Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Software for Controlling Outgoing Packets?

Posted by Cliff on from the when-firewalls-are-overkill dept.

non carborundum asks: "When using Windows I use Zonealarm because I like its ability to control outgoing packets. It's a good way to find out if some program is trying to call home. Zonealarm is much better than nothing, but 1 prefer open source solutions. Besides, it is overkill - I don't use it as a firewall, since I have a router, and it uses several megabytes of RAM. Better still would be a reverse honeypot - an app that catches outgoing requests, tests them against a database of known offending addresses and/or ports, and (optionally) tricks the offending application into thinking it has successfully phoned home. XP users in particular might be interested in such a tool."

6 of 51 comments (clear)

  1. Try Tiny Personal Firewall. by Conspiracy+FACT · · Score: 5, Informative

    TPF is great packet sniffing software. It allows you to determine which apps are allowed to receive incoming TCP connections, or make outgoing TCP connections, or receive incoming UDP connections... and which ones aren't. It also allows you to stop Net BIOS name resolution as well as other neat stuff. It gives you much more control then Zone Alarm does. Really a great piece of software.

    TPF used to be freeware. You can pick up the shareware version here. You can still find the old freeware version (which I use) here.

    For the record, I use both Zone Alarm and Tiny Personal Firewall.

    --


    $SIG{__DIE__};
  2. Kerio Personal Firewall by Lawrence+Ho · · Score: 4, Informative

    Kerio Personal Firewall

    It's simple and gets the job done. Rules can be set to allow or block incoming and outgoing TCP/UDP traffic. It verifies the MD5 of the applications. Also eats several megabytes of RAM though...

  3. The best article on the subject by phaze3000 · · Score: 5, Informative

    http://www.samspade.org/d/firewalls.html I agree with pretty much everything the article says..

    --
    Blaming GW Bush for the Iraq war is like blaming Ronald McDonald for the poor quality of food.
  4. Re:These packages make your windows instable by borgboy · · Score: 4, Funny

    I have several products like than installed on my WinXP .554.lin machine and I ha43n34 noticed any degradatiosafdjhbsf of my TCP/IP stack. So ,8-9,-09u off the FUD, eh? %

    --
    meh.
  5. Re:Router? by Asprin · · Score: 4, Interesting


    In all due fairness (and with an extra heaping helping of nitpick on the side), none of the products (ZA, BlackIce, TPF, firmware *shudder* "routers") is a firewall. A firewall is an entirely different animal. Look, I have a "router" myself, and I love it - but it's not a router and it's not a firewall, it's a NAT device. It does NAT and proxies a few services if needed, but it doesn't do the same things routers and firewalls do. I know *why* we've started calling them routers, but that doesn't diminish the fact that the language is being lost here because LinkSys is not interested in explaining to Joe Homeuser what NAT is.

    Now, having said that, I would also point out that my gripe here is almost entirely with the verbage. most home users do not need an actual firewall; NAT + PacketFilter + Don't-blindly-click-OK-on-EULAs is quite sufficient.

    Ok, I got that off my chest -- bitch mode=off, and you can now all go back to trolling. :)

    --
    "Lawyers are for sucks."
    - Doug McKenzie
  6. Re:These packages make your windows instable by kawika · · Score: 4, Insightful

    Absolutely, you can render your system very unstable if you start using the firewall to block normal network messages. I've seen this quite often with novice users who install ZA and then block darned near everything going out of their PC. Then they're puzzled because their Internet connection doesn't work. "But thank goodness I stopped some hacker thing named 'svchost'..."

    If you don't know how to use power tools, then stop before you lose a finger.