Battle Best Firewall for Windows 8.1?

[DaZa9]

I'm going to install Windows 8.1 and will be using Windows Defender
Should I use Windows Firewall? or what I heard that outpost firewall is good?
When you say X is better than D say or you prefer X than D, tell why if its possible

Tell your opinion.

 

[Littlebits]

Firewall Outbound Attacks Protection Test (July 2013)
Test Results of Firewalls on Standard Settings

Test Results of Firewalls on Maximum Settings

http://www.anti-malware-test.com/firewall_test_outbound_protection_2013

You will have to know how to read these test results in order for them to be helpful to you. This test was conducted on Windows 7 x32 platform, it does not apply to Windows 8.1 or x64-bit platforms which are much different. x64-bit Windows has extra security features to block unsigned drivers which can cause connection leaks.

First, all of the untrusted outbound connections would have been blocked by UAC. In order for a untrusted connection to be successful, the user would have to manually download and execute a malicious file, ignore UAC prompts and ignore Windows run warning when executing files without digital certificates. If you are ignorant to ignore Windows default security features, then these results might mean something to you.

If you always only download files from safe sources, utilize UAC and Windows and Windows run warning when executing files without digital certificates, these results will be completely irrelevant to you.

There is no firewall that will block every type of untrusted connections despite on what some tests will say. That is why you should never depend on a firewall alone. If you use your own knowledge (common sense) and Windows default security features, that will be all you will need to be safe.

Thanks.

 

[illumination]

There is no firewall that will block every type of untrusted connections despite on what some tests will say.

Thanks.

Im not sure if i totally agree with this.. With Comodo Firewall, i would set it to block "ALL" incoming and would set all "outbound" in custom mode..

Meaning only connections that happen, are the one i specifically create rules for outbound. Nothing would move through that firewall that was not in my custom ruleset, without triggering a warning "popup"..

Combine those rules with a Powerful "HIPS" like in Comodo, and nothing will "slide by", especially if one felt froggy and cranked that hips up to "paranoid"

 

[cruelsister]

Sadly as of last month Win8 had a bit over 8% market share while Win7 was about 46% and growing faster. Also many RATS (eg. DarkComet or any of the Back Orifice clones) run with impunity on either 32 or 64 bit systems, and many are digitally signed.

 

[Littlebits]

There is no firewall that will block every type of untrusted connections despite on what some tests will say.

Thanks.

Im not sure if i totally agree with this.. With Comodo Firewall, i would set it to block "ALL" incoming and would set all "outbound" in custom mode..

Meaning only connections that happen, are the one i specifically create rules for outbound. Nothing would move through that firewall that was not in my custom ruleset, without triggering a warning "popup"..

Combine those rules with a Powerful "HIPS" like in Comodo, and nothing will "slide by", especially if one felt froggy and cranked that hips up to "paranoid"

Comodo and other HIPS products do very well protecting software and software vulnerabilities but can not protect against vulnerabilities in Windows or malicious processes that run at the OS level. Security software only can protect against processes that run at the software level. If the vulnerability is exploited in Windows and the network drivers are compromised at the OS level, Comodo will not even know it happened. Anything that runs at the OS level can easily bypass any security software including advanced HIPS. I'm sorry but Comodo is not as bulletproof as many believe it is. It is much more important to keep Windows updated with the latest patches because OS vulnerabilities can not be protected by security software.

Thanks.

 

[illumination]

There is no firewall that will block every type of untrusted connections despite on what some tests will say.

Thanks.

Im not sure if i totally agree with this.. With Comodo Firewall, i would set it to block "ALL" incoming and would set all "outbound" in custom mode..

Meaning only connections that happen, are the one i specifically create rules for outbound. Nothing would move through that firewall that was not in my custom ruleset, without triggering a warning "popup"..

Combine those rules with a Powerful "HIPS" like in Comodo, and nothing will "slide by", especially if one felt froggy and cranked that hips up to "paranoid"

Comodo and other HIPS products do very well protecting software and software vulnerabilities but can not protect against vulnerabilities in Windows or malicious processes that run at the OS level. Security software only can protect against processes that run at the software level. If the vulnerability is exploited in Windows and the network drivers are compromised at the OS level, Comodo will not even know it happened. Anything that runs at the OS level can easily bypass any security software including advanced HIPS. I'm sorry but Comodo is not as bulletproof as many believe it is. It is much more important to keep Windows updated with the latest patches because OS vulnerabilities can not be protected by security software.

Thanks.

I agree that windows OS patches are necessary, and one would conclude this would go without saying. This said, with proper patches in place, Comodo firewall is as close to bullet proof as it gets.. With max settings, one would have a really hard time getting anything through without the firewall knowing so.. I for one, would love to see proof of this, I.E. a video of some sort, showing CIS firewall set to max settings, and seeing if anything can bypass it inbound or out, without setting off an alert..

 

[captainfreeky]

Hit on outpost firewall or comodo firewall both are better on windows for smaller one you can use winpatrol or tinny wall

 

[bunyip783]

Hardware firewalls > software firewalls

I'd just use windows firewall with any OS above Vista. Unless of course it comes with a suite .

 

[Amiga500]

Upon reading this thread i have come to the conclusion that the main priority is to actually keep the malware out of the system in the first place.

The main function of a firewall is to keep the bad connections out.If something on your system is making non-legit connections then its your antivirus/antimalware program which needs to be addressed rather than the firewall.

 

[Ink]

Agree with you, except the AV part. It's the users fault, for the most part.

 

[MalwareVirus]

I think Comodo is much more than firewall,its like Firewall suite made for fanboys.Window firewall is decent but effective too.Auto sandbox for example makes CF more than firewall.
While i am also a Comodo Fanboy

 

[WalterWolf]

There is no firewall that will block every type of untrusted connections despite on what some tests will say.

Thanks.

Im not sure if i totally agree with this.. With Comodo Firewall, i would set it to block "ALL" incoming and would set all "outbound" in custom mode..

Meaning only connections that happen, are the one i specifically create rules for outbound. Nothing would move through that firewall that was not in my custom ruleset, without triggering a warning "popup"..

Combine those rules with a Powerful "HIPS" like in Comodo, and nothing will "slide by", especially if one felt froggy and cranked that hips up to "paranoid"

Comodo and other HIPS products do very well protecting software and software vulnerabilities but can not protect against vulnerabilities in Windows or malicious processes that run at the OS level. Security software only can protect against processes that run at the software level. If the vulnerability is exploited in Windows and the network drivers are compromised at the OS level, Comodo will not even know it happened. Anything that runs at the OS level can easily bypass any security software including advanced HIPS. I'm sorry but Comodo is not as bulletproof as many believe it is. It is much more important to keep Windows updated with the latest patches because OS vulnerabilities can not be protected by security software.

Thanks.

What if you use WinPatrol + Registry Protection list for Windows Vista/7 ?


I know that updates are necessary.

 

[Chigwells]

I'm intrigued by this discussion! I always thought a third party firewall was much more robust than Windows own. I have Comodo firewall installed on Windows 7 HP x64 to Chiron's recommendations, but what Littlebits states seems to change everything.

As I understand it, in non-techie speak, a 3rd party fw is kind of sitting on the system, whereas Window's own fw is integrated within. Additionally there is this Advanced Security feature, which I've never heard of before, which appears to strengthen it further (in some way that I don't as yet understand )

I'm really considering towards a change. Littlebits, you're using Windows Firewall with Advanced Security, could you point me in the direction of a tutorial, thanks

I've already looked at Microsoft and Technet sites:
Windows Firewall with Advanced Security
Windows Firewall with Advanced Security Getting Started Guide
Introduction to Windows Firewall with Advanced Security
(just wondered if you have a favorite guide elsewhere)

Comodo and other HIPS products do very well protecting software and software vulnerabilities but can not protect against vulnerabilities in Windows or malicious processes that run at the OS level. Security software only can protect against processes that run at the software level. If the vulnerability is exploited in Windows and the network drivers are compromised at the OS level, Comodo will not even know it happened. Anything that runs at the OS level can easily bypass any security software including advanced HIPS. I'm sorry but Comodo is not as bulletproof as many believe it is. It is much more important to keep Windows updated with the latest patches because OS vulnerabilities can not be protected by security software.

Thanks.

Apologies as this is probably completely off-topic, aargh!

 

[Exterminator]

Outpost was very buggy when I ran it on Windows 8.Maybe it is better now and can't really say for sure.I use ESS 7 on 8.1 but if I had to choose just a firewall I would say Windows

 

[Littlebits]

I'm intrigued by this discussion! I always thought a third party firewall was much more robust than Windows own. I have Comodo firewall installed on Windows 7 HP x64 to Chiron's recommendations, but what Littlebits states seems to change everything.

As I understand it, in non-techie speak, a 3rd party fw is kind of sitting on the system, whereas Window's own fw is integrated within. Additionally there is this Advanced Security feature, which I've never heard of before, which appears to strengthen it further (in some way that I don't as yet understand )

I'm really considering towards a change. Littlebits, you're using Windows Firewall with Advanced Security, could you point me in the direction of a tutorial, thanks

I've already looked at Microsoft and Technet sites:
Windows Firewall with Advanced Security
Windows Firewall with Advanced Security Getting Started Guide
Introduction to Windows Firewall with Advanced Security
(just wondered if you have a favorite guide elsewhere)



Apologies as this is probably completely off-topic, aargh!

To use Windows Firewall effectively you first must utilize UAC, never approve the unknown always deny what you don't know for sure is safe. Windows Firewall by default blocks all inbound connections and displays prompts for you to unblock the connection, but allows all outbound connections. So it is important to never allow a bad process through UAC because outbound connections will be allowed. Firewall rules are automatically created according to your Network configuration in Network and Sharing Center (Home, Work or Public).

Windows Firewall with Advanced Security allows you to customize the created rules with tweaks to provide better security.
There are guides all over the web but experience of actually working with it helps you learn, there really isn't guide to help you setup your own config, it all depends on your situation and installed programs. Everyone will need different configurations based on their programs, connection status, connection location, etc.

Here is a video which explains a lot-


Enjoy!!

 

[Deleted member 178]

In addition, most people use 3rd party firewalls for their whole package including Hips, behavior blocker, etc.

If you dont need those other component Windows FW is strong enough

 

[indra11tng]

Usually i use Windows Firewall

 

[Stubbornest]

RE: Best Firewall for Windows?

In my opinion the most important protection level a firewall should have is Outbound protection. This gives an extremely important layer of defense against many forms of malware that need internet access to become malicious (from trojan downloaders to the recent cryptolocker variants which need to contact the C&C).

Also many password stealers will use legitimate Remote Access software in order to break in. Inbound only defense will not help one in this case.

TinyWall adds outbound connection control to Windows Firewall. In fact, initially every outgoing connection attempt is blocked. (Except TinyWall itself, but it can also block itself by changing the special exception.)
You need to whitelist (by executable, window, or process), blocklist, or unblock.
But it also recognizes well-known proggies for which you can add an exception (permanent, or ad-hoc).

 

[cdnsempre]

I use actually NORTON IS.

 

[Victor Cristy]

RE: Best Firewall for Windows?

Firewall Outbound Attacks Protection Test (July 2013)
Test Results of Firewalls on Standard Settings

Test Results of Firewalls on Maximum Settings

http://www.anti-malware-test.com/firewall_test_outbound_protection_2013

Also this is my first reply to your posted forum, I also noticed, like aztony, that there is no ZoneAlarm in your list tested? I see your test was reported in July 2013, can you update it with ZoneAlarm attached also?

 

[Littlebits]

Also this is my first reply to your posted forum, I also noticed, like aztony, that there is no ZoneAlarm in your list tested? I see your test was reported in July 2013, can you update it with ZoneAlarm attached also?

That is NOT a network firewall test, it tests HIPS features. ZoneAlarm doesn't have full HIPS features, it only has IDS cloud-based protection therefore it would have scored very low this test. However the Network control on ZoneAlarm is one of the very best and probably the most user-friendly firewall available.

Most tests that claim to be firewall or anti-leak tests are actually testing HIPS features, some don't even test Network control features.
If you utilize UAC, keep your software updated and don't download suspicious files then HIPS features are not necessary. In most cases Windows Firewall will be enough if you already have a router with a hardware firewall. UAC is more powerful protection because it runs at the Windows OS kernel level above all security software. Just don't approve anything that you are not completely sure is safe on UAC prompts and you have better protection that can be offered by HIPS features with no compatibility issues or configuration (tweaking) needed.


Thanks.