and have slowly rolled it out to the others. The most recent installation is 30 days old today. Other than that one small glitch with the registration it's been problem free for me.
If I have any complaint about Comodo I could wish for better logging options but, as Cloussau pointed out, that can be as much a curse as a blessing.
I can only compare Comodo to Jettico, Zone Alarm Free and ASahmpoo Firewall as I have little or no experience with Sygate, Kerio, etc:
I tried Jettico several months ago and at that time the pop-ups were endless. It never settled into a mode where it recognized what should and should not have internet access. I got rid of it after a week.
I've been a Zone Alarm fan for a while but lately I don't like some if the changes they've made. For example, ZA logs every program opened even if it doesn't want internet access. This makes working with the program control a little cumbersome.
I was also very excited about AShampoo when it first came out becuase it's so light on resources. But it caused boot problems on several machines that I couldn't resolve short of uninstalling it so I gave up on it after the first 3 revisions.
-
This is the reacting from COMODO
I don't think this is a reaction... this was the first statement from the Comodo staff...
So there are costumers who said that the first month a trial is.
Well... the costumers here can say whatever they want... but the reality is:
-
4U, Tech: that's what he wrote.
* If you allow ALL TCP Out to Any address, Any port you can download CureIt, but you won't get an alert about high ports in COMODO.
* If you restrict remote ports (21, 80, 90, 443, 5190) then you cannot download CureIt and you will see an Outbound Policy Violation log. No alerts however.
* If you allow the addresses above, you can download CureIt, but you won't get an alert about high ports in COMODO.
It's very strange also that there are no application logs. Only Netmonitor (packet logs).
I've posted in Comodo forums... I'm not an expert to answer these points...
http://forums.comodo.com/index.php/topic,3687
6 compu"s whit the COMODO Firewall and how are they running?
I have three running smoothly 8)
-
Well... the costumers here can say whatever they want... but the reality is:
I agree with Tech - Comodo's stated intent is "free for life".
Other than having experienced an expired key once I really don't know what's going on with that. I'm sure they'll get it worked out.
-
This evening look i in me email and guest what?
Sunbelt Kerio write to me that i have 21 days for updating to
the Pro version. This Trial running 30 days in full mode,so sign and Pay.
I write a email back and i have SunbeltSoftware told that i
the Free Kerio have running,becourse i use the Kerio for 4 months,
earlier this year.
Then i write that the COMODO Firewall Free for life is,and even better.
Yes a litle press on Sunbelt for olso a Free for life version.
So i am waithing on a message that i can get the Full Kerio Free for life.
I can not whait
-
So i am waithing on a message that i can get the Full Kerio Free for life.
You can use Kerio free for life. But not the full version. This is stated in Sunbelt website.
The free version has limited features (specially privacy ones). But the free version works and protects very well anyway :)
-
So i am waithing on a message that i can get the Full Kerio Free for life.
You can use Kerio free for life. But not the full version. This is stated in Sunbelt website.
The free version has limited features (specially privacy ones). But the free version works and protects very well anyway :)
Yes i know this,but i try SunbeltSoftware to think about the Kerio Firewall
and olso this Firewall Free For Life to make.
-
4U, Tech: that's what he wrote.
* If you allow ALL TCP Out to Any address, Any port you can download CureIt, but you won't get an alert about high ports in COMODO.
* If you restrict remote ports (21, 80, 90, 443, 5190) then you cannot download CureIt and you will see an Outbound Policy Violation log. No alerts however.
* If you allow the addresses above, you can download CureIt, but you won't get an alert about high ports in COMODO.
It's very strange also that there are no application logs. Only Netmonitor (packet logs).
I've posted in Comodo forums... I'm not an expert to answer these points...
http://forums.comodo.com/index.php/topic,3687
Tech:
I know that it was your duty to post the info at COMODO forums, but the info was a personal message, and I had a not quite pleasant conversation with Paul recently. ;) Please ask the person who posted an info like that, before republishing it. :) Thank you. :)
P.S. I am also not correct in this case, but you know what personal message is. :)
-
Sorry Tech,you are correct in this case.
But i have a lot to learn about the houserules on this Forum.
So put me for a while in the Chest,but please not to long.
-
I know that it was your duty to post the info at COMODO forums, but the info was a personal message, and I had a not quite pleasant conversation with Paul recently. ;) Please ask the person who posted an info like that, before republishing it. :) Thank you. :)
P.S. I am also not correct in this case, but you know what personal message is. :)
Sorry. I thought that posting here (in Internet after all) it won't be a problem to post there.
Well, maybe Paul could post there and here too and solve our doubts.
I'm not arguing or trying to blame against Paul - I don't know who he is... - but just trying to find the truth about Comodo security.
Anyway, sorry for the problems I've brought to you, for sure, it was not my intention.
-
Sorry Tech,you are correct in this case.
But i have a lot to learn about the houserules on this Forum.
So put me for a while in the Chest,but please not to long.
Cactus, I never intended to be rude or to blame against you.
I hope you understand. You'll always be welcome, we're always and contantly learning 8)
-
2 Tech:
If you want evidence, I will tell you how to reproduce the behavior:
http://download.drweb.com/drweb+cureit/
The download link is down the page.
After clean install, or if you are still using the default rules, first set your Network Monitor rule TCP/UDP Out Any to LOG and you will see the problem: all you get is an alert for remote port 21, but not for the remote (destination) 64000-65535 range. I don't think a detailed analysis is necessary here: the logs will speak for themselves. The high remote port range is silently allowed without any alert popping up. COMODO does not warn, even though I set it to 'Very High Security'. I don't think I'll have to give anybody a detailed analysis of the implications remote port redirecting tricks might have.
P.S.:Nothing on my computer is trusted, so the "Don't check certified application-stuff" was DISABLED.
I'm not talking about MY ports. They are all closed even without firewall. No problem here. The allowed local (source) port range is 1024-4999. It's DrWeb's ports 64000-65535 I'm connecting to WITHOUT WARNING FROM COMODO. Now with firewalls like Jetico and Sygate you get a warning whenever your computer tries to connect to a remote (destination) port THAT HAS NOT YET BEEN DEFINED BY THE USER.
On the Application Level (Layer 7) Firefox (my default browser) has the following rules:
1. Firefox.exe
Destination: 127.0.01
Port: 1024-4999
Protocol: TCP In/Out
Allow
2. Firefox.exe
Destination: RANGE: xx.xxx.1.1 – xx.xxx.1.2 (my 2 DNS servers)
Port: 53
Protocol: UPD Out
Allow
(Local Ports were restricted by the Netmonitor rules to 1024-4999)
3. Firefox.exe
Destination: [Any]
Port: 80,90,443
Protocol: TCP Out
Allow
(Local Ports were restricted by the Netmonitor rules to 1024-4999)
When you go to that site and you start the download, you get a warning from COMODO about Firefox connecting to remote port 21 (which you allow) and the download starts, although it SHOULDN'T start before you allowed one of the random remote ports between 64000-65535.
Paul Wynant
Moscow, Russia
-
When you go to that site and you start the download, you get a warning from COMODO about Firefox connecting to remote port 21 (which you allow) and the download starts, although it SHOULDN'T start before you allowed one of the random remote ports between 64000-65535.
Thanks Paul.
As I've posted in Comodo forum, http://forums.comodo.com/index.php/topic,3687.msg27931.html#msg27931, I'm not a firewall expert.
I need the Comodo programmers to help me (and you, and all other users).
As you say, seems a problem (hole) in Comodo protection. :-\ :'(
-
Has anyone tried the zone alarm firewall? I have used it before and thought it was very good, it does use a lot of cpu usage... but what do you guys think..???
-
Has anyone tried the zone alarm firewall? I have used it before and thought it was very good, it does use a lot of cpu usage... but what do you guys think..???
It's a good firewall. Anyway, a lot of security tests does not give it a very good rate.
Please check:
http://forum.avast.com/index.php?topic=22742.0;topicseen
http://www.firewallleaktester.com/tests.php
http://www.thefreecountry.com/security/firewalls.shtml
-
Has anyone tried the zone alarm firewall? I have used it before and thought it was very good, it does use a lot of cpu usage... but what do you guys think..???
It's a good firewall. Anyway, a lot of security tests does not give it a very good rate.
Please check:
http://forum.avast.com/index.php?topic=22742.0;topicseen
http://www.firewallleaktester.com/tests.php
http://www.thefreecountry.com/security/firewalls.shtml
Look i know a Computer Freak whit experions from here to Tokyo,and he write
on his website.Free Firewalls.1Sygate.2KerioFirewall.3ZoneAlarm.
And i have try this Firewalls,and i found that Sygate use much CPU. but is working
better than the Firewalls off Symantec.but there are the problem.
Symantec do anything to destroyed the Sygate.Only for sales reasen of Symantec
products.(YouKnow that Symantec Sygate buying ayear a go)
Than the kerio is a fine and good to understanding Firewall,and olso in the Free version.
So far so good,but The free ZoneAlarm is Firewall whit no good results in tests,
and in use is it a dissaster,everytime a Yellow card for jour face,every time asking what
to do whit this IPnumber.No i am not a fan of Zonealarm,But it seems that the
Proversion is very good.
Then the Leaktest,I believe that the reallity of the Best Firewalls in this test
nothing say about "What IS REALLY THE BEST FIREWALL IN PRACTICE".
And you must not forget that your Mousefinger the best Firewall is.
-
ZoneAlarm (FREE) and avast! make a great combination. :) IMHO
-
so some reccomend zone alrm and some hate it.. i can deal with the annyoing pop up alrms, but besides that is the free version that bad??? I am looking to get a good free firewall thats why i ask. i liked zone alarm because i thought it would prtect me wel.. but if not i will go with another... (guess besides commodor..) i was going to get that untill the loop hole...
-
i can deal with the annyoing pop up alrms
The "pop up" is there to ask if it's OK to allow a program to be used and/or access the internet.
You make the decision and check the 'remember' box so you don't get asked again.
You only get asked again for the same program when it's version changes due to an update of the program.
-
Steroids, what Bob said is truth for almost all firewalls... the popup could be once for each program...
The "pop up" is there to ask if it's OK to allow a program to be used and/or access the internet.
You make the decision and check the 'remember' box so you don't get asked again.
You only get asked again for the same program when it's version changes due to an update of the program.
-
To day did i a visit to the Windows marketplace.
And one of the best Firewalls Jetico is from there to download.
But Jetico got 3 stars from the experts,and from the users between 3 and 5.
The comment on Jetico where that this Firewall is short off memory.
So after install,then Jetico ask Allow? and so you setup this firewall.
But after a month or so,then he ask again.
I say this bevore that the Best in a Leaktest ,not the best is in practice.
I say not that Jetico a bad Firewall is,becourse i have Jetico never use.
But if you read all the revieus about this Firewall ,then i think he is not
so good as COMODO or Kerio or Sygate.
-
But Jetico got 3 stars from the experts
Of all the firewall programs that I've tested, Jetico was the only one
to totally crash my system.
The only recovery for me was from an image. Needles to say, that's one FW I'll
not try again for a while. :'(
-
As a back up computer I have one with Windows 98 second Edition. It was just a game machine. I have put it on the Internet in the past few days. Didn't have anything for protection. One of the things I tried was the free version of Jetico version 1.0 etc. This version is good with Windows 98. Boy, was I surprised later. Nothing but pop ups asking for permission or denials of different pages I went to. Sometimes there was 5 to 6 popups per new or previous pages.
I got tired of the darned things, got rid of Jetico and finally went with the free version of Outpost Firewall. Seems to be working fine for me on this machine. :)