Author Topic: Alternatives to zone-alarm firewall? (not resident)  (Read 11627 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67198
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #15 on: May 28, 2012, 10:31:08 PM »
I use the comodo dragon browser and it has a portable version.so would this constitute being "non resident?"
It's a browser (that could use sandboxed processes) and it is NOT a firewall. All browsers are "on demand". All firewall are "resident".
The best things in life are free.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6701
  • Trust only what you test yourself!
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #16 on: May 29, 2012, 12:06:17 AM »
Private Friewall is not for newbees.
I respectfully disagree. All I did was set all security software to "allow". I will agree that PF can get complicated if a user starts tinkering around with the "advanced" settings. Private Firewall can be as simple or complicated as a user wants to make it.  :)
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 48320
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #17 on: May 29, 2012, 06:29:37 PM »
PC Tools offers no free products anymore except Threatfire which they don't seem to be supporting. No surprise there. You knew that was coming after Symantec bought them.


This looks like it's FREE to me:
http://majorgeeks.com/PC_Tools_Firewall_Plus_d5470.html
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

DonZ63

  • Guest
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #18 on: May 30, 2012, 12:22:52 AM »
Quote
http://majorgeeks.com/PC_Tools_Firewall_Plus_d5470.html
Release date is 5/2011. That is the old firewall and not updateable I assume. All you need is a major OS WIN update and your firewall might very well go caput.

DonZ63

  • Guest
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #19 on: May 30, 2012, 12:41:00 AM »
Quote
I respectfully disagree. All I did was set all security software to "allow". I will agree that PF can get complicated if a user starts tinkering around with the "advanced" settings. Private Firewall can be as simple or complicated as a user wants to make it.
I had a number of issues with the version prior to the current release.

First it would not run with Avast ver 6 on my PC. Next, using a different compatible AV and with training mode turned on, it totally trashed my dual boot configuration. I had to create a DHCP rule to allow my router and stop continuous alerts from it. Then I had to "tweak" application rules for my AV and manually set any Internet facing apps like IE to "untrusted." Finally, I had to change a few firewall rules since the default config was insecure. I can go on but I think you get the picture. Once properly configured, PF did an excellent job.

DonZ63

  • Guest
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #20 on: May 31, 2012, 12:28:55 AM »
There is a current thread over at Wilders Security Forums discussing this same topic. Unfortunately it got a bit off track when the firewall experts chimned in. The OP did post on that thread the PF default rules for system and svchost.exe. I have attached those.

For people not familar with PF, the default settings are high for Internet secuirty and low for network(LAN) settings for the "Home" profile. That is what those "H" and "L" columns correspond to on the attachments pics.

The important point to note is that by default, PF allows file/drive sharing. etc. It also allows PPTP TCP outbound to port 1723 along with some other rule goodies. In contrast, the default WIN 7 firewall setting does not allow file sharing although it does allow remote connections; why I don't know.

I also noticed that the DNS rule is missing in the PF svchost.exe screen shot. I know it existed in my prior PF setup and it did allow inbound UDP to port 53 - go figure.

We all know that the first thing you turn off in any firewall setting is file sharing unless you absolutely need it.

-Edit- I decided to post the link to that Wilder's thread I referred to above: http://www.wilderssecurity.com/showthread.php?s=da5fa5e24de357a21ada2daab2e84a01&t=322044

In it "Stem" a noted web firewall heavy gives an enlighting discussion on what the current status is in retail firewalls as it applies to "statefull inspection." I believe most people assume that with that feature, outbound packets are magically assigned a reference number that is used to id correspending inbound packets. Surprise! Only two known firewalls do; Norton's(limited) and LnL. As he notes with enough effort, most inbound packets can be "spoofed."
« Last Edit: May 31, 2012, 01:22:12 AM by DonZ63 »

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6701
  • Trust only what you test yourself!
Re: Alternatives to zone-alarm firewall? (not resident)
« Reply #21 on: May 31, 2012, 03:37:24 AM »
It seems we have gotten OT. the OP wanted something simple. DonZ63 has brought up tweaking the PF. Which I have to be not needed.
I use the basic settings with no problems. PF has three profiles a user may select; Home, Work or Remote(Public). Let's not confuse the op more than necessary. I think the OP wanted a firewall which is effective and simple to set-up and use. I know the debate on the necessity of HIPs will go on. I like HIPS others don't see a need for them. Let the OP decide.  :)
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.