Home My
Programs Freeware Game
Maker Articles Links Misc Contact
Freeware Menu >> Firewalls
Comodo Firewall Pro
I normally use ZoneAlarm, probably the most popular and
well known firewall, but now it has a challenger in
Comodo Firewall Pro.
Installation of Comodo is very quick and straightforward,
at one point you are asked for an email address for
registration and to sign up for news about Comodo
products, ignore this unless you like receiving junk mail!
You can choose between automatic and manual configuration,
I would stick with automatic and let Comodo sort itself
out. After a quick restart your new firewall is up and
running.
Comodo has a very good help file,
which I would advise reading after installation, but if
you don't like wading through help files, it probably
wont matter, as the default settings are excellent and
you are protected automatically.
Like ZoneAlarm, Comodo "learns" as you use the
computer. As each new internet application (a browser for
example) is started, Comodo will give an alert, asking if
you wish to allow or block the applications access to the
internet. If it is software you use on a regular basis,
you should check the box to remember your answer, then
you wont be asked again.
The alerts are more detailed than with ZoneAlarm, giving
more information about the application trying to access
the internet and Comodos opinion on how much of a
security risk the application represents.
Once Comodo has "learnt" about all of your
internet applications, you shouldn't see an alert, unless
you install new sofware, your current software is updated,
or if a trojan, or spyware, tries to "phone home".
I've been running Comodo for over a week now and it has
been very well behaved and I haven't noticed any
difference to my connection speed. The system tray icon
has a animated graphic to show internet traffic, it isn't
quite as nice as the ZoneAlarm graphic, but it does at
least show that it's working. Like Zonealarm you can stop
all internet traffic, by right clicking on the tray icon
and selecting "block all", which is useful if
something untoward appears to be happening.
The main interface does initially appear to be quite busy,
but it is actually well laid out and straightforward. The
most important item is the Protection Strength graphic in
the center of the window, which should have four green
bars and read "excellent".
Unless you are a firewall expert and are keen to set your
own rules and permissions, you should just let Comodo
handle everything. I turned off the automatic program
updates, until I find out how big they are (always a
problem on dialup), but apart from that, I stuck with the
default settings.
I tested Comodo using the Shields Up test at http://www.grc.com and the PCFlank stealth test at http://www.pcflank.com/scanner1s.htm . These tests probe your computers ports to
see if they can gain unfettered access. The firewall
should close the ports and ideally shouldn't respond to
any external queries, which prevents a hacker knowing
that your computer ports exist, this is called stealth.
Comodo achieved a perfect score with both tests, with a
fully stealthed result.
I then tested Comodo against a variety of leak tests,
these check to see if a firewall can stop malicious
outgoing programs, such as a trojan. The trojan would
already be on your computer and have collected your
passwords, banking details etc and now be trying to send
the information back to its owner.
No firewall ever blocks all leak tests, but Comodo did
very well, blocking about 75%, which is far better than
any other firewall I have tested. It also showed very
useful information about the attacks, even when they were
using another application (IE for example) to try and
sneak out.
Overall I was very impressed by Comodo it's easy to
install and use, appears to give a very good level of
protection, isn't too heavy on system resources and the
download is a modest 7.6MB. Now that the test is over I
wont bother to swap back to ZoneAlarm, which I suppose is
the best recommendation that I can give.
Freeware -- Download size 7.6MB -- Win 2000,XP
http://www.personalfirewall.comodo.com/
Note: Under the Computer Security Level section
of the main interface, is the option to test your current
security configuration. I wouldn't bother, as you have to
jump through hoops signing up and receiving emails etc,
before you can be tested. Grc.com, or PCFlank are much
simpler to access for tests.
PC Tools Firewall Plus.
The problem with the majority of freeware firewalls, is
that they are too complex for most of us mere mortals,
you start them up and they give you an alert like "VPN
client connection -- would you like to create a rule for
this action?", after studying the help file, you
give up, uninstall it and go back to using Windows own
firewall.
Fortunately PC Tools Firewall Plus is very easy to use.
After installation the attractive main page displays a
button with "firewall protection is ON",
showing that you are protected.
The firewall automatically
recognises known windows applications and you will be
asked if you want to allow (or block) access to the
internet, for other programs.
The only setting I altered, was to switch off the
automatic program updates, as being on dialup, background
updates can slow your connection to a crawl. I did
manually update, using Smart Update and the process was
quick and simple, giving you the choice of which updates
you accepted.
The Advanced Rules section, allows the more technically
minded amongst us to manually edit the firewalls rules,
but thankfully the rest of us can ignore that section.
In use I found Firewall Plus to be very well behaved and
the occasional alert about a new application is easy to
understand. The internet traffic is shown with a little
animation in the System Tray, similar to Zonealarm.
I tested the firewall against incoming threats, with the Shields Up
test, it did pretty well, all the ports were closed and
stealthed, except for ports 1024 to 1055, which were
closed, but not stealthed. Ideally all the ports would be
stealthed, this prevents any possible hacker from knowing
that the port is present, but being closed is good enough
and prevents attacks.
I also tested Firewall Plus against attacks from within,
that is when a malicious program that you may have
unwittingly installed, attempts to "phone home",
with your personal information (passwords etc).
It did reasonably well, blocking about half the attacks,
which is about the same as Zonealarm and significantly
better than XPs own firewall, which doesn't block
outgoing traffic.
Note: Blocking outgoing traffic is more difficult
than blocking incoming traffic and no firewall protects
100% from this type of attack.
A simple but adequate help file is provided. Confusingly
the program is described as a fully functional 30 day
trial, but it is freeware and you can register for free.
Use a temporary email address such as the Ten Minute Mail, to avoid junk mail.
I was quite impressed with Firewall Plus, it's so simple
to use and provides a reasonable level of protection,
with no hassle.
Freeware -- Download size 4.44Mb -- Win Vista, XP, 2000,
Server 2003
http://www.pctools.com/firewall/
ZoneAlarm.
Probably the most famous firewall available, I have used it for several years
and have found it to be very reliable, it is also very
easy to setup and use, unlike most other firewalls.
The system tray icon shows the internet traffic to and
from your computer so that you can see if something
strange is happening, ie lots of traffic when your not
doing anything.
When I first started using Zonealarm I used to leave the
alert message system on, (This showed an alert on your
desktop, if your firewall was probed.) but in the last
few years the amount of alerts has risen enormously,
particularly during the last big XP virus infection, when
alerts were coming every 30 seconds. So now I leave the
alert messages off confident that Zonealarm is doing it
job in the background.
You do hear of a few people having problems uninstalling
Zonealarm. I have never had any trouble, but it is
important to turn it completely off before uninstalling
and if installing a new version I would recommend a clean
install.
If like myself you have a dialup connection you do not
need to run your firewall when offline, this can be
useful if you have a slower computer. But to be safe
unplug your phone line when offline, this will prevent a
malicious program dialing up in the background.
It is important when choosing a firewall to check that it
controls outgoing traffic as well as incoming traffic,
this helps prevent malicious programs from connecting to
the internet and transmitting your private data.
You should only run one firewall, if you are using XP,
turn off Windows own firewall, before using ZoneAlarm.
Note: I have noticed of
late, that Zonelabs tend to hide the free version of Zone
Alarm, but if you search the site, it is there. (I think
they are trying to encourage you to buy the paid for
version !!!)
http://www.zonelabs.com
Note:
The latest versions of ZoneAlarm only work
with Win 2000 and XP, but earlier versions that work with
Win 98SE/Me/2000 and XP are available from the link below.
Additional
information:
The latest versions of Zonealarm are quite substantial
pieces of software, which may slow older computers, but
older stable versions of Zonealarm, ( I use version 5.5.094.000,
which is stable and runs well on Win98se and XP.) can be
downloaded from:
http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html
Note:
Updating your
firewall with every new release is not necessary, just
use the Shields Up test (See below) occasionally, to
check you are still protected.
Testing
your firewall.
Now
that you have your firewall installed why not test it to
see if its protecting you, go along to grc.com and try their Shields Up! security test to
see if you are protected, ideally your test results
should show a 100% stealth mode.
You can also try another product from grc, Leak Test,
this is a small (25k) program that will try to penetrate
your firewall from within, just run it and read the
instructions carefully.
This program does not require installing, simply unzip it
and click on the exe to run.
Leak Test v1.2
Home
|