I need a decent firewall suggestion

[hkBattousai]

There are some software installed on my computer which are silently accessing the internet. This situation makes me worried about my security and privacy.

So, I need a firewall to block internet access of some of the software installed on my PC, which I would choose by hand. It must warn me whenever an application tries to access the internet, and let me choose whether to allow it or not. I don't want any firewall which doesn't have this feature.

In old days, there was a great firewall named "Symantec Personal Firewall". But there is no new version developed for years, and its older versions are not compatible with my current operating system.

Any suggestion will be appreciated.

(My OS: Windows 7 Ultimate x64)

 

[CGA1]

I've been using Comodo firewall for the last couple of years, very reliable and very configurable. If you just want simple application blocking you could turn of the hips feature (defense+) which tends to bombard you with warning dialogues.

 

[I be he]

Comodo D+ is what i recommend. It can be set for learning mode, Default mode, and my favorite, PARANOID mode:shock: If you dont allready have a real HIPS, i would suggest adding the D+ with the firewall. After learning your system Comodo becomes very silent, even with D+.

 

[Borg 386]

What you decide to use is whatever you feel comfortable with.

Comodo is highly configurable, although it would be best for you to d/l this and spend some time reading this. It's a long read, but it covers all aspects of configuring the firewall and defense+.

http://personalfirewall.comodo.com/Comodo_Internet_Security_User_Guide.pdf

Windows firewall is also configurable. Doing a search of this forum will yield some threads that can help you in configuring it.

Several threads have suggested that ZoneAlarm does not play well with Win 7 and causes BSOD's.

An then there's the option of a pay for security suite, like Norton 360, which has it's own firewall.

 

[Maxxwire]

There are some software installed on my computer which are silently accessing the internet. This situation makes me worried about my security and privacy.

Any suggestion will be appreciated.

You're right this is a potentially serious problem, but there is a simple solution and that is to install the Comodo Firewall and set it to 'Custom Policy" Mode and it will not only stop all of the programs you have set it to prevent from accessing the internet, but it will also alert you each and every time any program which you have not given permission attempts to access the internet and then you can instruct the Comodo Firewall how to proceed.

I am constantly surprised at the number of programs that try to access the internet. Comodo recently caught a new program that I had instslled trying to contact 2 different IP numbers each time it was started, but with a couple of clicks to Block their internet access Comodo will never let them access the internet. Nearly every new program I install wants to phone home during the installation and even plugging in or unplugging a USB device can prompt a call to Redmond and I just don't see why they need to know about it so I have the Comodo Firewall see that newdev.dll's phone home privileges are perminently suspended.

BTW all of this has nothing to do with Comodo Proactive Defense+ which controls which programs are allowed to access elevated privileges and can provide excellent protection with few pop-ups when set up correctly unless several new programs are installed every day which will create new pop-ups but once Defense+ has its orders it quietly carries out your instructions.

~Maxx~

 

[Jacee]

Nearly every new program I install wants to phone home during the installation and even plugging in or unplugging a USB device can prompt a call to Redmond

@ Maxxwire, are you talking about "Software Protection" in services?

 

[Maxxwire]

Nearly every new program I install wants to phone home during the installation and even plugging in or unplugging a USB device can prompt a call to Redmond

@ Maxxwire, are you talking about "Software Protection" in services?

No, I was referring to how the Comodo Firewall when set in Custom Policy Mode will prevent any unauthorized access to the internet as when these 2 Piriform programs tried to 'phone home' during the installation process. As can be seen they were both trying to call the same number without success...

~Maxx~

 

[Jacee]

Oh, I see .... yeah, Avira Firewall pops up too to ask allow or deny.

 

[EchoX860]

How did you get your Comodo Purple? mine's black

 

[hkBattousai]

Oh, I see .... yeah, Avira Firewall pops up too to ask allow or deny.

Me too, want purple! It is lovely

 

[Tepid]

Nearly every new program I install wants to phone home during the installation and even plugging in or unplugging a USB device can prompt a call to Redmond

@ Maxxwire, are you talking about "Software Protection" in services?

No, I was referring to how the Comodo Firewall when set in Custom Policy Mode will prevent any unauthorized access to the internet as when these 2 Piriform programs tried to 'phone home' during the installation process. As can be seen they were both trying to call the same number without success...

~Maxx~

Please keep in mind that a lot of these programs are not phoning home as a means of tracking your usage.

as shown above, they are simply doing a check for the latest version of the software. You can easily go into settings and tell it not to check.

Not everything is a threat.

 

[Maxxwire]

Not everything is a threat.

The definition of Spyware is any program that tries to pass information to the internet without the computer operator's express permission. Now you're telling us that in your definition some Spyware is benign? Could you please show us your list of approved Spyware along with documented proof that its information gathering is not a threat?

I always instruct every program I install not to phone home for updates or for any other reason so please show us in exacting detail how you tell exactly packet for packet what these programs are communicating that makes you 100% sure that no personal information is being transmitted by these scores of programs that phone home without prior authorization many of which call even before they are installed or are you just using a 'hoping for the best' computer security strategy???

~Maxx~

 

[whs]

You never said which AV program you are running. E.g in my NIS2011 I can make the same settings as in Commodo. Maybe you want to check with your AV program. Then you would not have to install another piece of software.

 

[Maxxwire]

How did you get your Comodo Purple? mine's black

The Mindlessmissy themes for Comodo and instructions are in This Thread, but you will have to dig around to find the download link for the .zip file that used to be on the first page of the thread.

~Maxx~

 

[Maxxwire]

You never said which AV program you are running. E.g in my NIS2011 I can make the same settings as in Commodo. Maybe you want to check with your AV program. Then you would not have to install another piece of software.

I literally run things as simple as possible and for me that means no cumbersome blacklist Antivirus program because by the time it reacts the computer is already infected. Two years ago I replaced my Antivirus with Sandboxie which prevents infection rather than telling me my computer is already infected.

Ever since then an ounce of Sandboxie prevention has been worth a pound of Antivirus cure! With Norton 2009 AV I had 3 infections in less than 1 year while Sandboxie has kept both of my computers 100% clean for almost 2 years!

~Maxx~

PS- Comodo is spelled with only 1 m.

 

[whs]

I got rid of Sandboxie long time ago. Too inconvenient. I rather do frequent images - just in case. And NIS2011 has done a pretty decent job - up to now. I guess everybody has their own ways.

 

[I be he]

Not everything is a threat.

The definition of Spyware is any program that tries to pass information to the internet without the computer operator's express permission. Now you're telling us that in your definition some Spyware is benign? Could you please show us your list of approved Spyware along with documented proof that its information gathering is not a threat?

I always instruct every program I install not to phone home for updates or for any other reason so please show us in exacting detail how you tell exactly packet for packet what these programs are communicating that makes you 100% sure that no personal information is being transmitted by these scores of programs that phone home without prior authorization many of which call even before they are installed or are you just using a 'hoping for the best' computer security strategy???

~Maxx~

Im no king maker, but you winI am about as brainless as it gets when it comes to computers, but this even i get, and dont or cant understand why so many others that have mucho more computer smarts then i try to make a case against it.:shock: Most A/V's are there to tell you when you get infected.:shock:

 

[I be he]

I got rid of Sandboxie long time ago. Too inconvenient. I rather do frequent images - just in case. And NIS2011 has done a pretty decent job - up to now. I guess everybody has their own ways.

Pretty decent? Have you had something get through? Ive heard NIS 2011 was as good as it gets for complete A/V suites. Please share.

 

[Maxxwire]

I got rid of Sandboxie long time ago. Too inconvenient. I rather do frequent images - just in case.

I have taken the time to learn how to use Sandboxie and I feel it has been worth it because I haven't had a single Malware detection on either of my computers since I started using it.

As far as frequent Windows partition imaging goes Macruim Reflect has saved my computer from more dangerous situations than I care to count! As an example after I found that Windows 7 SP1 had a critical bug I didn't even think about uninstalling it, but rather turned to the Macruim Reflect Image that I made just before installing SP1 and within 10 minutes the computer was back to running good ol' Win 7 RTM once again proving that Image restoration is the ultimate cure!

~Maxx~

 

[whs]

I got rid of Sandboxie long time ago. Too inconvenient. I rather do frequent images - just in case. And NIS2011 has done a pretty decent job - up to now. I guess everybody has their own ways.

Pretty decent? Have you had something get through? Ive heard NIS 2011 was as good as it gets for complete A/V suites. Please share.

On my my 3 main systems, I always used NIS. Never had a problem. On my other 3 systems I have experimented with MSE, McAfee and others. MSE was the only one that let 2 Trojans thru. But that could have been just bad luck.

I rely more on my images than on the AV programs. That always allows me to bail myself out.