XP Pro x64 compatible firewall?

[hypn0tik]

I just installed XP Pro x64 on my brand new computer that I built last night and it wouldn't let me install Zone Alarm. Are there any firewalls that are compatible with this OS?

My apologizes if this question has been asked previously. I searched for it and could not find anything.

 

[stash]

Windows Firewall.

 

[ProviaFan]

Originally posted by: STaSh
Windows Firewall.

Which doesn't have any big problems, except that it won't stop programs from getting out, only from receiving incoming requests. Potential feature request for next version?

 

[hypn0tik]

Hmmmm, ok.

Has anyone tried installing Norton Anti Virus on it?

 

[stash]

Which doesn't have any big problems, except that it won't stop programs from getting out, only from receiving incoming requests. Potential feature request for next version?

I doubt it. Not doing outbound filtering was a conscious decision by the product team, which I have discussed many times. I don't want to derail this thread, but essentially it comes down to the first Immutable Law of Security: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.

 

[dawks]

Originally posted by: STaSh

Which doesn't have any big problems, except that it won't stop programs from getting out, only from receiving incoming requests. Potential feature request for next version?

I doubt it. Not doing outbound filtering was a conscious decision by the product team, which I have discussed many times. I don't want to derail this thread, but essentially it comes down to the first Immutable Law of Security: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.

Pretty much.. If you have to worry about blocking a program from sending outgoing requests, you have to worry about that same program being able to simply shutdown the firewall.


The Windows Firewall is more then enough for 90% of home users.

 

[TGS]

Originally posted by: STaSh

I doubt it. Not doing outbound filtering was a conscious decision by the product team, which I have discussed many times. I don't want to derail this thread, but essentially it comes down to the first Immutable Law of Security: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.

Is this what Bill Gates is thinking when people install Longhorn?

 

[sourceninja]

If your really worried about outbound requires, it needs to be done off pc. On PC firewalls are a joke in terms of outbound security. They may do good for blocking inbound, but any program with admin access in windows can and will do whatever it wants. It could hook into the tcp stack in front of the firewall, it could shutdown the firewall, it could simply hide itself inside a svchost so you just ok it thinking its part of windows. Or it could plugin to IE and hide tha tway. If you want security, get a router/firewall with some IDS on it, and audit the logs now and then. Plus you wont have to worry about constant annoyances of pop ups asking you to approve this app.

Plus, if you have to worry about getting malware on your pc, perhaps you should look into your pc usage habbits and how you could improve them to prevent the installation in the first place. My wife's pc has never gotten a virus, or a peice of spwyare. This is because every program she uses is approved, trusted, and researched. And if it is suspect, it will be installed inside a virtual pc and checked to make sure it doesn't do any harm. I'm not saying you have to be that extreme, but you could just not run mail attachments, scan everything with a virus scanner, and use good spyware protection. Plus when going to websites, use firefox coupled with noscript and adblock and only allow javascript on a site by site basis. Proactive solutions are much better then reactive.

 

[ProviaFan]

I'm just anal about wanting to know what programs are doing, and when... A seemingly trustworthy app (no, not kazaa) was caught trying to "phone home" one time. Sounds like an IDS is about as good as it gets for feeding this kind of habit, then.

 

[sourceninja]

I suggest if you have a spare box doing nothing to try out ipcop. Its got a great web based gui. Supports snort rules for ids, and can show you every connection on your network. Stick that up and use ethereal on the network and you can see anything and everything that happens on your network. And for minimal amount of work at that. Plus you get bandwith shaping, firewall, dns cache, proxy cache and a whole bunch of other stuff if you want it.

 

[ProviaFan]

Sounds great; thanks. :thumbsup:

 

[stash]

Agreed. If you want to find out if an app is phoning home, a host-based firewall is not the way to do it.

 

[dwcal]

Do you have an Nforce4? The NVIDIA firewall installed fine on x64, but I haven't tested it out very much.

 

[sourceninja]

When I tested win64 i found the nforce4 firewall to give me weird issues I couldn't track down. I would for example open 6881 for bittorrent and 1 torrent would start fine, but then I would get errors with sockets on any new torrents i tried to open. (so I could only run one torrent at a time). Plus other weird networking issues. I dont think the nforce drivers for x64 have matured yet.

 

[hypn0tik]

Yes. I have nForce4. In fact, I have nForce4 Ultra so would that make much of a difference? I doubt it but I thought I might as well ask.

So you guys suggest sticking with the Windows Firewall or should I just say screw it and go back to using the 32-bit version of XP Pro for the time being till the x64 version becomes more mainstream?

 

[dwcal]

Never mind about Nvidia firewall. What a POS. I formatted x64 to install 32 bit XP SP2. On a fresh install of Forceware 6.66 with Nvidia firewall enabled, it slowed my network to 150KB/s and downloaded files were corrupt (getting updates from Microsoft). After disabling the firewall, transfer rates went back up and downloads were fine.

 

[ModemMix]

i know this is an old thread, but i just started using bitdefender 9 prefesional plus, it has antivirus and firewall in one package, and im as happy with it if not happier then i was with zone alarm.

Ill be even happier when Kaspersky gets a working beta if KIS 2006 out.

 

[Schadenfroh]

Please see Section F of the Consolidated Security Thread.

It has a section about x64 firewalls.

 

[REMF]

Originally posted by: dwcal
Never mind about Nvidia firewall. What a POS. I formatted x64 to install 32 bit XP SP2. On a fresh install of Forceware 6.66 with Nvidia firewall enabled, it slowed my network to 150KB/s and downloaded files were corrupt (getting updates from Microsoft). After disabling the firewall, transfer rates went back up and downloads were fine.

disconcurs.

works fantastically for me.

 

[Schadenfroh]

Originally posted by: REMF

Originally posted by: dwcal
Never mind about Nvidia firewall. What a POS. I formatted x64 to install 32 bit XP SP2. On a fresh install of Forceware 6.66 with Nvidia firewall enabled, it slowed my network to 150KB/s and downloaded files were corrupt (getting updates from Microsoft). After disabling the firewall, transfer rates went back up and downloads were fine.

disconcurs.

works fantastically for me.

same here

 

[SUOrangeman]

FYI, Schadenfroh, the link in your post (two or three up) is bad, but it is good in your sig.

Before my Shuttle's PSU bit the dust last week, I had dumped nVidia's firewall (ActiveArmor and such) in favor of Tiny Firewall Pro 64. I had been using Kerio's firewall for the longest time with 32-bit Windows and had grown quite accustomed to its way of doing things. I just couldn't comfortably adjust to nVidia's solution to the same level.

 

[13Gigatons]

Originally posted by: ModemMix
i know this is an old thread, but i just started using bitdefender 9 prefesional plus, it has antivirus and firewall in one package, and im as happy with it if not happier then i was with zone alarm.

Ill be even happier when Kaspersky gets a working beta if KIS 2006 out.

It's been out for awhile: http://fileforum.betanews.com/detail/Ka...ky_Internet_Security_2006/1110196590/1

 

[Schadenfroh]

Originally posted by: SUOrangeman
FYI, Schadenfroh, the link in your post (two or three up) is bad, but it is good in your sig.

fixed, thanks

 

[bsobel]

Originally posted by: STaSh

Which doesn't have any big problems, except that it won't stop programs from getting out, only from receiving incoming requests. Potential feature request for next version?

I doubt it. Not doing outbound filtering was a conscious decision by the product team, which I have discussed many times. I don't want to derail this thread, but essentially it comes down to the first Immutable Law of Security: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore.

Stash, the LongHorn firewall is to block outgoing traffic as well....

 

[stash]

I know. We had a rather...lively debate about it on some internal email aliases. The net is that is it is not designed as a spyware, virus, etc deterrent, but rather as a way for network administrators to further control what services clients use. Again, it is not intended to be protection against malware, and I hope to hell they don't market it as such. It would be a huge disservice to our customers.

The original documentation in Beta1 touted it as a malware prevention device, but I think I managed to show them the light on that.