Firewall advice need please

[cHodAX]

Ok, Zonealarm has pissed me off for the last time, the sheer amount of crashes the TrueVector service was causing finally killed my love for Zonealarm. I have spent a good part of the day looking around for a decent personal software firewall solution and it doesn't seem to be an easy choice to be honest. I have downloaded the free trial of Sunbelt Personal Firewall and it seems pretty decent but a few friends have told me to ditch it and either get Kerio Winroute Firewall or Tiny Personal Firewall. So basically I need some advice on which if any of the above is worth buying, if none then any alternative suggestions would be welcome as well.

Before someone mentions using a hardware firewall I should mention that my ADSL Router has an S.P.I. firewall apparently but I really what some kind of application level software firewall running as well just to be on the safe side. Before I finish I should point out that I use Utorrent P2P software alot so I really need something that works well with Utorrent on both UDP and TCP.

My O/S is XP Pro SP2 32-bit.

Many thanks.

 

[Deebs]

I went thru the whole process about 18 months ago. Call me paranoid but I just cant stomach the thought of being compromised so I have 3 firewalls protecting my home network.

The first is on my cisco router which runs a dynamic firewall feature. 90% of all ports inbound are blocked, and whenever I initiate a connection outbound the Cisco will generate a rule to allow the traffic back in, if the rule is not matched after 2 minutes it is removed.

Next on the list is my linux router/storage box. This runs netfilter and again denys all but allows out.

Now, I also run a wireless network and therefore decided I needed a firewall on my pc holding all my personal data (which is stored in a bestcrypt container). I looked around and decided on Agnitum Outpost firewall.

Version 2.5 of the product was awesome, then 3 came along with bloatware and now we are version 4. Some of the features you can turn off by unloading the "plugin". I find it rock solid, it captures outbound connections from my pc and alerts etc.

 

[cHodAX]

Now, I also run a wireless network and therefore decided I needed a firewall on my pc holding all my personal data (which is stored in a bestcrypt container). I looked around and decided on Agnitum Outpost firewall.

Version 2.5 of the product was awesome, then 3 came along with bloatware and now we are version 4. Some of the features you can turn off by unloading the "plugin". I find it rock solid, it captures outbound connections from my pc and alerts etc.

Thanks for the heads up, I will be looking into Agnitum Outpost Firewall tomorrow.

My main worry is not knowing if my routers firewall is decent or not, the router is just a soho piece of kit and although an S.P.I. firewall is supposed to decent there just isn't enough information on my router to leave me with a feeling of confidence. Zonealarm did a decent enough job for me till about a year ago and I always liked the application alerts system that popped up when something tried to make an outbound connection and didn't have a rule configured for it. It left me feeling in control and the peice of mind that brings. These Truevector service crashes in the newer versions of Zonealarm are a nightmare though, it has often crashed and left my machine without a software firewall for 12+ hours and having a static/fixed i.p. address (as I do) in that situation can lead to real issues. Then about a week ago the damn thing started performing BSOD's and the only way I could isolate the problem was running driver verifier, suprise suprise it was the Truevector service driver that was causing crashes at random. After that there was no way I was going to use Zonealarm again.

I feel the same way as you Deebs when it comes to system protection, I don't like leaving security to in the hands of a sole product anyway and with so many exploits for both hardware and software firewalls it is best to have at least 2 layers of protection.

What suprises me is that there are so few decent software firewalls out there that don't require a ton of configuration and some knowledge of ports/tcp-ip. There is a massive market out there for a good software firewall that is beginner friendly yet functional enough to get the job done, I know McAfee and Symantec have products out but frankly they are absolute crap and so bloated that they bring any half decent system to it's knees after a years use.

Anyway, enough of my moaning for now. Thanks again and anyone else who has advice is more than welcome to chip in!

 

[TdC]

you happy with that UPnP Deebs? mine was weird in my last router and refused to play nice with teamspeak server and my bittorrent client :/

 

[Deebs]

Well it is not exactly UPnP. The firewall is watching traffic and UPnP is ignored.

Read this link: TCPmag.com | Q and A: Reflexive ACLs vs. CBAC

 

[Rebel]

Tiny will annoy the living daylights out of you (it lasted less then 20 mins last time I tried it) comodo is free and has good leak rating but I found it was blocking inbound connections to services I wanted inbound enabled dispite it being configured.

 

[TdC]

Well it is not exactly UPnP. The firewall is watching traffic and UPnP is ignored.

Read this link: TCPmag.com | Q and A: Reflexive ACLs vs. CBAC

cheers. geeky but understandable. ofc, last time I did anything with firewalls you needed inbound and outbound rules for the same data stream, so I'm easily impressed

 

[Jupitus]

I use a software firewall called filescab and I've been happy with that so far...