FIREWALL
#11
Everything you've mentioned can be scripted Wink
Reply
#12
(Mar 08, 2018, 06:42 am)Mr.Masami Wrote: So you need basic firewall or complete suit with behavioral detection ?

If you want something more you should look up IDS like Snort:

https://www.snort.org/

Don't know if there's a Windows version but if not, you should easily find similar alternative to it as there are plenty of them.
Or make a linux box as you mentioned earlier with this software, that would be good option.

@edit: There is Windows version as well.

Snort on Win? Excellent advice. I will be sure to try it.

The problem with the Win firewall is that it is M$ garbage, and I cannot conceive of M$ security as other than a contradiction in terms. Indeed, i regard anything out of Redmond *as* a virus. First thing I always do is disable the Win 'Security Center', updates, BITS and everything related to remote desktop.

Ideal is to turn a win system as much into open source or freeware Posix as possible. Cygwin is my friend.

I have a couple of Linux systems and use them mainly for anything requiring real security or for development and scripts. I use Win as a primary system because it has 'portable' apps that I can more easily control, and I am developing major *issues* with the direction of Linux development - particularly the RedHat influences on the distros.

If I am doomed to korporate krap, i'll stick with the devil I know. I think microkernel is better with all things equal.
(Still waiting for Hurd - but not alpha! ).

To answer the question: A basic and effective Firewall is the main goal, but something like snort is well worth considering. Just dont want any 'net nanny' deciding what I can or cannot download or run!

(Mar 08, 2018, 17:39 pm)dueda Wrote:
(Mar 07, 2018, 20:32 pm)spikemite Wrote: I have the majority of services, including protocols turned off via services.msc.
But I am looking for something a little more finegrained, that acts as a firewall, and nothing more.

Sounds like you want a ruggerized and fit tight ship; consider running Wine (Windows-like environment) on top of a hard Linux?

Or maybe PeerBlock, it was suggested before on another thread here. Sure it's an old horse but has an audience.
Private Firewall reminds me of the old times tools like ZoneAlarm and Seagate Personal Firewall, but too finnicky for my like.
I always liked GlassWire; it grew well into maturity, but for you the Pro version should appeal more than the Free model.

I will need to test out Glasswire - it is new to me.

I havent installed peerblock on this machine yet, but have it on the others. Good software, just a devil of a time getting all the block lists!

Wine is good, but it has its rough edges, and can take up an enormous amount of space using 'bottles'. Got to try the portable apps with it. I usually compile the latest version, so the newer stuff should probably be even better.

The problem I have with Wine in an old Access database app that has only worked in Ubuntu Jaunty wine, and has refused to work since in Linux. I need it for ecommerce, so am forced into the Win platform, though mercifully I can do that in Linux with a Win 8 VM.

(Mar 08, 2018, 18:58 pm)schnitzengruben Wrote: Everything you've mentioned can be scripted Wink

Can this be done *without* the Win firewall?

With Perl????

(As I mentioned in an earlier post, Cygwin is my friend.)
Reply
#13
(Mar 08, 2018, 18:51 pm)RobertX Wrote:
(Mar 08, 2018, 17:39 pm)dueda Wrote: Does it stops apps from adding exceptions during installation? That is the worst problem of any Firewall.

Not unless you put it in learning (i.e. blue) mode.

I don't know, I know I just went back to Zonealarm.

It's by no means a bad firewall, but it's not for everyone.

Well, I'm no IT professional but I tried so many firewalls, what could possibly go wrong...? he he
Right now, everything. Just formatted and installed Win 7; Win Update broke. Will create a usb stick and reinstall...
Speaking of the Devil, maybe I should try Win 10 again. I'm sure it is a very safe and sound system for a quiet home user like me.
Reply
#14
(Mar 08, 2018, 19:18 pm)spikemite Wrote: Ideal is to turn a win system as much into open source or freeware Posix as possible. Cygwin is my friend.

The problem I have with Wine in an old Access database app that has only worked in Ubuntu Jaunty wine, and has refused to work since in Linux.

Uh, The bloatware revolution MS started with XP introduced a Posix system; I heard it's hiding down there under a fake name.

Was thinking about it... Either you run a VM or a pizza box (windows pc) just for it. Better to isolate that old dog. Let traffic go thru the IX's security.
Reply
#15
sophos utm virtual appliance is amazing, but you need to install it on an old machine or a VM

configure it and goooo
Reply
#16
(Mar 10, 2018, 12:48 pm)xHOBBiTx Wrote: sophos utm virtual appliance is amazing, but you need to install it on an old machine or a VM

configure it and goooo

Looks impressive, good suggestion! Tech security corp stuff. Currently out my jr. league, as I'm your dumb numb cheesy cheap chap pirate...
Reply
#17
(Mar 07, 2018, 06:59 am)Sid Wrote:
(Mar 06, 2018, 15:39 pm)spikemite Wrote: Zonealarm is out of the question. It effed up a system years ago, and I consider it toxic waste now.

I had the same experience and also wouldn't touch it again.

I must agree.

As RobertX said it probably is best to go with TinyWall.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  What Firewall ok for torrenting ? WW3hasstarted 8 15,014 Mar 25, 2020, 16:17 pm
Last Post: waregim
  Firewall, Redux. waregim 2 12,278 Oct 29, 2019, 02:36 am
Last Post: waregim
  Vegas pro 13 firewall block Driftersrift 1 13,059 Mar 08, 2015, 16:27 pm
Last Post: LowOrbit



Users browsing this thread: 1 Guest(s)