Another question about firewall 1

[six3077]

Ok, it is possible I am not using the correct terminology.
I was using an old old version of Tiny Personal Firewall, and you made the rules as you go.
Quite simple.
If you had nothing in the rules section and you connected to the net and used IE, a window would pop explainging
-which program was trying to go out (or in)
-which port
-option for allow or deny
-a check box for 'apply this rule always'

You could also set rules for certain programs and the ports they use.
The main idea that is what a breeze to use.

Someone pointed me in the direction of Zonealarm and Kerio.
Now the link I got from here for kerio looked exactly like what I described above, but unfortunately the new version of kerio is more like the new version of Tiny, and Zonealarm.

Maybe all I am looking for is an easy to use port blocker?

I just find with all that other MD5 crap and trusted install group, extra crap that isn't always gauranteed to work anyways, is too much of a bother.

I use like 5 things that need access in and out of the net, and most of the time, I like to keep the 'allow' rules empty when I do not need them.

So, anyone got an old copy that Tiny firewall I was talking about? or an older copy of Kerio they could help me hook up with (via email)
Or is there any new firewalls out there that are simple to use like this?

Thanks and sorry for the long post

 

[ceigl]

As I also experienced troubles using BlackIce or ZoneAlarm I decided to try out Sygate Personal FireWall....Guess what ?
No problems whatsoever - here is the link if you want to give it a try:

http://www.tucows.com/preview/213160.html

Cheers,
Chris

 

[six3077]

Looks like it could be something I am looking for.
I'll try this one out tonight.
thanks!

 

[bcastner]

I too am very disappointed in the changes to Kerio.
Fortunately, you can still download the earlier version without a problem with a decent Google search.

 

[mikeeb]

I find firewalls are trial and error, even if one has been rcommended by a reliable source.
A great firewall for this person might be a nightmare for another, even if you do know how to configure it.
I use zonealarm with no probs when over half the people I speak to have nothing but probs with it.
In my job I would never recommend a certain firewall, I'd just say take your pick.

 

[six3077]

I think that is good advice mikeeb.
Ever since I lost the cd that had an older version of tiny personal, I've been using firewalls quicker like they are going out of fashion.
I suppose my preference in a firewall is that i want it to run in the background, and never have to worry about configuring it right. K.I.S.S.
I've tried a ton of them but have found all their other features too much overhead, and although u can disable these xtra features, its still a pain in the ass to even setup the config.
The screenshot of kerio i was pointed to many posts ago looked exactly like what i was seeking. In fact it looked identical to the version of tiny firewall.
The new updated version is more like zonealarm, or even the new tiny firewall.

Bottom line is that it all comes down to choice. I think its great that these companies allow a 30 day free trial so you can get a feel for how they work.
Thanks to all that have helped.
I'm using sygate, but if i find the older kerio, I'll be putting that one on.

 

[pechenegs]

I agree with Bill on the new Kerio 4 , I found it very difficult to find out were anything was, result, I uninstalled kerio 4 and reverted back to Kerio 2. Tiny as you mention is just the forerunner of Kerio 2, it's the same firewall and very good in my opinion.

Six, it's really up to you what firewall you want to use, Bill and I in a previous post you made gave you directions to download and configure Kerio 2, however, I think both of us at that time didn't realise Kerio 4 was out. However, as Bill said , you can still get Kerio2. Sygate 5 is also a decent fireall and as another poster said Zonealarm is also an excellent piece of software. It really comes down to your needs, and ease of use for configuration. If rules based, then Kerio 2 is very good, but the link I gave is very usefull for setting up a rules based firewall as you go.

I Hope this helps Pech

 

[pechenegs]

six, I would suggest going here to test any firewall you are playing with to test if it's working at stealth mode? Just scrawl down the page and chosse shields up to test whatever firewall you have installed. also, try leak test at the same site.

http://grc.com.

this is for the shields up test stealth.

https://grc.com/x/ne.dll?bh0bkyd2

another site, not as good is

http://www.pcflank.com/art41a.htm

pech

 

[bcastner]

Pechenegs,

I thought I was alone in thinking Kerio screwed up with Version 4.

Personally, I like the notion of a rules-based firewall, and was perfectly happy with what Kerio and Tiny originally offered.

Personally, I do not want a "Zone Alarm" or Norton type solution, while making the firewall "idiot proof" I felt they underestimated by design how big an idiot I could be.

I do odd things with my computer and would prefer to create a rule about my ports on my computer and when they are open and how and by who. I do not like the trend to remove this in the interest of making the process "easier" and more goof-proof.

As you stated, firewalls end up being largely a matter of user preference. As you did, I reverted my Kerio upgrade back to the original 2.x release; the 4.x was just not my personal notion of a firewall.

I like Sygate quite a bit, if you could just stop it insisting that I update the darn thing on every startup. I do not want to upgrade the thing, I am perfectly happy with my settings as they are and the software as it is. But on every start it inserts a Run key entry to check with "Home" and nag me to upgrade. When I have the time I will kill that inside the program, or uninstall and use a different product such as Tiny or Kerio in their earlier releases.

In any case, a tip of my Tek-Tip cap to you for I think excellent advice about using rules-based firewalls. You have been stalwart on this issue, and I have found your advice and links excellent advice about how to use these products. They are certainly not for everyone, but if you buy the notion of a SPI rules-based firewall, pechenegs several posts on this issue are first rate stuff.

 

[pechenegs]

cheers bill, I have also been throw the mill on firewalls, going from novice: knowing absolutely nothing and over time building up my knowledge, which I must confess I still consider myself a novice.

My problems first started with zonealarm. I didn't know how to use it, as I had just bought a computer. So, due to misconfiguration I was blocked out. Then I uninstalled it and couldn't get on to the internet. Uninstalling Zonealarm can be a nightmare, because it leaves instances of itself all over the place, although it uninstalls, parts of it are still running and therefore block your internet access which is especially true in 95-98 and ME. An excellent article on this is by Ken Jones on how to uninstall Zonealarm and all instances of it, I don't have the link but I have the article if anyone needs it.

Then I tried Tiny, didn't know how to configure that either, it fought with zonealarm, which the latter uses 10% of resources , which is the reason why I dropped zonealarm, although it works fine but it doesn't have the flexibility of a kerio.

Then I tried Agnitum's outpost, tested it at pcflank.com, passed all the tests, tried it at grc.com failed. Outpost was then deleted when I read posts on here by a certain person called Bcastner. This Bill person was championing Kerio, here was me championing Agnitum and it failed grc's tests.

So, I went to kerio, downloaded it, and decided to do a search in Yahoo called, "How to set up and configure Kerio", and voila , it was there, everything I needed, and I've been happy with Kerio ever since. I also run sygate pro 5 which runs happily with Kerio. I have tested both at grc.com and both stealth.

If I can learn this about firewalls, so can anyone!

cheers Pech

 

[pechenegs]

Bill lol, when you find a way of killing that pesky reminder from Sygate please let me know? I had already killed it before but I had to reinstall and it's back and I have forgotten how I did it!

pech

 

[bcastner]

I use an easily google'd utility "aspy32.zip", but there are other excellent alternatives.

I routinely clean my autorun entries with this utility.

(An odd note: if you decide to use the utility, it is not absolutely clear that one needs to do a File, Save, withing the utility to save any changes you have made to the startup desposition of any entry).

Daniel Petri has a good discussion of alternative startup managment programs. On a regular basis, one not included in Dan's notes, is the use of Hijack This to handle the chore. This is my current weapon of choice:

. Daniel Petri's notes on startup management:

http://www.petri.co.il/configure_auto-starting_applications.htm

. Hijack This! utility ... my current portable weapon of choice:

http://mjc1.com/mirror/hjt/

I warn you that it keeps inserting a new entry. This weekend I will try and find a way to kill it, as I do like Sygate, and I would like to keep several different firewalls on my machines to learn about each peculiarity of the implementation.

Honestly, the Service Pack 2 firewall planned for XP is where I will move all my clients later this year.

My best to you sir, pechenegs, and would you at some point explain your handle name? Your description above of how you learned and dealt with firewall issues is classic stuff, and autodidacts are very welcome to this forum as far as I am concerned. I learned nearly everything by just trying to figure it out by myself, reading (stealing) liberally from linney and others here, Doug Knox, Kelly Theriot, and several other forums. I sincerely appreciate that you have given back to the user community what you have learned.

Bill Castner