I need a new software firewall... Zone Alarm didn't cut it... it blew and pissed me off and now I've had it with Outpost Firewall Pro.. its a piece of **** that is impossible to configure correctly.

It's hard to find a good one these days. They all seem to be bloated with features I don't need or want.

I'm interested in a light-weight software firewall that does network and application filtering and that's it. Not Antivirus, Antispyware, Web and cookie filter, popup blocker, and all this other stuff built in.. I already have a favorite antivirus, and being that I use Opera web browser, I really have no need for an anti-malware product (even though I do run AVG anti-spyware every now and then, it never finds anything).

I run Opera as well... I use NOD32 for Anti Virus... I think I am going to load Black Ice and see how that works.

Nod32 user here as well.

AFAIK BlackIce is only an incoming firewall. It does not block outgoing connections. Pretty much like Windows firewall except it logs more :/

A firewall that doesn't block outgoing connections can still leave you vulnerable.

Not only that, last time I installed it I got a BSOD..

aahh... grreaatt... what to use then:lol:

What kind of trouble did you have with ZA? Just curious, I just upped to ZA 7 for $20, pretty content with it. It loads a heck of a lot faster than ver. 6, plus has AV built in and is easy enough for even me to configure. :)

it was too bloated.. I needed ICS and ZA blocked it no matter what. I switched to outpost because it worked for what I needed and it loaded very fast.. didn't use many resources but it blocks everything... even what I need when I configure it not to:lol:

I know what you mean.

ZA would not allow me to have network connections in VMWare. I had to lower the Internet Zone defenses to Medium, which means I still needed to run Windows firewall in the background to block open ports..

I filed a report to them, but according to posts I've read, this issue has been around for quite some time. I doubt they'll do anything about it now..

ZA worked for you on medium settings?!? I lowered mines all the way and still nothing:lol:

Yes, but the default setting in VMWare uses ethernet bridging, not ICS.

I thought ZA had a setting which allowed ICS, in advanced firewall options? No?

doesn't work. Look up the subject around various forums and you'll see that if you try to enable it ZA just gets pissed off.

D'oh!

Why not just get a router or a router with a firewall? (not sure what the difference is really)

Why not just get a router or a router with a firewall? (not sure what the difference is really)

+1

No need to have additional software when your router does it.

-LORD-eX-Bu']I need a new software firewall... Zone Alarm didn't cut it... it blew and pissed me off and now I've had it with Outpost Firewall Pro.. its a piece of **** that is impossible to configure correctly.
is this becuase you need it for school?...if so i would go with a hardware pcmcia card firewall.

like this one...
http://www.gcn.com/print/21_34/20631-1.html

+1

No need to have additional software when your router does it.


Too true,and a router is cheap nowdays...and has been said a billion times it makes it so you dont have to have extra softweare installed... I love my router (xmasgrin)

heck I have no problem going with a router... any that you guys would suggest?

-LORD-eX-Bu']heck I have no problem going with a router... any that you guys would suggest?

Depends on what you're doing. I got a D-Link DGL-4300 last year as a birthday gift and have been very happy with it. It's pricey, but it's played nicely with just about everything I've thrown at it, including my Xbox 360, Wii, a couple laptops, and a Windows 98 machine. The only thing that didn't work was a Linksys wireless "gaming" adapter, but that was quickly remedied by switching to a D-Link version of the same thing. For all the features it has, and despite my relative network n00bishness, it was a breeze to configure.

Do you need wireless capability? The DGL-4100 is the same as the 4300 sans wireless. I personally don't recommend Linksys. I've never had really good luck with any of their stuff.

+1

No need to have additional software when your router does it.

So your router does application filtering??

A router (w/NAT) alone is good for blocking incoming threats. But not so good for blocking outgoing threats, like programs that try to phone home through the internet or e-mail.

"Your Internet connection flows both ways . . . so must your security."

http://www.grc.com/lt/leaktest.htm

I can pass the leaktest. Can you?

-LORD-eX-Bu']I need a new software firewall... Zone Alarm didn't cut it... it blew and pissed me off and now I've had it with Outpost Firewall Pro.. its a piece of **** that is impossible to configure correctly.


Software firewalls suck for the most part. To much fiddling with rules, incoming requests, deny, accept, blah, blah, blah.

Get a hardware router/firewall life will be happier and simpler.

So your router does application filtering??

A router (w/NAT) alone is good for blocking incoming threats. But not so good for blocking outgoing threats, like programs that try to phone home through the internet or e-mail.

"Your Internet connection flows both ways . . . so must your security."

http://www.grc.com/lt/leaktest.htm

I can pass the leaktest. Can you?

By application filtering to you mean port blocking?

I know my router has SPI and NAT...

By application filtering to you mean port blocking?

Well, no. Application filtering is more than just port blocking. It blocks an application from getting access to the net period, no matter which port it tries to use.

I know my router has SPI and NAT...


That may be true, but the fact still remains. SPI and NAT won't protect you from outgoing threats (i.e. program on your machine sending out your keystrokes or online banking passwords, etc.)... just incoming threats. SPI is virtually useless on soho routers (btw soho = small office/home office), as it eats up valuable resources which are already in short supply.

So rewt, you're advocating the use of a software firewall?

Any recommendations? I got Norton IS 2007 and installed it on 2 machines, but not my own - I have one licence left if need be. I'm using Sygate's now defunct personal firewall pro (or somesuch), and want to switch to something that's:

a. Effective.
b. Not bloaty.

b rules out ZA (which I hated) and Norton. It's a damn shame that Sygate got bought out, because it has been a great sw firewall.

Yes, IMO it's just as important to filter outgoing traffic as it is to filter imcoming traffic.

What software firewall you choose will depend on compatibility with other applications that you use frequently, and also personal preference.

I'm currently testing ZA 7.0, with all the extras such as e-mail protection, anti-virus and anti-spyware turned off. The only thing I wanted is inbound and outbound application filtering, and it seems to do that quite well.

I actually leave Windows XP firewall enabled at the same time ZA is running (there is an option in ZA to do so). Having Windows firewall enabled allows me to lower ZA firewall setting to medium. This way I am still protected and able to browse the network from my VMWare virtual machines (where I run domain and e-mail services).

Thanks for the info. I'll see if Norton will let me use the firewall without all the other bloatware. I prefer NOD32 for virus protection.