Best free firewall for free antivirus?

S

ShirlyBlack1

n00b
Joined
Dec 13, 2010
Messages
3
I am using Win XP, and it comes with a firewall, which I have never really done anything with.

A friend got a virus, even though he had Norton on his system, and later was told that a firewall would have helped him.

I heard that if you are using free anti-virus, that it is better to use the free Zonealarm firewall then the WinXP firewall.
 
XP has an inbound firewall. Vista and 7 have inbound and outbound firewalls.
Generally IMHO a firewall is not going to do much to curb infections. If you download a piece of malware, it doesn't matter if you have a firewall or not, it's still going to install and infect your machine. The firewall may keep it from phoning home or using itself to download more malware, but either way you're still infected. AFAIK Norton does have a built in firewall itself, but like any antimalware solution it can still be compromised.

That being said - if you really want a software firewall, Comodo is probably the one I'd recommend (even though it's more like an all-in-one than just a firewall). ZoneAlarm has gotten a lot more bloated over the years, I would definitely not use ZA.
 
PC Tools Firewall Plus 7 is free and is light on resources. I never liked Comodo, it's too bloated for me and the logging is virtually non-existent. I haven't touched ZA in years, it became fat and bloated 5+ years ago.

I would go with a router first and foremost or some other type of hardware firewall device. A UTM appliance is a good idea but for most average home users it may be overkill, depends on the situation.
 
ShirlyBlack1 said:
I am using Win XP, and it comes with a firewall, which I have never really done anything with.

A friend got a virus, even though he had Norton on his system, and later was told that a firewall would have helped him.

I heard that if you are using free anti-virus, that it is better to use the free Zonealarm firewall then the WinXP firewall.
Click to expand...
Windows XP Firewall is fine for 99% of users. A blocked port is a blocked port.

As for your friend, the reason he got a virus is because Norton has lower detection rates than many free products. Right now the top free products are Comodo IS, Avast 5 and, MSE.

I personally have been using Comodo IS lately and it's a fabulous product. It automatically sandboxes all unknown/untrusted apps so it's impossible for an infection to take over your computer from the second it tries to launch. It has a firewall too but I don't use that because again, the Windows firewall is good. The only benefit to possibly other firewalls is ease of use but frankly they are just to bloated.
 
Last edited:
imyourzero said:
I'd rather go with Comodo.

Though it is very verbose initially.
Click to expand...

Their free firewall is bloated.


I'd rather go with a router or other hardware firewall. I would only use a software firewall(no matter how well it rates) in conjunction with a router, mainly for more detailed real-time outbound information and alerting. I would never run a software firewall by itself for protection. Like I mentioned above a UTM appliance would be the next step but is probably overkill for the average home user but it depends on the situation.
 
number69 said:
Their free firewall is bloated.


I'd rather go with a router or other hardware firewall. I would only use a software firewall(no matter how well it rates) in conjunction with a router, mainly for more detailed real-time outbound information and alerting. I would never run a software firewall by itself for protection. Like I mentioned above a UTM appliance would be the next step but is probably overkill for the average home user but it depends on the situation.
Click to expand...

It's been a while since I used it, but it didn't seem bloated then. I haven't tried the latest version but I don't care if it's bloated if it protects my system that much better than the next free alternative.

I should clarify that the last time I used a third-party software firewall was with Windows XP, but I see no need for one with Vista and 7.

I'd rather go with a router too, but that's pretty much a given these days considering few people don't have one. I too prefer a hardware-based firewall over software, but my point is that Comodo is second to none in terms of effectiveness compared to other third-party software firewalls.
 
A hardware firewall doesn't do crap for your host boxes on a network though. Sometimes attacks come from the inside. Just use Windows Firewall that's built in. If you are someone who thinks it's not good enough, I'd LOVE to hear your explanation other than "it's Microsoft", because that doesn't cut it anymore.
 
a hardware firewall does as much good as a windows firewall, they both perform the same task, just at different locations....

if your computer gets infected with something, if it can get past your hardware firewall, it can get past windows xp firewall since it blocks nothing going outbound.
 
Windows 7 firewall is enuf. Time to update. :)
Thought really, Firewalls in general are kind of useless, if you are at least behind a router.
 
IMO software firewalls designed to run on Windows are prone to exploits due to the fact that many hook with Windows services and it's just another piece of software running on the machine. If a virus takes it down at least you still have incoming protection with a router or other device. Nobody is knocking the Windows firewall, the main drawback is it's outbound alerting is basically nonexistent, or at least extremely limited. Usually if somebody wants a simple setup on a basic home network with detailed real-time outbound alerting and some form of HIPS I suggest a third party software firewall used behind a router. If they don't care about detailed outbound alerting the Windows firewall is fine.
 
Last edited:
nessus said:
Incorrect, Windows XP with SP3 is inbound/outbound. SP1 and SP2 were inbound only.
Click to expand...

It has outbound filtering which the user has to set up their rules manually. Most users don't know how to do this or don't want to even when showed how to because they're lazy. Alerting is extremely limited, if a outgoing app is blocked most of the time it's done silently. Most third party firewalls will alert you and tell you an outgoing app was blocked and will also tell you the path of the file, if it was modified recently, what remote IP it wants to connect to, etc...

It's a double edged sword in some cases because some of the people who don't want to bother with the Windows firewall and setting up outbound filtering don't know what to make of alerts coming from a third party firewall anyway.

I wanted to add most people are behind dedicated routers or modem/routers now anyway. But there's still people I have come across that still have a single desktop computer using a software firewall behind just a dedicated modem. I always suggest they buy a router anyway.

Anyway, the Windows firewall is good depending on what you want and if you know how to work with it.
 
I think these quotes are some of the best statements I've ever read on outbound filtering. They were written by a Senior Security Strategist at MS back in 2006, http://blogs.technet.com/b/jesper_johansson/archive/2006/05/01/426921.aspx.

"The key problem is that most people think outbound host-based firewall filtering will keep a compromised asset from attacking other assets. This is impossible. Putting protective measures on a compromised asset and asking it not to compromise any other assets simply does not work. Protection belongs on the asset you are trying to protect, not the one you are trying to protect against! Asking the bad guys not to steal stuff after they have already broken into your house is unlikely to be nearly as effective as keeping them from breaking into the house in the first place."

" A plethora of dialogs, particularly ones devoid of any information that helps an ordinary mortal make a security decision, are simply another fast clicking exercise. We need to reduce the number of meaningless dialogs, not increase them, and outbound filtering firewalls do not particularly help there. While writing this article I went and looked at the sales documentation for a major host-based firewall vendor. They tout their firewall's outbound filtering capacity and advising capability with a screen shot that says "Advice is not yet available for this program. Choose below or click More Info for assistance." Below are two buttons with the texts "Allow" and "Deny." Well, that clarifies things tremendously! My mom will surely understand what that means: "Unless you click 'Allow' below you won't get to see the naked dancing pigs that you just spent 8 minutes downloading." I rest my case."

The same article gos into pretty good detail about how outbound filtering is essentially useless until you get to an OS design that isolates processes running under the same SID from accesing each others resources, which is the case with Vista and later.
 
Outbound filtering has its uses, but the big challenge is verifying whether the outbound rules are configured and working properly.

www.firebind.com has a Java applet paired with their server that can test whether any of the 65535 UDP or TCP ports are blocked in the outbound direction. It comes in really handy on hotspots and 3G networks since you can immediately know whether the ports are blocked or not instead of fiddling around trying to get your specific app to work.

CruiserX
 
As some of the others have said, just stick to a router and a good virus scanner. Personally I've just done this for years and never had a virus download onto my machine without my permission.
 
COMODO!!!!

and turn EVERYTHING windows off...and i mean EVERYTHING.. my computer was SOO slow with win defend on...i disabled pretty much every security option i had from windows and let comodo handle it from there...and a nice lil UAC script i have that wont let you make changes to certain folders without having a flash drive with the key on it installed..
 
XCLR82XTC said:
my computer was SOO slow with win defend on
Click to expand...

To be fair, Defender is a steaming mass pile of shit regardless of how fast or slow it is. :D

MSE OTOH is not. ;) I would say Windows should come with MSE preinstalled but then the other AV companies would be screaming about that.
 
Comodo IS is an incredible product. It blocks nearly everything. Unfortunately, some applications don't work with it and the exception rules don't always work. The benefit of HIDS system like Comodo is they are very good at blocking bad stuff but also at times block good stuff.

If you want very good protection (better than Avast, MSE, Norton 360, Avira, etc) go with Comodo IS. If you only run basic applications then you can't beat it.
 
ive never had a problem running any software with it.. i have run every thing from solitaire to 3d cad...and lots of stuff in between...
 
Ive used Windows Firewall Control from Sphinx Software. It basically plugs into windows firewall and then gives you prompts that you can allow/disallow when a program tries to access inbound/outbound traffic. They have a free and plus version available. http://www.sphinx-soft.com/Vista/order.html
 
bigdogchris said:
Comodo IS is an incredible product. It blocks nearly everything. Unfortunately, some applications don't work with it and the exception rules don't always work. The benefit of HIDS system like Comodo is they are very good at blocking bad stuff but also at times block good stuff.

If you want very good protection (better than Avast, MSE, Norton 360, Avira, etc) go with Comodo IS. If you only run basic applications then you can't beat it.
Click to expand...

Although I dislike the Comodo firewall i'd be willing to try their free AV on one of my machines just to try it out, I never used it. It's sandbox feature will probably cause issues with certain programs. It would be nice if Comodo's AV was included in the AV Comparatives reports so I could get a good idea of it's performance.
 
Last edited:
XCLR82XTC said:
ive never had a problem running any software with it.. i have run every thing from solitaire to 3d cad...and lots of stuff in between...
Click to expand...
The program specifically that I am referring to is Daemon Tools. VCD may work better.

number69 said:
Although I dislike the Comodo firewall i'd be willing to try their free AV on one of my machines just to try it out, I never used it. It's sandbox feature will probably cause issues with certain programs. It would be nice if Comodo's AV was included in the AV Comparatives reports so I could get a good idea of it's performance.
Click to expand...
You can install it without the firewall by deselecting it on install.

The sandbox doesn't cause issues because if the program is known, or you allow it (and never ask again) it will run without the sandbox from that point on.

As for comparison, since it's just now starting to be pushed and be popular, it may eventually be on there. For now, check out languy's AV reviews on Youtube. Comodo really beats everything.
 
You must log in or register to reply here.
Back
Top