Firewall, Redux.
#1
I've asked about this before, a while back. Hopefully by now someone will have some suggestions:

I am looking for a decent Win Firewall.
One that DOES NOT use the built in M$ Firewall (disabled here).

Something that is a firewall only and NOT an internet filter or 'intrusion device'.

Something that allows me to block and unblock connections and has a working learning mode. And queries on *everything* after learning is turned off, and allows unblocking as easy as blocking.

Glasswire sucks. Outpost Firewall, Comodo, blow chunks. Too much AV crap in them to be useful. Dont want 'traffic' filtering, and only want 'detection' when an app tried to connect to net. And they allow too much by default.
One has an enormous list of 'approved vendors'. Crap.

Tiny Personal Firewall is *almost* useful. But:
1.No popups or notices.
2. Learning mode defective.
3. Will not let VPN work for more than a minute. Nor show its connection status to unblock.
4. Not smart enough to parse and query on installed programs!

In the old days I had some decent ones, but they are 32 bit aand wont work on 64.

Any ideas?

Also: need something smart enough that if an exe is whiteleisted, its children would be too (unless a win service).

Update:
I *think* I found pretty much what I am looking for: PC TOOLS FIREWALL PLUS. Free version. Seems fine with VPN and pops up for new first use apps. And even option to turn OFF.

Not fully tested, but loooking good.

Apparently out-of production....
Reply
#2
I use Comodo, its got popups that can be set automatic, deny is the default but am unsure how it will go with a VPN.
I trained it manually so its set to custom rules in firewall mode

I have the antivirus and other components disabled, if you cant determine that somthing might be sus about an .exe what hope have ya got? (yes i sandbox some things)

Not sure about its learning mode its cloud backed mostly.
Reply
#3
AV, even cloud based is useless against 0-day RATs, as they are *tested* against Virustotal and the like before release. So I have absolutely zero trust in any 'cloud based' security mechanism. Only crap from kiddie scripters will be easily caught. I have some Drusax vermin still undetectable after *years*.

I will usually play with software if its around six months or older. There my emsisoft command line scanner is pretty good at sensing boogers, but most will be false positive patchers and keygens. Even then, when in doubt: Sandbox. I have VMs here, but Sandboxie is easier, plus I have all /temp dirs linked to c:\temp which I regularly monitor. Little sneaks by there.

Browserss aremed to the teeth, and email rarely used, difficult for vectors to get in. With torrents I gauge by uploader. Some more relaible than others, and sandbbox for the questionables.

Since an booger normally starts in /temp its quickly dispatched there. They canit phone home since i have all their dervices disabled. They flop areound and usually die, but not beofre I try to get their IPs, which I killfilter.

A bit of a sport. Kinda like a MUD game against scummers.

The fun with some of the scumware is that they often pirate sceneware and may have actually working releases. Its seperating the goodies from the crap that is the challenge.

I just loaded some Adobe crap here and needed a decent F/W to keelp all their crud from phoning home. Disabled their daemons, yet the proggies still work, with turning off net access.

Igor in Minsk is not my problem. Billy in Redmond iand his korporate scum are.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  What Firewall ok for torrenting ? WW3hasstarted 8 15,009 Mar 25, 2020, 16:17 pm
Last Post: waregim
  FIREWALL spikemite 16 33,676 Mar 11, 2018, 10:35 am
Last Post: contrail
  Vegas pro 13 firewall block Driftersrift 1 13,059 Mar 08, 2015, 16:27 pm
Last Post: LowOrbit



Users browsing this thread: 1 Guest(s)