Solved

"Personal Firewalls", Needs & Comparisons

Posted on 2001-07-16
17
286 Views
Last Modified: 2013-11-16
Well, what you think? Got good plan? Compared any to point of letting others know what may be better or not?

Use one (or more) that seems to lack something you want? What you want?

(like other thread, wanting more personal touch, for personal equipment, for shared collection @EE, potential discussion)
0
Comment
Question by:SunBow
  • 6
  • 3
  • 2
  • +4
17 Comments
 
LVL 1

Expert Comment

by:batkung
ID: 6292142
zone alarm is good, but on my DSL line, it interferes with the login program so I don't use it.

I found an app called Tiny Personal firewall, very good piece of code, in fact it is the only personal firewall to be endorsed by the US Dept of Defence (it's used by the USAF)(www.tinysw.com)

it doesn't bugger up my DSL connection and it's free for personal use!

both these apps stop both inbound AND outbound connections (unlike blackice et al)

hope this helps
0
 
LVL 2

Expert Comment

by:kikkertm
ID: 6318137
Zone alarm, without a doubt..
0
 
LVL 1

Expert Comment

by:JconleyMCSE
ID: 6324222
Agreed, Zone Alarm.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Expert Comment

by:Brazilian
ID: 6440754
Why don't you try BlackICe , since it was acquired byu ISS , it might become much better.
http://www.networkice.com
0
 

Expert Comment

by:Brazilian
ID: 6440862
Why don't you try BlackICe , since it was acquired byu ISS , it might become much better.
http://www.networkice.com
0
 
LVL 4

Expert Comment

by:anzen
ID: 6457212
I agree about Tiny personal FW, but I like the sygate pfw too, its latest incarnation has lots of features and I think it works really well.

(Whithout saying You can integrate it in a bigger security system)

0
 
LVL 24

Author Comment

by:SunBow
ID: 6459168
FYI, My main intent here being discussion, I did have purposeful neglect, to reduce attempts to please me, myself, due to wanting more on how you each please yourself. Or, how you would like to, if not already. In a discussion form we can each share. (and review later w/o cost of PAQ) I can free up for points for nifty items of mutual interest FWIW.

Yet there goes little discussion above. I had performed some groundwork elsewhere awhile back. Lately just toying with ZoneAlarm freebie, and relevant ambiguities.

When I last reviewed, there were really only two standing out, BlackIce and ZoneAlarm. Sygate seemed to be in 3rd, at least temporarily, and the majors, like Norton & McAfee had bought (buy-out) some decent products, for suite-effect, but prior users claimed result not as good as original product. I did little on Tiny, since there were some real poor reviews on it back when. Any product is vulnerable to that over time, it happened to ZoneLabs and NetICE as well. Perhaps it (Tiny) is different now from what it was (need heed dates of any reviews, hmm?).

For Brazilian, there were two main concerns on BlackIce. One, that as others before it, its level of quality would diminish after the buyout, with new owner having interests opposed to prior userbase who enjoyed it. Two, see batkung early remark on direction of blocking. For anyone unfamiliar with the Defender (myself included), its claim to fame regards outward defense being most hard and cruel and best at forensics.  

What has happened (development since), I dunno. For me, it is complicated enough I thought we needed some design help -- perhaps together we could.

Some tell me they like ZoneAlarm for blocking the outgoing traffic, but it slows down their system too much, so they only use it periodically. Some prefer H/W firewall, but that can be harder yet to maintain.

Some wonder even if products like BlackICE and ZoneAlarm belong in same category of 'personal firewall' due to approach.  Leaves open the question on desire to proxy as well.

Personally, I'd like some more intelligence built in to the blocking pieces. More common language. Some vendors require ports, specified or not, but leave out much on exactly what ports are used for. Then again, I can block all ports and still share files between machines.

My hope remains that we here may continue to share ideas in a thread, w/o overhead of eMail or being on listserver. I have other agenda, so cannot be too attentive at the moment. But I do intend to return to security topics like this.

FYI Some other links I've yet to pursue (forewarning - may have popups or something, as I said, I have yet to pursue or peruse):
http://www.infosecuritymag.com/articles/july01/cover.shtml
http://xmrsmtaiping8286.netfirms.com/aktiviti/what_is_a_hacker.htm
http://members.fortunecity.com/expansion/
0
 
LVL 24

Author Comment

by:SunBow
ID: 6669707
anzen,
On integration, perhaps an elabortion if you would, could be worthy some extra points. I meant for this to be more personal, in sense of configuration, desires, and less of a product popularity poll.

batkung,
The link to tiny did not pan out, appears broken. I remember hearing of them as promising, but a let down. But time has gone by, they've likely improved. I had run across a link to them again somewhere, but lost the time + need to explore. So while I could possibly explore again, rather than losing the time, if you had something personal to contribute, elaborating, that'd be worth something too.

I thought I'd added these and similar comments before, but I must've lost 'em during some of the ups and downs. Sorry about seeming inattentive. But I also am reluctant to 'steer' this towards some popular 'answer', hoping for more personalized contributions, that we can share with each other.
0
 
LVL 4

Accepted Solution

by:
anzen earned 20 total points
ID: 6673175

Well, sincerely this is My personal list; it's order by ease of use:

1) ZoneAlarm
2) Sygate PF
3) Tiny PF

obviously the more powerful (but more difficult to configure) is the Tiny, while ZoneAlarm has a nice interface but lacks lots of functionalities, all in all I feel that the Sygate is a good compromise between ease of use and flexibility; without to say that ZA does NOT work with the Microsoft ICS while Sygate and Tiny do !

In any case if You want to read more details on this kind of questions You could take a look at the NG "security.software" on the GRC news server news://news.grc.com

Regards
0
 
LVL 1

Expert Comment

by:batkung
ID: 6673248
with regards to the URL for TinyPF, it's www.tinysoftware.com

on a side note, I'm glad nobody has mentioned the dreaded norton firewall. As far as I'm concerned this app should not be considered by anyone who cares about their own security. It's had a history of problems, and as with all symantec programs, is bloated to the max with extra bells and whistles that most people just don't need (or want!)...it also stuffs your registry full of refernces to other symantec apps that may not even be installed.

if you hate pop-ups, try POW! from analogx www.analogx.com it's free, very small, and not intrusive. Unlike most other popup killers, you have to tell it when you want it to kill a pop-up, after that it remembers the popup and kills it for you.

Black-ice gives users too much of a false sense of security, and can also be classed as alarmist from some of the "attack descriptions" it gives you.

Tiny does need to be configured properly in order to use it, whereas zonealarm gives you protection straight out of the box. Be aware though, some of the more complex worms and trojans that are floating around on the net these days  have specific routines in them to thwart zonealarm's protection (small price to pay for being one of the most popular personal firewall apps)

The GRC newsgroups are a good place to get more info on the various apps out there, I seem to remember there being  a news group in yahoo groups dedicated to tiny personal firewall too.
0
 
LVL 4

Expert Comment

by:anzen
ID: 6673299
>on a side note, I'm glad nobody has mentioned the dreaded norton firewall

Oh ... so that is a firewall ?? :P

>if you hate pop-ups, try POW...

If You hate popups, or want to take back Your browser use the Proxomitron - more details here: http://proxomitron.org/

>Tiny does need to be configured properly in order to use it, whereas zonealarm gives you protection
straight out of the box

Yep, but ZA isn't that flexible in specifying ports/rules; as I said Tiny is more difficult to configure since if You setup wrong rules You'll end up with a less-than-secure machine; this is why I suggest (for starters) to get the Sygate product, ZA *was* a good product but now has been surpassed by both Sygate and Tiny and their support well ... doesn't exist !!

0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6737426
Any updates here, if more is needed?

Moondancer
Community Support Moderator @ Experts Exchange
0
 
LVL 24

Author Comment

by:SunBow
ID: 6742119
> Any updates here, if more is needed?

yeah, but after all this time it ought to be a new thread

> GRC

I like the site, and actually, My questions here are in part due to that site. I find it difficult to navigate, poorlu maintained, but full of great ideas if you can find them, and highly prejudicial. I remember printing off a bunch of "latest news" on the likes of ZA & BlackIce, and how out of date the site is on what goes on 'today'.  So in part I'd like a pool at EE to make that easier on me, preferring it to be more personal, but also more real than an advertisement or poll.

Over the holidays, I noticed local stores had ZA + BlackIce and others in shrinkwrap, no need to download. But I didn't take time to price them or check version levels, just fyi, the bandwagon seems to continue on them these months later.

To be fair, I'm going to go check other thread first, at first glance this has two main contributors,  batkung  + anzen. But for

> Why don't you try BlackICe , since it was acquired byu ISS , it might become much better.

While this may be true, it does not represent recent history, for the ones that were bought up by Symantec and McAfee, etc., as the prior users reported everything going downhill, hoping someone would come support the older product (not just buy it).
0
 
LVL 24

Author Comment

by:SunBow
ID: 6742124
0
 
LVL 24

Author Comment

by:SunBow
ID: 6742193
comment> My first attempt to "accept comment as answer" just failed.
Will try again.
0
 
LVL 24

Author Comment

by:SunBow
ID: 6742195
I wish we'd have had the time (at least me) to pursue, discussions of tiny and sygate etc can get interesting. For anzen the other comment should be included with this one for answer, as such, doubling the points here (from little 10 to 20).

batkung also, deserving, quite applicable here, I am crediting these comments to the ones in the other link, get your points there. Not much talk here on H/W or OS.

I'd like to pursue some of this at some time down the road when I get time. Or if you get the time, and interest, perhaps something newsworthy, I'll offer the points to get discussion going.  I assume I'll get a notif now (that it works again) for any comments below.

Happy HoliDays! tgif
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6758814
The answer you accepted worked fine, SunBow.

Moondancer
Community Support Moderator @ Experts Exchange
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question