Recommend a firewall

Just got a new system - Win7 w/ 64 Pro.

Since rocks were formed, I've been using ZoneAlarm. But before buying a new ver, I would like to know if there is anything better nowadays.

I am not only concerned about incoming, but also outbound phone homes.

(Free would be a nice plus )

I use Comodo on the same OS, works great for me..

Has Zonealarm ever failed you ? If not, why switch.

btw. I use Zonealarm.

digirebelva wrote in post #11666964
I use Comodo on the same OS, works great for me..

I'll take a look. However, I did the obligatory search before posting and found a few comments here on POTN about comodo trashing.

bohdank wrote in post #11667203
Has Zonealarm ever failed you ? If not, why switch.

btw. I use Zonealarm.

Nope, it hasn't. Always served me pretty darn well, in fact. Guess I was hoping on something free.

Windows 7's built in Firewall is pretty powerful.

Built in firewall, unless you're paranoid, then Comodo and stay in learning mode even if it wants to go to Safe Mode.

The built in firewall only protects agiangt incoming threats, if something has already gotten in, it wont alert you to a rouge program trying to connect out from inside.

digirebelva wrote in post #11668368
The built in firewall only protects agiangt incoming threats, if something has already gotten in, it wont alert you to a rouge program trying to connect out from inside.

ERR.. No

Win7 has two parts to the firewall.

1. it blocks all network traffic unless it is within the allowed list. Both in and out.
2. as it's a system level app. even trying to make a change to it is under the sysadmin privilege so it brings up a dialog asking if you allow a change.

but the best form of firewall is using your own brain and not downloading and running programs that you don't know are safe. It's the free junk and pirate software roaming around on the internet that cause problems. If you just use clean software then you don't need to worry about Trojan apps.

Matt.

So if a legitimate program wants to call home Win7 firewall is going to alert me? If so thats a major upgrade from past versions. which is good.

"If you just use clean software then you don't need to worry about Trojan "
Ever hear of a driveby infection through the browser..no action on your part needed..had it happen once...came through port 80 from an infected news site...fun stuff

digirebelva wrote in post #11669108
So if a legitimate program wants to call home Win7 firewall is going to alert me? If so thats a major upgrade from past versions. which is good.

"If you just use clean software then you don't need to worry about Trojan "
Ever hear of a driveby infection through the browser..no action on your part needed..had it happen once...came through port 80 from an infected news site...fun stuff

No, Windows 7 will not block 'call home' software that is signed (via legitimate third party or Microsoft). Windows 7 will warn you about unsigned [Usually older] software if you try to install it - in which case, if it does want internet access, Windows 7 will ask you if you wish to allow it through. It isn't the safest methodology, but it's far less intrusive than more professional software/hardware which wants to make rules about every type of port activity (common end users would be ripping their hair out ).

Also, most firewalls will not block anything coming over port 80 (or 8080) because it doesn't know good from bad - all it knows is port, yes and no. Your antivirus software should be scanning open ports for bad data (that isn't encrypted). Many AV packages now include web, email and other common ports for malware.

Windows 7 now comes with multiple layers of protection, most of which are beyond the scope of this thread. However, the key thing is that it knows the difference (if you answered correctly during setup) what type of network you're on and how much security to enable. If you are paranoid, go with Public Network vs Home. It will close off many common ports and enact rules that will prevent the majority of threats that exist out there. Doing so will involve some tweaking if you use things like torrent downloaders, some games that use odd ports and perhaps an app or two. Enabling Public will also kill many network functions of which you'll have to enable yourself later.

Like I said, get Comodo if you want a more advanced firewall. It's overkill really, but if you share large networks (colleges for instance) and know what you're doing (getting Windows services to work through a firewall if you do exist on a large network), then go for it. For me, ZoneAlarm is a bit twitchy. It's a PITA if you want to use some software packages or you have third party software that wants access to the TCP/IP stack.

I use ZoneAlarm - nice easy interface to control exactly which programs can do what.

I haven't tried to do it myself, but I've read that it's more cumbersome to set up Windows 7 firewall to control outbound controls.

If you only want the Firewall version without anything else, the ZoneAlarm firewall is still free:

http://www.zonealarm.c​om …ecurity-free-firewall.htm

Win 7 firewall is good enough for me.

How about Bit Defender? Anybody use it? I just read a review that sounded really good. (Unfortunately, it sounded so good it read like a sales flyer, but who knows.)

AVG?

I just switched from Zone Alarm to ESET Smart Security 4. Was on sale at my local Best Buy.