Searching \ for '[EE]:: Free high quality software firewall.' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=free+high+quality
Search entire site for: ': Free high quality software firewall.'.

Exact match. Not showing close matches.
PICList Thread
'[EE]:: Free high quality software firewall.'
2008\01\03@164418 by Apptech

face
flavicon
face
Said by some (and them) to be the best software firewall
available.
Free for any sort of use forever.
Not a crippled version.
No catches (they say)

       http://www.personalfirewall.comodo.com/

Sounds too good to be true BUT it appears it may be true.

Ask me again when I get back from China :-) (leaving
tomorrow)

Note that WIN2K has a separate (older version) version.

More unbelievably good sounding free security products
(anti: malware, virus, spam, ... )

       http://www.comodo.com/products/free_products.html

They say that their main business is SSL site software and
that the free products are a form of cheap advertising of
their prowess. Good story anyway :-).




       Russell



2008\01\03@171644 by Bob Axtell

face picon face
Apptech wrote:
{Quote hidden}

I have it running on a Win2K in my home office. Works fine.

--Bob

2008\01\03@173946 by Dr Skip

picon face
I've heard they are good, but haven't tested it. I'd be interested in
comparisons between it and Vista's firewall. I'm very impressed with the
granularity of Vista's FW, even though it can be tedious to set up. One can
specify down to application, in or out, source IP, dest IP, ports and time of
day for each rule, plus some. Only two complaints:

- no notification when something tries to go out that is blocked (minor issue
if you trust it)

- there are lots of higher level summary setting panels that if one selects a
generic "stop xxx type activity" could overwrite your settings done at a lower
level. Once you go deep, don't change anything from above again, especially if
it concerns sharing... It won't tell you it's about to delete your hand crafted
settings.

So, how does Comodo compare? Is there other stuff worth the time too?

Thanks.

-Skip


Apptech wrote:
{Quote hidden}

2008\01\05@110706 by Xiaofan Chen

face picon face
On Jan 4, 2008 6:39 AM, Dr Skip <spam_OUTdrskipTakeThisOuTspamgmail.com> wrote:
> I've heard they are good, but haven't tested it. I'd be interested in
> comparisons between it and Vista's firewall. I'm very impressed with the
> granularity of Vista's FW, even though it can be tedious to set up. One can
> specify down to application, in or out, source IP, dest IP, ports and time of
> day for each rule, plus some. Only two complaints:
>
> - no notification when something tries to go out that is blocked (minor issue
> if you trust it)
>
> - there are lots of higher level summary setting panels that if one selects a
> generic "stop xxx type activity" could overwrite your settings done at a lower
> level. Once you go deep, don't change anything from above again, especially if
> it concerns sharing... It won't tell you it's about to delete your hand crafted
> settings.
>

I have passed the Vista notebook to my wife and she is happy with it. Windows
Vista Firewall and Windows Defender will be on. AVG Free is the anti-virus
solution since Microsoft does not bundle one with Vista. Typically the
bundled solution is less intrusive and use less resources, unlike bloated
Norton's consumer suite (the business version is better).

>From what I read, Vista Firewall is quite good together with security
settings of IE7 and UAC.

Some people will use "more-advanced" firewall product.
http://www.dslreports.com/forum/r19604526-Does-Vista-need-a-3rd-party-firewall-If-so-which-one


Xiaofan

2008\01\13@045532 by Xiaofan Chen

face picon face
On Jan 4, 2008 6:16 AM, Bob Axtell <.....engineerKILLspamspam@spam@cotse.net> wrote:
> Apptech wrote:
> >         www.comodo.com/products/free_products.html
> >
> > They say that their main business is SSL site software and
> > that the free products are a form of cheap advertising of
> > their prowess. Good story anyway :-).
>
> I have it running on a Win2K in my home office. Works fine.

I tried it for one week and today I uninstalled it. It is too intrusive
for my taste. Maybe I am a bit impatient with free softwares
not integrated into Windows.

Xiaofan

2008\01\13@071209 by Dr Skip

picon face
Can you be more precise? I haven't installed it, but could use some detailed
info to decide. The one thing I used to like about Sygate is that it would pop
up each time something new tried to come in or go out and you could choose no,
this time, or all the time permission.

With the MS one, you don't ever know what is trying to get out, so if you
didn't remember to permit something first, it just fails, and you could have a
million trojans trying to get out and wouldn't know it. Seeing that sometimes,
for a one-off access, turning off outbound access is easiest for a few moments
to test, who knows what will phone home during that time.

No doubt MS has so many things trying to phone home (and which of them is truly
blocked by the MS firewall and which have hard coded exemptions?) that it would
embarrass them if it alerted the user, especially Media Center stuff and its
services...

Trust nothing, approve only what you need... ;-)


Xiaofan Chen wrote:
> On Jan 4, 2008 6:16 AM, Bob Axtell <engineerspamKILLspamcotse.net> wrote:
>
> I tried it for one week and today I uninstalled it. It is too intrusive
> for my taste. Maybe I am a bit impatient with free softwares
> not integrated into Windows.
>
> Xiaofan

2008\01\13@083531 by Xiaofan Chen

face picon face
On Jan 13, 2008 8:11 PM, Dr Skip <.....drskipKILLspamspam.....gmail.com> wrote:
> Can you be more precise? I haven't installed it, but could use some detailed
> info to decide. The one thing I used to like about Sygate is that it would pop
> up each time something new tried to come in or go out and you could choose no,
> this time, or all the time permission.

Then you may like Comodo.

> No doubt MS has so many things trying to phone home (and which of them is truly
> blocked by the MS firewall and which have hard coded exemptions?) that it would
> embarrass them if it alerted the user, especially Media Center stuff and its
> services...
>
> Trust nothing, approve only what you need... ;-)

I do not really care so such about the "Phone Home" thingy since I highly doubt
it is really the case. It is not that I trust Microsoft so much but I
think it is not
worth their efforts to do that. On the other hand, Google may be of
more concerns
since they are reading my Gmail (with targeted ads on the side). Again the easy
of use with Gmail outweights the privacy concerns.

Xiaofan

2008\01\13@091550 by Xiaofan Chen

face picon face
On Jan 13, 2008 9:35 PM, Xiaofan Chen <EraseMExiaofancspam_OUTspamTakeThisOuTgmail.com> wrote:
> On Jan 13, 2008 8:11 PM, Dr Skip <drskipspamspam_OUTgmail.com> wrote:

> > No doubt MS has so many things trying to phone home (and which of them is truly
> > blocked by the MS firewall and which have hard coded exemptions?) that it would
> > embarrass them if it alerted the user, especially Media Center stuff and its
> > services...
> >
> > Trust nothing, approve only what you need... ;-)
>
> I do not really care so such about the "Phone Home" thingy since I highly
> doubt it is really the case. It is not that I trust Microsoft so much but I
> think it is not worth their efforts to do that.

What I mean is that even they do "phone home" but I doubt that they are really
make use of the data to be against you.

> On the other hand, Google may
> be of more concerns since they are reading my Gmail (with targeted ads
> on the side). Again the easy of use with Gmail outweights the privacy concerns.

I do understand that there are great concerns of the "Phone Home" features
built-in Vista (and XP SP2 or other Microsoft software). The following is
about Vista.
http://news.softpedia.com/news/Forget-about-the-WGA-20-Windows-Vista-Features-and-Services-Harvest-User-Data-for-Microsoft-58752.shtml

For XP, do not install XP SP3 (when it comes out) if you believe the following.
http://blog.syracuse.com/technofile/2008/01/microsofts_phonehome_philosoph.html

And many more from Google for "microsoft vista phone home".
One of the link is from none other than FSF: http://badvista.fsf.org/

The problem is that you can not do too much about it if you have to use
Windows. If you are really concerned, better format Vista and use Linux instead.

And do not use those online service like Gmail, MySpace, Facebook, etc.
They all collected personal data quite aggressively.

And do not even use Internet since most likely the traffic will go though the
internet backbones where some US law enforcement agencies install
monitoring device.
http://www.salon.com/news/feature/2006/06/21/att_nsa/

In the end, we have to trust something in order to use the Internet.

Anyway, it seems we'd better use Linux instead of Windows at home. ;-)

Xiaofan

2008\01\13@161043 by Dr Skip

picon face
Thanks for the links, I will check them. I'm actually only moderately concerned
about Microsoft. There are a lot of other vendors now that phone home too, now
that it's assumed that everyone has a connection. They also fail softly if not,
so you never know.

I remember a German author putting in a phone home bit 10 yrs ago or more into
a small but useful utility. It would sometimes trigger the dial up networking
if you weren't on a lan. His fine-print explanation was that he just wanted to
see who was using and when and it just dropped an IP stamp in his log or such.
That was then...

Today, it's so fast and users are so inundated with network traffic that a
periodic ping won't be noticed. It would not be tough to transfer all sorts of
interesting facts about a user that way. That's one of the big nasties about
GoogleSearch. It builds a smallish sized index to everything on your drive,
then allows (or could be made to upload) it to be used quickly without an
exhaustive, obvious hard disk access. If it were such that they or some vendor
got a majority of users into this by default settings, etc (think MS search),
then it becomes of interest to use by anyone from a curious employee to a
subpoena (US) to trigger a search for terms and return 'interesting' results.
It's even useful to harvest your metadata if you're a questionable person
(according to whomever's metrics) and you run something that gives others this
kind of access.

It's especially troubling in the US where we now have a secret court and
citizens can be stripped of due process if labeled 'enemy combatant". It can
even be a criminal act to reveal you were asked to provide such data (Patriot
Act) and there are programs to involve citizens in looking for data (Operation
TIPS). Through the Military Commissions Act (US) (and through precedent and
principles used even before the Act, since 9/11) one can be categorized as an
enemy for lending any kind of aid to the enemy, which could include just
favorable opinion...

Under FBI Director Hoover (in the 50' & 60's) you could have all sorts of
disinformation unleashed against you if you were 'suspected' of being a
communist or aiding the wrong party, if not legal problems. In today's terms,
that might affect the ability to get a security clearance, a mortgage, a better
job, insurance, etc, depending on these efforts, which might all have stemmed
from an inappropriate number of certain words on your hard drive. Many of these
are important to an engineer's (or anyone's) life... Hoover and McCarthy would
have loved today's technology.

Those who were around then will remember that even a 'wrong' magazine
subscription could get you onto a 'list'. I think one of the reasons it fell
apart wasn't only that McCarthy saw 'red' everywhere, but that the data
processing load was enormous and these lists were people and paper based.
Search programs couldn't remain secret for long and were labor intensive. Not
true today where it's all electrons tracking other electrons ;-) and PCs can
easily keep crunching the results anyway you like. Hoover's programs could fit
on a pocket hard drive and a pc today... At least in the 60's, you had to pay
for the subscription or such to get into trouble. Today a bot or an interest
could get you into the same trouble, but you might have a hard time finding it
beforehand and an even harder time extracting yourself from the resulting
personal mess... A firewall with robust outbound filtering is imperative. Just
look at the delay users had in implementing inbound firewall protection (over
the recent years) and the mess it created in being penetrated, even today. It
was tough for the average Joe to 'see' this threat to his PC from outside. The
same is (or will be) true of outbound - first, denial of a problem, second,
groups take advantage of the 'hole', then, a mess.

Even if the technology is just applied to the more 'visible' suspects, it
creates a fear in the public that one's hard disk might contain incriminating
words or bytes, which then drives you to limit your investigations and learning
to avoid them, etc. Just the fear of such a program shapes public knowledge and
opinion to avoid topics that are off limits or suspect. I've found engineers to
be more curious than most, and willing to dive deep in order to get a good
understanding. That creates a larger than average trail or repository of
information. Let's hope it's not something that's on 'the list'. ;-)

However, there are a lot of cases where a useful utility either wants to phone
home for 'updates' that can't be turned off, or no mention is made that it even
phones home at all, but it does. It might all be innocent today, but tomorrow
is always a new day... On the popup style firewall, once you give permission,
you shouldn't get the popup for that item again. After a little while it stops
as you've given your core permissions. It's very handy, especially when testing
new software though, because the alternative is port watching and packet
logging and analyzing for every new utility. Just port watching a program can
fail you, since it can send one off quick enough you don't catch it, and then
it's after the fact anyway... and in a world of VMs and rootkits, even a
software firewall may not cut it tomorrow.

"Trust, but verify"  - Ronald Reagan



Xiaofan Chen wrote:
{Quote hidden}

2008\01\13@181354 by Richard Prosser

picon face
> ...
>
> It's especially troubling in the US where we now have a secret court and
> citizens can be stripped of due process if labeled 'enemy combatant". It can
> even be a criminal act to reveal you were asked to provide such data (Patriot
> Act) and there are programs to involve citizens in looking for data (Operation
> TIPS). Through the Military Commissions Act (US) (and through precedent and
> principles used even before the Act, since 9/11) one can be categorized as an
> enemy for lending any kind of aid to the enemy, which could include just
> favorable opinion...


So much for the "Land of the Free" then.

RP

2008\01\15@151152 by Dr Skip

picon face
Something other than the Vista firewall might be a good idea...

On mine, everything I need is handled by a few dozen rules allowing a few dozen
apps out of an otherwise blocked firewall. Thunderbird is one of them. In
thunderbird, I have ThunderBrowse to view web pages in emails in Thunderbird
itself.

After booting, all works, including checking mail on the isp, but not gmail or
going to sites through Tbird. So, I stop the firewall then start it again and
all is fine for the rest of the day until reboot. I even made shortcuts to
"netsh.exe firewall set opmode enable" and disable to do it quickly.

I'd be interested in insights on why it started this... It wasn't always so,
and no firewall changes had been made.

OTOH, Vista has a lot of self-healing features it seems, and settings have
sometimes reverted in other places (I checked this rule though in the FW). I've
also experienced plugging in new hardware and it says a driver can't be found
(for a simple usb hard drive - should be built in), then if I unplug it and
replug it, it searches again and finds it! It's a very dynamic OS!!!!!!! :-(

-Skip

More... (looser matching)
- Last day of these posts
- In 2008 , 2009 only
- Today
- New search...