replacement firewalls

stevel227

stevel227

Joined
Dec 28, 2006
Messages
23
Reaction score
0
I followed a suggestion I think I saw on PCReview to replace my Windows XP firewall with the free Zone Alarm one. It works ok, but I have had to do a fair amount of tweaking to make it allow me access for my normal things. Now I read elsewhere in PCR a note that Comodo is a "better" firewall than ZA. I know part of it is personal taste, but what do the great PCR thinkers really think about firewalls? Which one(s) provide the best protection with the least amount of hassle? I'd rather get it free, of course, but am willing to pay to protect.
 
all cheap/free software firewalls provide the same protection. by default they'll let all outbound traffic out and only inbound traffic that is responding to outbound traffic in. if you need more advanced security/features like SPI etc. then buy a hardware firewall.

If i were you i'd use XP's built in firewall, does the same job as ZA etc.
 
Techy said:
all cheap/free software firewalls provide the same protection. by default they'll let all outbound traffic out and only inbound traffic that is responding to outbound traffic in. if you need more advanced security/features like SPI etc. then buy a hardware firewall.

If i were you i'd use XP's built in firewall, does the same job as ZA etc.
Click to expand...

Actually, by default, software firewalls block everything and you have to force it to let traffic out. This is why XP's firewall is junk, it does not have the ability to block outbound traffic.

If you get infected without knowing (and yes, it can and does happen to many people) XP's firewall (or a hardware firewall for that matter) will let it "phone home" at will whereas a software firewall will prompt you that something is trying to access the internet.

A hardware firewall is really a software firewall running on a dedicated piece of hardware or specialized device (router). It can provide a strong degree of protection from most forms of attacks coming from the outside (incoming traffic). Hardware firewalls are easy to configure and they can protect every machine on a local network. A hardware firewall typically uses packet filtering to examine the header of a packet to determine its source and destination addresses. This information is compared to a set of predefined or user-created rules that determine whether the packet is allowed (forwarded) or denied (dropped) on particular ports. They tend to treat any kind of traffic traveling from the local network out to the Internet as safe which can be a security risk.

With a software firewall you can specify which applications are allowed to communicate (outgoing traffic) over the Internet from your computer. Programs that are not explicitly allowed to do so are either blocked or else the user is prompted for confirmation before the traffic is allowed to pass. Software firewalls generally offer the best measure of protection against Trojans and worms but they are harder to configure and must share resources with other running processes which can decrease system performance. You can use a hardware firewall (your router) and a software firewall (Kerio or ZoneAlarm) in conjunction.

Some other good, free firewalls:

Jetico (a chore settingit up but works well when it is set up)
http://www.jetico.com/index.htm#/jpfirewall.htm

Outpost
http://www.agnitum.com/products/outpostfree/index.php

Sunbelt-Kerio
http://www.sunbelt-software.com/Kerio.cfm
 
Back
Top