# The Best Firewall



## Sher1ock19 (Feb 22, 2007)

I am looking for the best free firewall besides Zone Alarm please inform me and if you have a guide on how to use it correctly that would be nice also thank you in advance


----------



## koala (Mar 27, 2005)

I recently switched from Zone Alarm Pro to *Comodo* after reading reviews and test results.

Check the FAQ and Support pages on their website. It's not really any different to use than the other firewalls, basically block what you don't want and allow what you do.


----------



## Sher1ock19 (Feb 22, 2007)

yea ill take a peek thanks... also if anyone else wants to post their favorites


----------



## SpySentinel (May 30, 2006)

Comodo Firewall Pro (It is FREE) is very good. I use it myself. Another good one is Sunbelt Kerio Personal Firewall found at www.Sunbelt-Software.com


----------



## cjessee (Aug 22, 2005)

Hmmm... I believe a firewall does not belong on the end user's PC. I would invest in a router which is its own natural firewall because of NAT. 

Just my opinion.

60 bucks for the router... never having to renew a subscription..... priceless..


----------



## Cellus (Aug 31, 2006)

cjessee said:


> Hmmm... I believe a firewall does not belong on the end user's PC. I would invest in a router which is its own natural firewall because of NAT.
> 
> Just my opinion.
> 
> 60 bucks for the router... never having to renew a subscription..... priceless..


There is a big enough difference between the two kinds to warrant having a software firewall.

Hardware firewalls (such as the basic ones on routers, or firewall appliances) help block on a networking level, while Personal Firewalls (software firewalls) also block on an application level. Personal Firewalls give the added bonus of application access control - to control what applications can access the Internet or act as a server. Some hardware firewalls can block outgoing traffic to a limited extent (port-based blocking, perhaps even a touch of keyword blocking for www) however not nearly to the degree as Personal Firewalls.

NAT helps protect against attacks originating outside of your network but not really the other way around. If a user's system is already compromised, say from a trojan horse, then stopping it from phoning home becomes very difficult. Personal Firewalls give you a chance as, if you have a decent one, many attempts to phone home (by itself or masquerading as a legitimate program) can be detected. This of course requires interaction from the user, as the user ultimately must make a choice as to whether or not a particular program can access the Internet.

Whether or not you want that extra interaction, the greater granularity of control, is up to you. Considering many decent Personal Firewalls are cheap or even free, it's hard to speak of prices being a major factor.


----------



## sultan_emerr (Dec 4, 2005)

http://www.pctools.com/firewall = Windows XP, 2000 - Freeware


----------



## Sher1ock19 (Feb 22, 2007)

well i tried out comodo firewall and it is a very nice firewall...ill stick with it untill i have any issues thanks guys


----------



## cjessee (Aug 22, 2005)

Cellus said:


> Whether or not you want that extra interaction, the greater granularity of control, is up to you. Considering many decent Personal Firewalls are cheap or even free, it's hard to speak of prices being a major factor.


However, many personal firewalls gobble up (for some people) very limited system resources in order to run.


----------



## Squashman (Apr 14, 2005)

R-Firewall
http://www.r-firewall.com/

Or my favorite and not for the average user.
http://homepages.wmich.edu/~mchugha/w2kfirewall.htm


----------



## wally246 (Aug 4, 2006)

koala said:


> I recently switched from Zone Alarm Pro to *Comodo* after reading reviews and test results.
> 
> Check the FAQ and Support pages on their website. It's not really any different to use than the other firewalls, basically block what you don't want and allow what you do.


Comodo has been working for me for about six months now. A couple of minor issues early, but easily resolved through their forum.


----------



## smz (Mar 12, 2007)

Here's one for you.

How is my Linksys WRT54G Router going to help me when I'm logged in through a public VPN for secure internet access? Anyone? Anyone?

You should see the log that a software firewall produces when logged on through a non nat'd VPN. Don't believe me, get a free account at www.secureix.com and use their Non Nat'd VPN solution and tell me how well your router protects you.

WOW, I am amazed at this post. Granted I would never hookup a connection without a hardware firewall, but how is that going to help you if some mysterious unknown spyware app starts phoning home with you real IP address? Without some sort of software protection, how is the router going to help that?

I'm finished ranting now.



cjessee said:


> Hmmm... I believe a firewall does not belong on the end user's PC. I would invest in a router which is its own natural firewall because of NAT.
> 
> Just my opinion.
> 
> 60 bucks for the router... never having to renew a subscription..... priceless..


----------



## baker421 (Jan 3, 2007)

My $.02 - 

I think everyone is right because each has a different level of expertise. The folks who post on this forum are by nature pretty darned advanced and pretty darned smart.

But what about the average duffer who doesn't give a hoot about learning firewalls? I think it's teach them some about spoofing and phishing etc, show them some malware tools, and get them a router.

For those of us who can't get enough of tech, then a firewall is a great challenge and tool.

By accident I happen to be an MCP in ISA server. It was the only elective offered when I was studying on the mcsa track so I took it. Now, ISA server is some kind of a firewall, but it costs about three grand if you figure you need a server with server 2003 plus the ISA server application out in a DMZ. (Or rather creating a DMZ.) (Smoothwall is a free alternative (except for the hardware) but I argue that it isn't nearly as configurable to the same level of granularity.)

So just for the heck of it and to stay current I have a dmz with 2 isa servers.

But, when the average user asks, I tell them to just get a router and be careful what they click on. Run some malware tools. They'll be fine unless they screw up. IMHO they are a lot more likely to screw up a software or configurable hardware firewall anyway.

Cheers,

JB


----------



## grog45 (Mar 17, 2007)

I really like the Comodo Firewall except for one thing. I can no longer play Online games like Sacred. When I use to use the Zone Alarm Or Sunbelt Keiro firewalls I had no problem at all. It would ask me the first time I tried then after that everything was fine. The Comodo firewall doesn't do that. I just doesn't let me connect, I had to stop using the Zone Alarm firewall because it was bogging down my computer and I just recently stop using the Keiro firewall because the last update caused me problems. I hate to have to stop using the Comodo Firewall because I can't play online games. There probally is a way to configure it to but its probally too complicated for me to understand.


----------



## smz (Mar 12, 2007)

You know I was thinking for something like you are describing, the trusted zone of a firewall should be used. Some allow applications to be trusted without alert and also ip/domain names that also are 100% trusted.

I have never fiddled with Comodo but perhaps if it doesn't have one, you could create a global rule and move it to the top so it takes top priority allowing communication with whatever server you connect to. You should be able to find out the name by looking in your firewall logs under blocked communication. If logging is not enabled, then turn it on and try the online game again. That could then get you the address.

Some firewalls, Norton in particular from 2006 and earlier also have site controls for each domain. This can be a real ******* if the site you are connecting to is looking for access to certain information. In Norton, the user and global settings consist of: Browser Information/User Agent (IE, Firefox, etc), Referrer (where you linked from if applicable), Animated Images Toggle off or on, JavaScript Toggle off or on, and Flash Content Toggle, off and on. In the user settings, the following have the option of a wizard popping up to ask whether permission is allowed. 1) Cookies, 2) Java Applets 3) Active X
4) Pop Up Windows (I don't think a wizard controls this)

A few things to look for as I thought I read something about site filtering
in the description of that firewall.



grog45 said:


> I really like the Comodo Firewall except for one thing. I can no longer play Online games like Sacred. When I use to use the Zone Alarm Or Sunbelt Kerio firewalls I had no problem at all. It would ask me the first time I tried then after that everything was fine. The Comodo firewall doesn't do that. I just doesn't let me connect, I had to stop using the Zone Alarm firewall because it was bogging down my computer and I just recently stop using the Kerio firewall because the last update caused me problems. I hate to have to stop using the Comodo Firewall because I can't play online games. There probably is a way to configure it to but its probably too complicated for me to understand.


----------



## grog45 (Mar 17, 2007)

Thanks for the info!!!! Its sounds a bit to complicated to figure this out.
I downloaded the manual for this program and created first a Network Control Rule than I tried creating an Application Control Rule but no matter what I tried I keep getting a "Game Server Init Failure" message. Either I'm not going to get this configured, I have to switch back to the Keiro firewall or the server for the game is down.


----------



## smz (Mar 12, 2007)

Before doing anything drastic. I apologize for not brushing up and reading every post in this thread in case this was suggest, but have you tried a full disabled of the firewall application and service?

when I say service, that is in edition to disabling it in the system tray, it is part of administrative tools and under services... even though you turn things off in the tray, the system services alot of times will still run. also check to make sure the windows firewall and your firewall are not running simultaneously.



grog45 said:


> Thanks for the info!!!! Its sounds a bit to complicated to figure this out.
> I downloaded the manual for this program and created first a Network Control Rule than I tried creating an Application Control Rule but no matter what I tried I keep getting a "Game Server Init Failure" message. Either I'm not going to get this configured, I have to switch back to the Keiro firewall or the server for the game is down.


----------



## grog45 (Mar 17, 2007)

I shutdown the firewall completely and it still does the same thing. Someone at the Sacred Game Forum site said the server wasn't down. I think I may have to reinstall the game. Thanks for the reply!!!! I've spent at least 4 hours trying to get this to work and it was just wasted time.


----------



## grog45 (Mar 17, 2007)

I got it to work!!!! I first uninstalled Comodo firewall and installed the Keiro firewall. I still had the same problem so I removed that firewall and reinstalled the Comodo firewall. The only thing that I changed was when the program was installing I choose the basic(recommended mode) instead of the advanced one and when I went to run the game the Comodo firewall asked permission to do this and when I said yes it worked. Its really funny that it didn't ask me this in the advanced mode and when I tried to manually create a Application Control Rule that didn't work. Oh well, at least it works now!!!! Thanks for your replies!!!!!


----------



## smz (Mar 12, 2007)

Glad you could piece together the advice given here to get it to work. That's always great to hear. Ya, some firewalls are locked down in advanced mode. The interactive modes are sometimes better for the user. It really depends on the firewall. Norton likes to make the rules for you. However a program like Kerio Winroute, it's hardcoded. If you don't give it permission, the default is BLOCK.

Take Care.



grog45 said:


> I got it to work!!!! I first uninstalled Comodo firewall and installed the Keiro firewall. I still had the same problem so I removed that firewall and reinstalled the Comodo firewall. The only thing that I changed was when the program was installing I choose the basic(recommended mode) instead of the advanced one and when I went to run the game the Comodo firewall asked permission to do this and when I said yes it worked. Its really funny that it didn't ask me this in the advanced mode and when I tried to manually create a Application Control Rule that didn't work. Oh well, at least it works now!!!! Thanks for your replies!!!!!


----------

