Solved

"Personal Firewalls", Needs & Comparisons

Posted on 2001-07-16
17
278 Views
Last Modified: 2013-11-16
Well, what you think? Got good plan? Compared any to point of letting others know what may be better or not?

Use one (or more) that seems to lack something you want? What you want?

(like other thread, wanting more personal touch, for personal equipment, for shared collection @EE, potential discussion)
0
Comment
Question by:SunBow
  • 6
  • 3
  • 2
  • +4
17 Comments
 
LVL 1

Expert Comment

by:batkung
Comment Utility
zone alarm is good, but on my DSL line, it interferes with the login program so I don't use it.

I found an app called Tiny Personal firewall, very good piece of code, in fact it is the only personal firewall to be endorsed by the US Dept of Defence (it's used by the USAF)(www.tinysw.com)

it doesn't bugger up my DSL connection and it's free for personal use!

both these apps stop both inbound AND outbound connections (unlike blackice et al)

hope this helps
0
 
LVL 2

Expert Comment

by:kikkertm
Comment Utility
Zone alarm, without a doubt..
0
 
LVL 1

Expert Comment

by:JconleyMCSE
Comment Utility
Agreed, Zone Alarm.
0
 

Expert Comment

by:Brazilian
Comment Utility
Why don't you try BlackICe , since it was acquired byu ISS , it might become much better.
http://www.networkice.com
0
 

Expert Comment

by:Brazilian
Comment Utility
Why don't you try BlackICe , since it was acquired byu ISS , it might become much better.
http://www.networkice.com
0
 
LVL 4

Expert Comment

by:anzen
Comment Utility
I agree about Tiny personal FW, but I like the sygate pfw too, its latest incarnation has lots of features and I think it works really well.

(Whithout saying You can integrate it in a bigger security system)

0
 
LVL 24

Author Comment

by:SunBow
Comment Utility
FYI, My main intent here being discussion, I did have purposeful neglect, to reduce attempts to please me, myself, due to wanting more on how you each please yourself. Or, how you would like to, if not already. In a discussion form we can each share. (and review later w/o cost of PAQ) I can free up for points for nifty items of mutual interest FWIW.

Yet there goes little discussion above. I had performed some groundwork elsewhere awhile back. Lately just toying with ZoneAlarm freebie, and relevant ambiguities.

When I last reviewed, there were really only two standing out, BlackIce and ZoneAlarm. Sygate seemed to be in 3rd, at least temporarily, and the majors, like Norton & McAfee had bought (buy-out) some decent products, for suite-effect, but prior users claimed result not as good as original product. I did little on Tiny, since there were some real poor reviews on it back when. Any product is vulnerable to that over time, it happened to ZoneLabs and NetICE as well. Perhaps it (Tiny) is different now from what it was (need heed dates of any reviews, hmm?).

For Brazilian, there were two main concerns on BlackIce. One, that as others before it, its level of quality would diminish after the buyout, with new owner having interests opposed to prior userbase who enjoyed it. Two, see batkung early remark on direction of blocking. For anyone unfamiliar with the Defender (myself included), its claim to fame regards outward defense being most hard and cruel and best at forensics.  

What has happened (development since), I dunno. For me, it is complicated enough I thought we needed some design help -- perhaps together we could.

Some tell me they like ZoneAlarm for blocking the outgoing traffic, but it slows down their system too much, so they only use it periodically. Some prefer H/W firewall, but that can be harder yet to maintain.

Some wonder even if products like BlackICE and ZoneAlarm belong in same category of 'personal firewall' due to approach.  Leaves open the question on desire to proxy as well.

Personally, I'd like some more intelligence built in to the blocking pieces. More common language. Some vendors require ports, specified or not, but leave out much on exactly what ports are used for. Then again, I can block all ports and still share files between machines.

My hope remains that we here may continue to share ideas in a thread, w/o overhead of eMail or being on listserver. I have other agenda, so cannot be too attentive at the moment. But I do intend to return to security topics like this.

FYI Some other links I've yet to pursue (forewarning - may have popups or something, as I said, I have yet to pursue or peruse):
http://www.infosecuritymag.com/articles/july01/cover.shtml
http://xmrsmtaiping8286.netfirms.com/aktiviti/what_is_a_hacker.htm
http://members.fortunecity.com/expansion/
0
 
LVL 24

Author Comment

by:SunBow
Comment Utility
anzen,
On integration, perhaps an elabortion if you would, could be worthy some extra points. I meant for this to be more personal, in sense of configuration, desires, and less of a product popularity poll.

batkung,
The link to tiny did not pan out, appears broken. I remember hearing of them as promising, but a let down. But time has gone by, they've likely improved. I had run across a link to them again somewhere, but lost the time + need to explore. So while I could possibly explore again, rather than losing the time, if you had something personal to contribute, elaborating, that'd be worth something too.

I thought I'd added these and similar comments before, but I must've lost 'em during some of the ups and downs. Sorry about seeming inattentive. But I also am reluctant to 'steer' this towards some popular 'answer', hoping for more personalized contributions, that we can share with each other.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 4

Accepted Solution

by:
anzen earned 20 total points
Comment Utility

Well, sincerely this is My personal list; it's order by ease of use:

1) ZoneAlarm
2) Sygate PF
3) Tiny PF

obviously the more powerful (but more difficult to configure) is the Tiny, while ZoneAlarm has a nice interface but lacks lots of functionalities, all in all I feel that the Sygate is a good compromise between ease of use and flexibility; without to say that ZA does NOT work with the Microsoft ICS while Sygate and Tiny do !

In any case if You want to read more details on this kind of questions You could take a look at the NG "security.software" on the GRC news server news://news.grc.com

Regards
0
 
LVL 1

Expert Comment

by:batkung
Comment Utility
with regards to the URL for TinyPF, it's www.tinysoftware.com

on a side note, I'm glad nobody has mentioned the dreaded norton firewall. As far as I'm concerned this app should not be considered by anyone who cares about their own security. It's had a history of problems, and as with all symantec programs, is bloated to the max with extra bells and whistles that most people just don't need (or want!)...it also stuffs your registry full of refernces to other symantec apps that may not even be installed.

if you hate pop-ups, try POW! from analogx www.analogx.com it's free, very small, and not intrusive. Unlike most other popup killers, you have to tell it when you want it to kill a pop-up, after that it remembers the popup and kills it for you.

Black-ice gives users too much of a false sense of security, and can also be classed as alarmist from some of the "attack descriptions" it gives you.

Tiny does need to be configured properly in order to use it, whereas zonealarm gives you protection straight out of the box. Be aware though, some of the more complex worms and trojans that are floating around on the net these days  have specific routines in them to thwart zonealarm's protection (small price to pay for being one of the most popular personal firewall apps)

The GRC newsgroups are a good place to get more info on the various apps out there, I seem to remember there being  a news group in yahoo groups dedicated to tiny personal firewall too.
0
 
LVL 4

Expert Comment

by:anzen
Comment Utility
>on a side note, I'm glad nobody has mentioned the dreaded norton firewall

Oh ... so that is a firewall ?? :P

>if you hate pop-ups, try POW...

If You hate popups, or want to take back Your browser use the Proxomitron - more details here: http://proxomitron.org/

>Tiny does need to be configured properly in order to use it, whereas zonealarm gives you protection
straight out of the box

Yep, but ZA isn't that flexible in specifying ports/rules; as I said Tiny is more difficult to configure since if You setup wrong rules You'll end up with a less-than-secure machine; this is why I suggest (for starters) to get the Sygate product, ZA *was* a good product but now has been surpassed by both Sygate and Tiny and their support well ... doesn't exist !!

0
 
LVL 1

Expert Comment

by:Moondancer
Comment Utility
Any updates here, if more is needed?

Moondancer
Community Support Moderator @ Experts Exchange
0
 
LVL 24

Author Comment

by:SunBow
Comment Utility
> Any updates here, if more is needed?

yeah, but after all this time it ought to be a new thread

> GRC

I like the site, and actually, My questions here are in part due to that site. I find it difficult to navigate, poorlu maintained, but full of great ideas if you can find them, and highly prejudicial. I remember printing off a bunch of "latest news" on the likes of ZA & BlackIce, and how out of date the site is on what goes on 'today'.  So in part I'd like a pool at EE to make that easier on me, preferring it to be more personal, but also more real than an advertisement or poll.

Over the holidays, I noticed local stores had ZA + BlackIce and others in shrinkwrap, no need to download. But I didn't take time to price them or check version levels, just fyi, the bandwagon seems to continue on them these months later.

To be fair, I'm going to go check other thread first, at first glance this has two main contributors,  batkung  + anzen. But for

> Why don't you try BlackICe , since it was acquired byu ISS , it might become much better.

While this may be true, it does not represent recent history, for the ones that were bought up by Symantec and McAfee, etc., as the prior users reported everything going downhill, hoping someone would come support the older product (not just buy it).
0
 
LVL 24

Author Comment

by:SunBow
Comment Utility
0
 
LVL 24

Author Comment

by:SunBow
Comment Utility
comment> My first attempt to "accept comment as answer" just failed.
Will try again.
0
 
LVL 24

Author Comment

by:SunBow
Comment Utility
I wish we'd have had the time (at least me) to pursue, discussions of tiny and sygate etc can get interesting. For anzen the other comment should be included with this one for answer, as such, doubling the points here (from little 10 to 20).

batkung also, deserving, quite applicable here, I am crediting these comments to the ones in the other link, get your points there. Not much talk here on H/W or OS.

I'd like to pursue some of this at some time down the road when I get time. Or if you get the time, and interest, perhaps something newsworthy, I'll offer the points to get discussion going.  I assume I'll get a notif now (that it works again) for any comments below.

Happy HoliDays! tgif
0
 
LVL 1

Expert Comment

by:Moondancer
Comment Utility
The answer you accepted worked fine, SunBow.

Moondancer
Community Support Moderator @ Experts Exchange
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now