PDA

View Full Version : What is a good free firewall


Galdorf
10-22-2009, 04:25 PM
Looking for a good firewall that is free any suggestions?.

iisjman07
10-22-2009, 04:36 PM
First choice: Comodo Firewall here (http://www.comodo.com/home/internet-security/firewall.php)
Second choice: Zonealarm Free here (http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm)
Third Choice: I'm not sure how good it is but PC Tools Firewall looks pretty good, and has an easy to use GUI. here (http://www.pctools.com/firewall/)

PatrickB
10-22-2009, 04:49 PM
+1 on Comodo Firewall. For less sophisticated users, you may need to turn off the Defense+ portion to reduce the number of pop-ups. Comodo Internet Security free comes with Antivirus, Firewall, and Defense+.

-- Patrick B.

iisjman07
10-22-2009, 05:55 PM
Comodo Internet Security free comes with Antivirus, Firewall, and Defense+.

Yer I tried that and the antivirus relies heavily on HIPS, so it's practically useless for a newb;) On the other hand it did do very well at blocking malware

MobileTechie
10-22-2009, 06:03 PM
I find Comodo comes up with way too many messages that confuse people.

Online Armour free is supposedly one of the best.

I'm not entirely convinced the average person really needs a seperate firewall if they have a decent AV. I used to use them but I've not bothered for about a year. I've not had any more infections. What they offer is the ability to decide whether you want an internal process to communicate with the outside world. Plenty of users are not capable of making the right decisions and tend to turn them off or just say yes or say no to everything, causing problems.

PatrickB
10-22-2009, 09:21 PM
I'm not entirely convinced the average person really needs a seperate firewall if they have a decent AV

That depends how few layers of security you wish your customers to have. AV will not stop all infections. A software firewall may prevent the infection from calling home with your banking login credentials.

No security is perfect. Multiple layers are better. Agreed that not everyone will want the multple layers. I encourage and install as many as possible. Otherwise, I feel like I am leaving customers vulnerable. They pay me to protect them.

OUTSIDE -->
1) ISP filters out spam on request
2) Some ISP's like Comcast, are now checking for malicious traffic and notifying subscribers when it is detected
3) DNS Server that blocks known bad websites (www.opendns.com (http://www.opendns.com), Your own like Treewalk http://ntcanuck.com)
4) Network security appliance (www.Astaro.com (http://www.Astaro.com), www.untangle.com (http://www.untangle.com), www.sonicguard.com (http://www.sonicguard.com))
5) Hardware firewall
6) Updated operating system
7) Updated helper programs (Flashplayer, Java, etc)
8) Updated applications software
9) Software firewall
10) Antivirus
12) Antimalware
13) Add-ons to check for known bad websites (WOT, NoScript, etc)
14) Human decision and action
--> INSIDE


As mentioned earlier, I found that most of Comodo's excessive pop-ups are from its Defense+ feature. That part may be reduced or disabled if necessary.

-- Patrick B.

Zogg
10-22-2009, 10:07 PM
Outpost firewall is supposed to be pretty good too. I'm currently testing it on my home machine and it seems to work fine. It does seem to ask for permission more than I prefer, though.

Tweak
10-23-2009, 12:44 AM
Outpost I hear good things about but I am a fan of CIS, Comodo Internet Security WITHOUT the Antivirus option. This gives you both a firewall and Defense+ (intrusion detection pretty much, best of both worlds). I then like Avira free and you can always add SpywareBlaster and Malwarebytes or SuperAntiSpyware or Spybot for the extra manually scanning. :cool:

You can also use the Comodo Secure DNS servers during install or without even bothering to install CIS, figured this is worth mentioning.

Comodo Secure DNS (http://www.comodo.com/secure-dns/):

156.154.70.22
156.154.71.22

PatrickB
10-23-2009, 02:14 PM
Tweak, thank you for mentioning DNS. It prompted me to do a little research and update my earlier post with list of layers of security.

What are the advantages of Comodo DNS? I was reading their website and the only advantages I can see are prevention of DNS Cache Poisoning and perhaps more speed and reliability than the default DNS from the ISP. I'm not sure what is secure about Comodo Secure DNS since it does not appear to block known bad websites. I guess secure means that it prevents DNS Cache Poisoning.

On the other hand, www.opendns.com (http://www.opendns.com) does block phishing and botnets by default and for free. You can also still choose 54 different categories of websites to block when you sign up for a free account.

OpenDNS has recently introduced a tiered structure of services. To block malware sites, you now have to pay at least $9.95 a year.

-- Patrick B.

PCSupportGlasgow
10-23-2009, 11:19 PM
home clients fall into 2 categories
1) the csual browsers - best to put them to one of the commercial firewall apps as they dont really understand the popups.
2) the tech savvie - either comodo or outpost


business clients

if must have free ...
smoothwall - configure this with opendns and the client will have very few if any intrusion issues

Tweak
10-24-2009, 01:56 AM
Tweak, thank you for mentioning DNS. It prompted me to do a little research and update my earlier post with list of layers of security.

What are the advantages of Comodo DNS? I was reading their website and the only advantages I can see are prevention of DNS Cache Poisoning and perhaps more speed and reliability than the default DNS from the ISP. I'm not sure what is secure about Comodo Secure DNS since it does not appear to block known bad websites. I guess secure means that it prevents DNS Cache Poisoning.

On the other hand, www.opendns.com (http://www.opendns.com) does block phishing and botnets by default and for free. You can also still choose 54 different categories of websites to block when you sign up for a free account.

OpenDNS has recently introduced a tiered structure of services. To block malware sites, you now have to pay at least $9.95 a year.

-- Patrick B.

Just offering an alternative to OpenDNS which I have also used. People seem to like options, even some when worse or better which is weird but we live and learn. :cool:

MrUnknown
10-24-2009, 02:01 AM
2) the tech savvie - either comodo or outpost



I haven't seen outpost recommended in quite some time. Agnitum Outpost Firewall Pro, right?

I won a lifetime license to the Security Suite in a contest, then they released the rewrite for Vista. It was horrible. lol. Now I see you can purchase lifetime licenses for pretty cheap.

PatrickB
10-24-2009, 02:16 AM
Just offering an alternative to OpenDNS ...

Yes, thanks again. I use Comodo Internet Security on my own computer and like it, but did not realize they offered a DNS service.

-- Patrick B.

hondablaster
10-31-2009, 06:21 PM
+1 Comodo firewall. The DNS feature is new and only started appearing on the more recent install downloads.

MM PC Solutions
10-31-2009, 09:23 PM
Is this for you or customers?

If it's for customers then I just go with the standard firewall built into the OS.

It doesn.t ask any questions that they won't understand & just press "Yes" to.

Block inbound traffic.

Blocking outbound imo is useless for residential. If they are infected this does not help them (which end users tend to believe).

The only other reason to block outbound traffic is for illegal software which I don't condone.