What FireWall does Avast people Recommend?

Avast Free Antivirus / Premium Security
21

I have used Zonealarm (Free and SS), KPF 4.1, and Sygate 5.6 all successfully with avast! Finally settled on Sygate. I find the lgging and troubleshooting tools more usable than the others. Also the advanced rules are easy to set up and monitor. And I don’t miss all the privacy crap that is redundant and conflicting with modern browsers. But all worked well with avast!

22

After having read your message, and browsed various other forums, I have reconsidered my decision and gone with Kerio Personal Firewall. Thanks

23

My mother always says: “Listen to David” ;D

24

My OS is WinXP HE, SP2 on both a desktop and a laptop. For the past year I had been unsuccessful in setting up a network using these two computers. Using the following tutorial however
http://www.careyholzman.com/net1.htm
I was finally able to set up my network.
Following this tutorial to the letter, I can share files between the two computer, share a printer between the two computers, and both computers can access the Internet. In other words, everything is running as I want it to run. In his tutorial, Carey has you initially turn off all firewalls. Later in the tutorial
http://www.careyholzman.com/xp/home/xphome-8.htm
he has you turn on Windows Firewall. There are no options for setting up another firewall.
http://www.careyholzman.com/xp/home/xphome-9.htm

Browsing various forums, I get the message that the Windows Firewall is not a recommended firewall. So I turned off Windows Firewall and downloaded Kerio Personal Firewall. This is where my problems started. I can no longer share files (I didn’t check to see if I could share the printer). I did try Control Panel\Network Setup, but that didn’t help anything. So I uninstall KPF and run through the tutorial again, and have everything working as it should again. Is it worth my while to try setting up my network to share files and printer using KPF as firewall?

25

Is Kerio Personal Firewall better then Sygate?

26

Sygate
Outpost
ZoneAlarm

All have free versions.

27

If you look at http://www.dslreports.com/forum/remark,11970244~viewpoll=1
for instance, about twice as many people use Sygate as Kerio. They are both good firewalls. I use Sygate because I try lots of stuff and find that the logs and alarms are more useful for figuring out what happened than Kerio. ZoneAlarm worked fine, but I could never figure out what it had done if there was an issue.

28

I like a firewall that works in the background and doesn’t give me a lot of flack or interaction. In fact, the firewall that comes with WinXP is as good as a basic router firewall. Both of which work in the background and you never know its there and both pass typical firewall test sites.

29

dld

See the link below:

Everything you need to know about selecting and installing a firewall for your PC or network.

-Working With Windows Networks

http://www.pcworld.com/howto/article/0,aid,112920,00.asp

(instructions for setting up four free firewalls- Kerio, ZA, Outpost and Sygate).

Quote:

“Kerio: By default, this firewall disables Windows networking because enabling it would allow other PCs on the local Windows network to access your shared folders and printers only after you entered their IP addresses. To allow access to a particular PC, right-click Kerio’s system-tray icon and…”

30

Technical,

Could you please tell me what do you mean by “configure Sygate very very well”? Coz I am now using Sygate 5.6 built 2808 and avast 4.6.623 with WebShield functioning on my Win 98 machine. I noticed from another thread there is a loopback problem in Sygate. Please tell me in detail how I should configure the two applications. I have set my Firefox to use 127.0.0.1 port 12080. Is this good enough? But Sygate does not ask me for permission for outgoing (except one instance in which it asks me whether to allow it go out to secure-sg.imrworldwide.com - strange???). Also in a radio website I tried, when the realplayer was launched, Sygate did not ask me for permission.

31

secure-sg.imrworldwide.com probably goes out as a secure https request on port 443 and isn’t seen by avast! I don’t do anything special to Sygate to work with avast!-haven’t found anything without more undesirable side effects. Virus/trojan scanning generally seems more worthwhile than alerts from Sygate. Other things to do are to look at the Sygate traffic log once in a while, and be aware of the avast! ball spinning without knowing why. And nag Sygate on their forum-they have been promising a fix there since 2003. Or switch to Kerio 4, which also has some nice features.

32

Im using Sygate with Win XP Home and without Webshield installed and it works well. (Im not that worried about not using Webshield)

I was using Zone Alarm and was happy with it but upon upgrading to XP Home Ive been unable to get ZA to work properly with this system. Would constantly lose the ability to browse. Threw hands up and switched to Sygate and so far so good on this machine and on a Win98SE machine as well.

33

Sygate recorded that it went out thru firefox.exe, remote port 80 local port 2036. What does this mean?

With Sygate’s loopback problem, Is it that the only risk with Sygate and avast’s WebShield is the bad thing sent outgoing without anybody’s notice? In other words, my machine is still well guarded from bad things outside?

Kerio 4 - is it free? Will there be any problems with Kerio 4, avast, Firefox, Win 98 (NOT 2nd edition) running?

34
  1. Don’t know why it didn’t go out through webshield then.
  2. Yes, loopback is an outbound issue. But the traffic outbound via http is connection requests. Any inbound data will still be scanned by Webshield. Problems would be things like a trojan on your machine participating in actions like DDOS attacks by sending high volume connection requests to a website through Webshield without being seen by Sygate or Avast! But watch that ball spin and look at your logs to see it. Other things a sophisticated trojan might do with more in-depth understanding of Avast! and Sygate to exploit the loopback issue?
  3. Yes; Kerio 4.1.2 is free. I am using it on a machine now. Has some nice features and an interesting connection display. Also, I think it is another product of the Czech Republic, like Avast! Haven’t tried it with Windows 98, but have heard that future editions will only support W2000 and XP-true?
35

kenwong, Firefox, if set to ask , sygate will ask you from other ports mostly. That is how it should be. You have only allowed webshield HTTP 80 traffic, though there might be some other ports, but most other by firefox

As to realplayer, in my experienced you will get asked or if it was a new application, the First time, if set to ask. Then if you play another video or sound broadcast, while FF is still running, maybe not so.
Even if it is in another web page video.

So If realplayer was an unknown trojan :stuck_out_tongue: you would get asked, and there is also the Sygate traffic log.

There is no big issue here.

As to web connections with a firewall, what ever you use. Once you have allowed an outbound connection, what happens next is both outgoing and incoming traffic in browsers.

But with Sygate firewall you are really not compromising your security with Sygate firewall running Webshield. Especially if not configuring IE to that manual proxy 12080 localhost setting. Be calm in that.

36

Visnetic 2.2.6 here. Yes, it only covers inbound. I also have Winsonar (free) installed and set to kill unknown processes from starting.

Visnetic, from Deerfield.com isn’t cheap, but I think it’s an excellent firewall that is very low on resource useage (5.6MB). Add something like Winsonar or Process Guard and I think you’re pretty well covered.

37

Before I did the tests, I removed Firefox and RealPlayer in Sygate’s Applications. It turned out that they didn’t ask me!

You distinguished IE from Firefox here? What are the reasons?

38
Before I did the tests, I removed Firefox and RealPlayer in Sygate's Applications. It turned out that they didn't ask me!

opps, I have no idea why realplayer did not get asked by SPF :o
With me it does.

You distinguished IE from Firefox here? What are the reasons?

None other than I believe that once you have allowed a browser, it might maybe be “hijacked” by another app and malware is most restricted to IE. No other reason.

39

Try this test kenwong:
http://grc.com/lt/leaktest.htm

Sygate should prompt you and answer no, and it should not pass.
The test is trying to pass tcp 80 port.

And I do get Sygate asking me though even if a video for Realplayer is in a web page. Just close your browsers first before trying to check realplayer’s behaviour. there might be “memory”. :slight_smile:

40

I want to thank you Frank for this link. Everything worked as described in the quoted excerpt. The only minor change to the excerpt is that one has to go to Administration, Advanced, Microsoft Networking. I initially kept Windows Firewall activated during the installation of KPF, installed KPF, made the recommended changes to Microsoft Networking, then turned off Windows Firewall. I can now share files and printers with only KPF turned on.