Free Personal Firewall survey

As someone who often troubleshoots personal PCs with viruses and Trojans galore running around inside, I find Zone Alarm's free firewall to be an OK tool for seeing what is inside that is trying to call home.

One of my clients recently got a hardware firewall and tried to remove the Zone Alarm and had some problems.  I did a search on the internet and found that it is difficult to remove.  I am looking for a firewall that is small and can do the type of thing that I am asking Zone Alarm to do, but without the difficulties in removal.

I will try to award points to all who answer with a unique solution.
LVL 15
WilyGuyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Robing66066Commented:
TCPView is an excellent product for troubleshooting network based virii and trojans.  It isn't a firewall, but is a tool that keeps track of everything the PC is doing and reports it in a nice user interface.

Find it here: http://www.winternals.com/products/repairandrecovery/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TooKoolKrisCommented:
Here are some links to other firewalls besides Zone Alarm. I personally don't recommend software firewalls due to the fact that they register them selves as services on the pc. This can be manipulated by would be trojans and the services shut down. I have seen a couple that specialize in turning Zone Alarm off so while you think you're being protected you actualy not.

The best firewalls are hardware based and work on a packet level. With all this in mind it really boils down to the person configuring the firewall as it is only as good as the configuration on it.

Prevention
http://www.preventon.com/trial.php?product=ppfpro

Norton Personal Firewall
http://www.symantec.com/sabu/nis/npf/

Sygate
http://www.sygate.com/

Kerio
http://www.kerio.com/us/kpf_home.html

McAfee
http://us.mcafee.com/root/package.asp?pkgid=101&

0
chicagoanCommented:
Is Zone Alarm is a virus? It hooks itself into your operating system, causes problem and is difficult to remove.
Oh yeah, you pay for it, that's the differerence.
 

Step 1. The most important step in uninstalling is to make sure that ZoneAlarm and its underlying TrueVector service are not running. If TrueVector is left running, certain files may not be removed or replaced.

To unload the TrueVector Service, go to the Configure panel and uncheck the box labeled: "Load ZoneAlarm at Windows startup" or "Load ZoneAlarm Pro at startup," then reboot..

If this box is grayed out: open the Internet Logs directory (in 95/98/ME this will be "c:\windows\internet logs", in NT and 2000 it will be c:\winnt\internet logs), where you will find a file called "iamdb.rdb" and a file named after your computer with the ".ldb" extension. Delete both of these files.

If you are unable to delete these files: you'll need to boot into Safe Mode in complete the task at hand.

If you are running Windows 95, 98, Me, or 2000, normally either pressing F8 at the beep, or holding the control key during bootup.

If you are running Windows NT and cannot delete these files, you may need to restart your machine from an NTFS boot disk. The following link explains how to create a bootable disk for an NTFS or FAT partition:

http://support.microsoft.com/support/kb/articles/q119/4/67.asp?LN=EN-US&SD=g

If you use the Desk Band feature, this should be disabled before uninstalling or upgrading ZoneAlarm.

To do this, right-click any unused portion of the taskbar at the bottom of the screen, select "Toolbars," and uncheck "ZoneAlarm Desk Band" (or "ZoneAlarm Pro Desk Band")."

- Step 2. REBOOT Windows (very important).

0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

nick_sCommented:
i personally use Kerio personal firewall.

I really like it
0
SunBowCommented:
> I am looking for a firewall that is small and can do the type of thing that I am asking Zone Alarm to do

Have you tried Sygate?  It is close to ZA. Others like Symantec, McAfee, and MicroSoft are different. (and IMO not as good because of that).

> One of my clients recently got a hardware firewall and tried to remove the Zone Alarm

Why?

Answer: Tell client they should keep ZA, and move on to other issues such as upgrading MS S/W again.

Reason: ZA (and Sygate) block outbound traffic as well as inbound. This is closer to firewall (hw) capability than others. If the customer/client has only one PC/client behind HW firewall there's no need for the duplicate. But if you/they have more than one PC, then the HW firewall cannot defend them from each other. That is where the SW firewall can still produce a great benefit, and last I heard, Microsoft itself still recommends SW firewall to supplement the HW one (they'd like you to use theirs, of course).

I agree with anyone/everyone who claims that SW should have an uninstall that completely removes everything (like an undo) or else they risk us also labeling them as having an embedded trojan.
0
SunBowCommented:
also, if you/customer get used to a SW firewall, even BlackICE, you/they may also get used to having their logfile available to help you understand what is accessing what and how, and to have a level of filtering in addition to the ones a typical HW firewall limit you to. For example, rather than completely shutting down a port, you can limit access to the port to a single server, etc.
0
WilyGuyAuthor Commented:
Increasing points to allow a better split.
0
Robing66066Commented:
Thanks for the grade and the points!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.