best firewall for windows 7 ?

[Tech_Support]

I was reading through this thread randomly.

Windows Firewall alone.... lets just go ahead and let the scriptkiddies go ahead and walk in

*note "scriptkiddy" refers to someone using hacking tools with no clue how they work or how to code there own exploits

It is true that you do not need to get some big expensive program to secure your system, I vote DO NOT fuel the software giants

there are many free firewalls that in security penetration test are alot better than the main stream firewalls and "Windows Firewall" please excuse my crudeness really sucks.

of 10 levels of protection testing windows firewall made it to level2 meaning it is easily compromised and taken over via metesploit framework by a scriptkiddy

securing open ports is a good start make strong passwords on your routers and your operating system

at least 11 characters long consisting of capital and lower case letters as well as numbers.

here is an example of a password I previously used

7Hek62je0In

you can make it easier by using combination's of things such as names and birthdays using capital and lower case or look on google for a L337 translator to generate a password you can memorize

this is leet translate

7HIz IZ L337 7R4n5l473d

in fact I suggest uninstalling windows alltogather and moving on to a free open source lynx

believe it or not alot of distros are similar to mac and widows in simplicity though many don't have the automated install process of windows

that means opening up command shell and typing apt-get install its not rocket science just not of the "normal" windows process and takes a little getting use to.

I want you all to understand most linux distros are absolutly free and backed by large communities of programmers.

like windows there is much effort done to secure these operating systems make them user friendy.

concerned about internet worms and viruses that you get on windows... Go and Google worms and viruses on a unix based operating system. lets see what you really find.

windows is just a pretty candy coated scam to make money they could offer the windows program for free and make plenty of money. they are a greedy software giant.

If you want a good security setup and want to spend a little time researching and learning run linux as a security server with windows in a virtual machine connecting trough your linux server on the same machine ^^

also if you would like to test linux and learn about it hands on use a virtual machine to install it and you can run linux from within windows.

there are 3 pc's and a laptop here

1 has xp sp3

1 has windows server 2008 sp2

1 has Backtrack4 with many various os's through virtual machine

and the laptop has windows 7 7600

If you want a more secure windows you should look into getting server 2008 sp2 and using it as a workstation

of all these the most secure without 3rd party security add ons is in this order

Bactrack4 linux

windows server 2008 sp2

windows 7

xp sp3

with a linux security server connection and running a virtual machine there is no difference in the change of the windows based operating systems security to make one different from the other.

you have to stop and think why does windows have so many problems, its almost like they need new viruses and worms to sell you more security products...... I mean common people wake up and smell the coffee your being scammed

the big difference in windows vrs Linux is for gamers and you can install a virtual machine with a p1RAt3D version of window$ or use wine to run alot of them.

ok my rant is over.

I can only hope I have helped at least someone.

[kurdtpage]

THANK YOU!!! Finally someone with some sense around here!

The firewall that is included in Windows 7 is useless. Anybody can write a small applet that can connect to the internet and can transfer packets to and from your computer over various ports and protocols. Whats the point of a firewall that doesnt stop this?!

The purpose of a firewall is twofold: 1. Allow authorized traffic; 2. Block unwanted traffic.

Windows firewall does the first very well. It allows access to pretty much everything. It doesnt do the second thing at all.

Try this: Go into advanced settings (Control Panel > Firewall). Block outbound traffic, then run your favorite internet browser (or just use Internet Explorer if you're an idiot). You will notice that not only can you not connect to anything but there were no notifications telling you that the program was blocked. The very LEAST that Microsoft could do was make a small popup telling you that it was blocked, maybe even going as far as to have an option to unblock? But nooo....

If you swear by the standard firewall then you are asking for trouble. And saying "I just dont go to malicious sites" is like saying "I never drive above 25mph because then I'm guaranteed not to be involved in any car crashes". It's stupid and naive.

And thinking to yourself "Theres no personal information on my computer that a hacker would want, so I won't bother with Firewalls or anti-virus programs" is also stupid.

You people are the reason viruses, trojans, and the like are so pervasive on the internet.

[M.F.D.K]

better check your firewall because i can guarantee it does not work

I don't know about you mate, but COMODO Internet Security works just fine on four of my family machines, not through Compatibility Troubleshooter or anything like that. Its even stated on their website that it supports Windows 7 both 32bit and 64bit.

[MikeChipshop Member]

The purpose of a firewall is twofold: 1. Allow authorized traffic; 2. Block unwanted traffic.

...aren't they the same thing?

[kurdtpage]

A firewall normally treats them as the same. A GOOD firewall should treat those 2 things differently.

I decided to install PC Tools firewall (loving it) and it had a spyware scanner in it. Heres a screenshot of my week-old system:

http://krud.no-ip.org/sshot.jpg

Spyware/viruses/trojans and the like can and WILL infect your computer just by being on the internet! You should all invest in a good firewall and anti-virus software. At the very least get some third party free ones (like me, cos I'm cheap lol)

[boogerjones]

A firewall normally treats them as the same. A GOOD firewall should treat those 2 things differently.

I decided to install PC Tools firewall (loving it) and it had a spyware scanner in it. Heres a screenshot of my week-old system:

http://krud.no-ip.org/sshot.jpg

Spyware/viruses/trojans and the like can and WILL infect your computer just by being on the internet! You should all invest in a good firewall and anti-virus software. At the very least get some third party free ones (like me, cos I'm cheap lol)

You're not just cheap, you're an idiot. Show me an "applet" that bypasses the Windows firewall :rolleyes: . The built-in firewall is just fine. If your week-old system is getting infected with malware, it means you're an uninformed computer user who executes untrusted files. People like you shouldn't have internet access.

The built-in firewall in Windows 7 has inbound and outbound filtering with both whitelisting and blacklisting. It has program-based rules, port-based rules, protocol-based rules, network interface-based rules, IPSEC-based rules, ip address-based rules, and any combination of the above. Blocking rules take priority over allow rules by default. Yes, you have to use the "Windows Firewall with Advanced Security" interface in order to access the outbound filtering and advanced options, but it works just fine. And it can be configured with the built-in MMC interface, group policy, PowerShell, or any programming language that can utilize the Windows API.

The ONLY thing I agree with you on is that there should be an option to enable notifications when the firewall blocks an outbound connection. The reason MS doesn't do it by default is because it would be too annoying for the average user.

One advantage of the internet is that it gives lots of people a public voice. One disadvantage is that we have to put up with people like you spreading all kinds of misinformation.

Edited November 18, 2009 by boogerjones

[boogerjones]

If you swear by the standard firewall then you are asking for trouble. And saying "I just dont go to malicious sites" is like saying "I never drive above 25mph because then I'm guaranteed not to be involved in any car crashes". It's stupid and naive.

And thinking to yourself "Theres no personal information on my computer that a hacker would want, so I won't bother with Firewalls or anti-virus programs" is also stupid.

You people are the reason viruses, trojans, and the like are so pervasive on the internet.

Wow. I feel compelled to respond to this, too. I'm stupid and naive? I'm the reason that malware is pervasive on the web? No, it's people like you; people who don't understand the very words coming out of their mouths.

The firewall that is included in Windows 7 is useless. Anybody can write a small applet that can connect to the internet and can transfer packets to and from your computer over various ports and protocols. Whats the point of a firewall that doesnt stop this?!

Again, the built-in firewall in Windows 7 works fine. When properly configured, it will block any packets you don't want.

The purpose of a firewall is twofold: 1. Allow authorized traffic; 2. Block unwanted traffic.

The built-in firewall does both of those things quite easily. At this point, I'm really not sure what the hell you're talking about anymore.

[laptop]

The built in firewall is enough for most people.

i think you are right i am not using any other software special for it.

[kurdtpage]

Show me an "applet" that bypasses the Windows firewall :rolleyes: .

Go to http://www.grc.com and search for a program called LeakTest. It is specially designed to test firewalls on windows systems.

While you are there, check out ShieldsUp! which is a more detailed version, it probes more ports. Click on All service ports

The built-in firewall in Windows 7 has inbound and outbound filtering with both whitelisting and blacklisting. It has program-based rules, port-based rules, protocol-based rules, network interface-based rules, IPSEC-based rules, ip address-based rules, and any combination of the above, blah blah ###### ######

Then please explain why internet traffic (TCP packets) can so easily penetrate the firewall?

And it can be configured with the built-in MMC interface, group policy, PowerShell, or any programming language that can utilize the Windows API.

Lets say I'm a hacker and a programmer (pretty common these days). Can I write a small program that uses the API to modify firewall settings and open up a pathway to my malicious site? At the moment, probably no. But give it a month and the new Windows 7 firewall will be just as useless as the Windows XP one.

I cant back this up, so you'll just have to take my word for it but I heard that Toms hardware did a test with a fresh copy of Windows XP SP3, hooked it up the the internet and waited. They did NOT visit any websites whatsoever. After 24 hours the computer had 7 viruses. Explain that.

One example of API use is MySQL. Have you ever needed to install it on a server machine? There is an option box that you can tick that states "open up a port in the windows firewall". If MySQL can do this, why cant a malicious program. And the malicious program wouldnt be asking for permission either!

One advantage of the internet is that it gives lots of people a public voice.

I agree 100%. But how am I spreading misinformation? I am trying to explain the facts.

In your previous post you said that it is actually ME thats causing an increase in internet threats because I dont understand the words coming out of my mouth?

Please explain this. I am very interested in data that is coming in and out of my computer and I monitor it closely. I believe that I have a good understanding of network security. Please correct me if I am wrong about any of these.... And I mean detailed explanations and examples. Feel free to PM me if you like.

At this point, I'm really not sure what the hell you're talking about anymore.

Maybe you need to take some reading classes?

[JeanGrey]

im using Kaspersky but dont think its the best.

[Nick Sheldon]

Look'N'Stop working great here :)

Look'N'Stop working great here :)