Personally I like ZoneAlarm.
I mostly use it for the program control (it controls outgoing connections, not just incoming).
And something most people aren't aware of (and complain about) is the game mode, which will automatically allow or deny outgoing connections, so you don't get popups mid-game.
Is there a good free firewall programme anyone can recommend
If you want a firewall that's both good and free, your best bet is to install Linux.
As far as free firewalls for Windows go though, it's just varying degrees of leakiness. Zone Alarm and Comodo are better than nothing, and turning the built in firewall on is better than leaving it off, but that's about as good as it gets.
I use Sunbelt Kerio Personal Firewall. It's pretty easy to use and set-up most of the time and it's free (the first 30days you have the premium version for free, then it's the basic one)
You have to turn off some annoying things (like pop-up blocker and ad-blocker + allow the server tracing (I couldn't access the RZX Archive with disabled tracking)
Obtain an old PC, with two network cards, and use OpenBSD. OpenBSD has probably the best firewall you can get at any sane price (OpenBSD in many respects is better than things like CheckPoint, which is rental software renting for sometimes many thousands of pounds a year).
It doesn't have a point and click interface though.
I've sygate, ZoneAlarm and Comodo over the years. sygate doesn't exist anymore. I found ZoneAlarm to be annoying at times, and so have stuck with Comodo for the past year or so. So far so good.
I also used to use Sygate and had a good experience with that one.
I'm now using the "built-in" firewall in XP (the one in "Windows Security Center" but I've never had anything popping up saying that something has been denied or allowed ... is that good? I mean it's ON, and I have a couple of things in the Exceptions tab (like my dial-up prog) but it's never bothered me by saying anything about my Internet travels.
Should I be concerned? I almost miss the little pop-up thingy in Sygate telling me that this-or-that is happening/not happening. Maybe I am just lucky by not treading where Internet-malice lurks.
I'm now using the "built-in" firewall in XP (the one in "Windows Security Center" but I've never had anything popping up saying that something has been denied or allowed ... is that good? I mean it's ON, and I have a couple of things in the Exceptions tab (like my dial-up prog) but it's never bothered me by saying anything about my Internet travels.
That's what it's supposed to do. Windows Firewall is deliberately designed to be as unobtrusive as possible. The likes of Sygate and Zonealarm, in contrast, are designed to constantly remind you that you've been "protected from a threat" to ensure you keep coughing up for the new versions the release.
Is there actually anything wrong with the firewall provided "free" in XP SP2? I've been using it for a while now, and along with XP SP2 firewall and AVG free, I've never had any problems that I know of.
re: hardware firewall... Me too. I recommend that route to everyone as it's the simplest and most effective.
I would do that but I like the program-control of things like Zonealarm. They allow me to stop a program from getting onto the internet - like additional protection from some malware (if anything tries to access the 'net, zonealarm lets me know unless I've told it not to).
Is there actually anything wrong with the firewall provided "free" in XP SP2? I've been using it for a while now, and along with XP SP2 firewall and AVG free, I've never had any problems that I know of.
same here death. with the SP2 firewall, and the firewall on the router, I haven't had any trouble at all. I like the SP2 firewall (much as I hate to admit liking a M$ product) it gives you the power to configure it fully, without lots of silly meaningless menus and pictures. I used to swear by zonealarm, but it's just got bigger and clunkier and insists you upgrade every 5 minutes
That's what it's supposed to do. Windows Firewall is deliberately designed to be as unobtrusive as possible. The likes of Sygate and Zonealarm, in contrast, are designed to constantly remind you that you've been "protected from a threat" to ensure you keep coughing up for the new versions the release.
The firewall that comes with XP and above (and HW routers), only block incoming traffic. Anything can send packets from a WF only protected box.
3rd party Windows FWs also block outbound traffic (on a file by file basis - including after upgrading a file - as the file has changed).
The messages that pop up when using SW firewalls on windows boxes can be turned on and off at will or "trained".
You have to turn off some annoying things (like pop-up blocker and ad-blocker + allow the server tracing (I couldn't access the RZX Archive with disabled tracking)
FWIW it looks like Daren's fixed the links on the RZX Archive that required referer headers to be sent, so you can turn that option back on in your firewall if you're feeling suitably paranoid...
The firewall that comes with XP and above (and HW routers), only block incoming traffic. Anything can send packets from a WF only protected box.
Anything can send packets from a Zonealarm/Sygate protected box. Without the capability of Mandatory Access Control (introduced in Vista) it's not possible to actually provide outbound firewall protection. Anything you can do, a malicious app can do on your behalf.
'course they don't like you to mention that too loudly.
On my home network in the UK (all my work stuff so more important) I run a 3 network card Smoothwall setup, internal network, external network and DMZ.
My laptop defaults to zonealarm if it isn't connected to the home network.
In Malta we run zonealarm on all the machines and that then goes through the ADSL router firewall.
Probably overkill but it works well and I can still run my Slingbox with no problems at all.
If you have a home network smoothwall works very well and is an excellent use of an old machine.
I was going to use the firewall that actually came with my motherboard drivers, an Nvidia one i think but i found it hard to set it up to allow utorrent to work, are these firewalls that are connected with specific hardware ( such as the netgear one ) a safer option ?
On a related subject, what the fsck were they thinking when they made uPNP? Were they thinking of making it nice and easy to allow trojan writers to pwn your network or something?
On a related subject, what the fsck were they thinking when they made uPNP? Were they thinking of making it nice and easy to allow trojan writers to pwn your network or something?
This is true, but there is the magical "off" option to stop it from working ;)
Comments
www.uncle-bobs-old-fashioned-fire-walls.com
its a great free service, but clicking on the link will download dozens of viruses onto your computer.
I mostly use it for the program control (it controls outgoing connections, not just incoming).
And something most people aren't aware of (and complain about) is the game mode, which will automatically allow or deny outgoing connections, so you don't get popups mid-game.
Nice, IMO.
If you want a firewall that's both good and free, your best bet is to install Linux.
As far as free firewalls for Windows go though, it's just varying degrees of leakiness. Zone Alarm and Comodo are better than nothing, and turning the built in firewall on is better than leaving it off, but that's about as good as it gets.
You have to turn off some annoying things (like pop-up blocker and ad-blocker + allow the server tracing (I couldn't access the RZX Archive with disabled tracking)
It doesn't have a point and click interface though.
Bytes:Chuntey - Spectrum tech blog.
I'm now using the "built-in" firewall in XP (the one in "Windows Security Center" but I've never had anything popping up saying that something has been denied or allowed ... is that good? I mean it's ON, and I have a couple of things in the Exceptions tab (like my dial-up prog) but it's never bothered me by saying anything about my Internet travels.
Should I be concerned? I almost miss the little pop-up thingy in Sygate telling me that this-or-that is happening/not happening. Maybe I am just lucky by not treading where Internet-malice lurks.
Concerned
:-?
That's what it's supposed to do. Windows Firewall is deliberately designed to be as unobtrusive as possible. The likes of Sygate and Zonealarm, in contrast, are designed to constantly remind you that you've been "protected from a threat" to ensure you keep coughing up for the new versions the release.
Me too. I recommend that route to everyone as it's the simplest and most effective.
Or stick a copy of smoothwall on the olde worlde PC:)
[panto]
Oh yes it does:D
[/panto]
It's just no longer supported since Symantec bought it:(.
The firewall that comes with XP and above (and HW routers), only block incoming traffic. Anything can send packets from a WF only protected box.
3rd party Windows FWs also block outbound traffic (on a file by file basis - including after upgrading a file - as the file has changed).
The messages that pop up when using SW firewalls on windows boxes can be turned on and off at will or "trained".
Yep. There is (see my post above).
There are many advantages to use a SW firewall on a net facing Windows box.
@ swordheart:
For the Windows 98 boxes here, we use ZoneAlarm, Windows 2k/XP are using Comodo.
Since swapping from cable to ADSL I'm using a Zygate router with built in firewall and it seems to be working just dandy.
On PC that may be plugged in without a seperate firewall I use ZoneAlarm - again without bother (and it's free).
The big problem I see with the Windows Firewall is that it is a big target for hackers looking for exploits.
FWIW it looks like Daren's fixed the links on the RZX Archive that required referer headers to be sent, so you can turn that option back on in your firewall if you're feeling suitably paranoid...
Anything can send packets from a Zonealarm/Sygate protected box. Without the capability of Mandatory Access Control (introduced in Vista) it's not possible to actually provide outbound firewall protection. Anything you can do, a malicious app can do on your behalf.
'course they don't like you to mention that too loudly.
It manages to block IE. Which is good enough for me:D.
My laptop defaults to zonealarm if it isn't connected to the home network.
In Malta we run zonealarm on all the machines and that then goes through the ADSL router firewall.
Probably overkill but it works well and I can still run my Slingbox with no problems at all.
If you have a home network smoothwall works very well and is an excellent use of an old machine.
I've get a Netgear DG834GT which came free with my sky broadband, i believe it has a firewall, but how do I set it up?
Google is your friend. Follow the link and look at the support section, where you can download the reference manual.
This is true, but there is the magical "off" option to stop it from working ;)