Vista and 3rd party firewalls

[tommo123]

yes i have done a search but found nothing useful

just installed vista x32 yesterday. am using nod32 for AV at the mo but kerio pf wont work on vista and none of the others i have tried will install saying they dont support this OS

i checked the security thread but all that says re firewalls is:

What is the best firewall for Windows Vista?hat is the best firewall for Windows Vista?

As of right now, the best thing I can tell you to do is to use your router's hardware firewall in conjunction with Windows Vista's built in firewall, that should keep you safe

none of the free ones will work and i dont want to use vistas own firewall as its too much of a PITA to control outgoing connections.

anyone know of a 3rd party firewall that will work in vista?

 

[dgsg]

If your brave(foolish?) you can download a 15 day trial of Norton 360. I have been playing with it to day and nothing bad has happened. Yet.

http://shop.symantecstore.com/store/sym...eID.106300/Software/categoryID.7411800

 

[tommo123]

norton? eek!

 

[Aberforth]

Kaspersky Internet Security - Now Vista compatible. But I do not use it nor recommend it, I prefer built-in firewall. Vista is a new OS and using 3rd party AV's and firewalls will badly screw up the settings. Strange how people want 3rd party stuff when they've got built-in Firewall and Anti-spyware, in future you might be posting something like this "Vista is PITA slower than before, help!!!". As for me I am using windows firewall and Windows Live OneCare (which is only truly compatible AV at the moment) not patched or tweaked to run in Vista. Also it is very important to read the product documentation before installing any 3rd party *anti* software in 64bit version of vista.

 

[tommo123]

i tried vistas outbound firewall late last night but after 10 minutes decided that i'd rather stick to XP if that's the only option. saying its a PITA is putting it mildly.

 

[Schadenfroh]

See The Consolidated Security Thread (linked in my sig) Section H Appendix "Vista x32 compatible Antivirus, AntiSpyware, and Firewall Applications"

Apparently Norton 360 is not a system hogging pig, Norton 360 thread

 

[Lemon law]

All this is a direct result of microsoft holding onto vista specs until the last possible minute. Leaving the various third party vendors flatfooted. In a few months vista versions will come out. And for now users are trapped on the microsoft monopoly. On the bright side, the vista firewall is not some hopelessly crippled wimp and may for now be considered almost decent---totally unlike the SP2 firewall whose only virtue may be better than nothing at all.

From a security standpoint, I consider this microsoft only security reliance as being very dangerous for any long term view. When end users security is totally predictable---hackers don't need many types of ammunition---and the clear lesson is that no software is hackproof---and the more fragmented the market is---the more different types of ammunition a hacker needs with most shots missing the intended target.

As it is right now, many malware writers tests their wares against boxes running the most popular security suites---and keep refining their wares until they get find variants that get through. Vista is still new enough so that the hackers are still learning---in a few more months they will be much better---after that--Katie bar the door.

 

[tommo123]

Originally posted by: Schadenfroh
See The Consolidated Security Thread (linked in my sig) Section H Appendix "Vista x32 compatible Antivirus, AntiSpyware, and Firewall Applications"

Apparently Norton 360 is not a system hogging pig, Norton 360 thread

norton? not a resource hogging monstrosity? does not compute

am trying the live 3 month trial at the mo. seems ok tbh so far.

wont buy though - too basic

 

[stash]

What are you looking for that the Vista firewall doesn't do? The built in firewall is better than any third party software firewall.

 

[ginfest]

The Vista built-in FW is a big improvement over the past XP offering and it is greatly configurable, albeit for those of us with the time and knowledge to go thru and set a rule for each individual app.
But I do understand the longing for a third-party solution like Kerio and others. It was nice to have a box pop-up and ask if the app should be allowed to connect.
I am glad that we at least have the option to stop outbound, even if it does take some work. It gets easier if you configure your apps as you install them, and there is plenty of info on how-to out there.
G'luck

 

[orion23]

I use Norton Internet Security 2007 in @ least 10 pc's and it works great!

 

[tommo123]

Originally posted by: stash
What are you looking for that the Vista firewall doesn't do? The built in firewall is better than any third party software firewall.

Originally posted by: Ginfest
But I do understand the longing for a third-party solution like Kerio and others. It was nice to have a box pop-up and ask if the app should be allowed to connect.

that's what i want.

i know you can manually set the vista firewall up for outbound but its far too time consuming to do that for every single program

i've grabbed the trial of live now and will use that till kerio has vista support

 

[Nothinman]

All this is a direct result of microsoft holding onto vista specs until the last possible minute.

Right, it's not like MS had been putting out betas and release candidates months before the final release...

 

[InlineFive]

Actually the Vista firewall does have an option to alert you to outbound connections if you change the default to blocked. But for some reason it keeps spewing errors all over the event logs that it cannot display the message.

Haven't figured out why this happens yet but once it is fixed I think the Vista firewall will be a very viable, consumer friendly option.

 

[hardcandy2]

Originally posted by: Nothinman

All this is a direct result of microsoft holding onto vista specs until the last possible minute.

Right, it's not like MS had been putting out betas and release candidates months before the final release...

And remember the fuss about Microsoft wanting to limit access to the kernel and Norton crying because their apps needed access? Microsoft told them to work around it, access to the kernel was to be limited.

 

[Nothinman]

And remember the fuss about Microsoft wanting to limit access to the kernel and Norton crying because their apps needed access? Microsoft told them to work around it, access to the kernel was to be limited.

And I agree with MS on that one, the fact that any installer can put it's own kernel modules in the system is a huge whole that nothing can fix. Only allowing the kernel to load modules that fit a certain criteria (crypto signed by MS, etc) makes a lot of sense and is the only real way to stop random rootkits from getting installed.

 

[Schadenfroh]

Originally posted by: Nothinman

And remember the fuss about Microsoft wanting to limit access to the kernel and Norton crying because their apps needed access? Microsoft told them to work around it, access to the kernel was to be limited.

And I agree with MS on that one, the fact that any installer can put it's own kernel modules in the system is a huge whole that nothing can fix. Only allowing the kernel to load modules that fit a certain criteria (crypto signed by MS, etc) makes a lot of sense and is the only real way to stop random rootkits from getting installed.

Agreed, lock the kernel down, Kaspersky has backed Microsoft on this one as well.

 

[tommo123]

on that note - are graphics drivers now capable of crashing vista?

 

[Nothinman]

on that note - are graphics drivers now capable of crashing vista?

Of course, they have more or less direct access to the hardware and some sections of memory. Vista is better able to recover from some problems because large chunks of the sound and video drivers have been moved out of the kernel but they'll never be able to completely avoid those problems.

 

[Lemon law]

Maybe I am doing too much microsoft bashing---and some have pointed out that the various beta vista's released somehow excuses microsoft from getting to third party's very late in the release cycle---but I also point out that these third parties need final release certainty of code rather than some beta that could change radically.

Microsoft can somewhat claim an excuse with the lack of security in windows XP---simply because malware only reached critical mass after the release of windows XP.---and for not only XP but all OS'es.---but its only sensible to assume the malware writer will target the dominant OS. And I also agree that the lack of Kernel access in Vista could offer a rather large increase in security. And a basis to lock down the OS. But I also wonder if that will be enough now that the malware writers have and can target any weaknesses in Vista code.

Only time will tell on that question---but if Vista proves to have huge exploitable security holes microsoft refuses to more than put a small band aid on---will the general public accept a microsoft who says wait until the next OS for us to get security right maybe?

 

[stash]

i know you can manually set the vista firewall up for outbound but its far too time consuming to do that for every single program

You would rather give an OK to every popup that the firewall puts up? How is that any different?

 

[Nothinman]

Maybe I am doing too much microsoft bashing---and some have pointed out that the various beta vista's released somehow excuses microsoft from getting to third party's very late in the release cycle---but I also point out that these third parties need final release certainty of code rather than some beta that could change radically.

They had just as much noticed as anybody else, would you rather MS delayed Vista even longer to wait for all of the firewall, A/V, hardware, etc vendors to get their software released too?

And I also agree that the lack of Kernel access in Vista could offer a rather large increase in security. And a basis to lock down the OS. But I also wonder if that will be enough now that the malware writers have and can target any weaknesses in Vista code.

What in the hell are you talking about? Malware writers have less access to "weaknesses" in Vista than they did in XP, Vista won't be a silver bullet for sure, but it looks like progress to me.

 

[Lemon law]

What in the hell are you talking about? Malware writers have less access to "weaknesses" in Vista than they did in XP, Vista won't be a silver bullet for sure, but it looks like progress to me.

The question will be answered by time---and I agree that its progress---but is it overoptimism?---as evidenced by GWB in Iraq---or the RIAA with its various announced hackproof copyright schemes that are defeated at almost the speed of light.

But Nothingman, you missed the question I asked---given the however small but finite risk of Vista code being totally exploitable by hackers--will microsoft finally step up and do more than a band aid fix?

 

[Nothinman]

But Nothingman, you missed the question I asked---given the however small but finite risk of Vista code being totally exploitable by hackers--will microsoft finally step up and do more than a band aid fix?

Lemons Law, since the majority of their problems revolve around user's being stupid there's not a whole lot they can do. People want the ability to do anything with their machines and that includes mistakenly or purposefully installing malware. UAC is a good idea in theory, it gives users the power they want to do anything and gives them the oppurtunity to stop anything from happening behind their back but most users don't understand enough to know what should be happening on their machine so they'll either constantly just click Allow or disable UAC altogether and be right back where they were with XP. Disallowing the installation of non-good kernel modules will be a big hurdle for rootkits authors to get around which can only be a good thing, if Symantec wants to cry about it making their job a bit harder too who cares?

 

[Lemon law]

To Nothinman,

By blaming the user you have perhaps defined the difference in our viewpoints---with my position being the OS writers job is to have a robust OS that shrugs off attacks and protects
its basic core OS from any tampering---the question only time will answer is if Vista will remotely fit that bill---but even totally legitimate sites can be had---and an experienced user may trust them one day---and get burned the next.

But your real error in blaming the user shows you don't even understand the problem--the real enemy is the malware writers who work long and hard to exploit any vulnerabilities.
And has microsoft done a adequate job with Vista?---or are the malware writers going to someday have a field day because microsoft was a day late and a dollar short once again?