Need firewall recommendation to work with AVG

Topic

New Reply

I am running XP Pro SP3 and the latest free AVG av. I tried Online Armour as a firewall and got browser (old FF w/ No Script and chrome too come to think of it) lockups. I uninstalled it and reverted to Windows firewall. I put my old stand by Zone Alarm on and I am getting issues again. My question: does anyone with a similiar setup have success with a fire wall w/ HIPS?? Trying different firewalls is trying my patience.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Replies

I have been using Online Armor for years (not sure if 4 or 5 years), without any browser issues whatsoever. I don’t use OA’s web shield, though – too much of an annoyance and I don’t really need advice on where I can go with my browsers.

Reply | Quote

And you use AVG on XP??

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

I don’t use AVG (used for a short while a few years ago, even bought the paid version, didn’t like it, plus it doesn’t seems the most effective of AVs, judging by how it fares in comparatives).. I use Emsisoft AntiMalware.

Reply | Quote

I am running XP Pro SP3 and the latest free AVG av. I tried Online Armour as a firewall and got browser (old FF w/ No Script and chrome too come to think of it) lockups. I uninstalled it and reverted to Windows firewall. I put my old stand by Zone Alarm on and I am getting issues again. My question: does anyone with a similar setup have success with a fire wall w/ HIPS?? Trying different firewalls is trying my patience.

Hello wavy:

Although one of my systems is an XP Home x86 SP3, and is up mostly for testing, I’m running Agnitum’s Outpost Firewall 2009 ver. 6.5.1 along with Malware Defender 2.8.0.0001 for HIPS.

All of us with XP systems will still rely on IE8 for what few updates will trickle in from Microsoft and we will get an update for IE8 tomorrow. I also have Sandboxie 4.08 (32-bit) Lifetime I use to let Mozilla’s Firefox 28.0 run in with some security add-ons. I also run this system behind a NAT router.

I’m still using Microsoft’s MSE 4.5.216.0 for now along side MBAM Pro. I actively maintain my HOSTS file with HostsMan 4.3.100 and SpywareBlaster 5.0 for restricting additional IP names and BillP’s WinPatrol Lifetime.

Is this system safe? Not entirely. But it’s not a honey pot either.

Cheers. 🙂

Reply | Quote

I was just reading the Gizmodo reviews and I see that it says ZA does NOT have HIPS protection. I thought that is what ZAs OSfirewall was all about.

Quoting ZA: Advanced Firewall
No product is 100% effective against viruses or spyware. ZoneAlarm’s advanced firewall monitors behaviors within your computer to spot and stop even the most sophisticated new attacks that bypass traditional antivirus and security suites.

OSFirewallTM monitors programs for suspicious behavior, spotting and stopping new attacks that bypass traditional antivirus protection.
Advanced-access Protection targets and defeats new, advanced attacks that other firewalls miss, such as raw data access, timing, and SCM and COM attacks.
Zero-hour Protection prevents silent outbreaks from gaining system access – before other security programs can even detect the threat.
Application Control uniquely shields your operating system during start-up, before most security products have even loaded.
Early Boot Protection uniquely shields your operating system during start-up, before most security products have even loaded.

What am I missing here? Does not that sound like what a HIPS does??? I am getting a feeling of Deja vu (again). :huh:

I am thinking of one of the free suites, just to have all the parts play nicely with each other. If ZA really does have HIPS it would be a contender. I remeber the Comodo learning curve was rather steep. I had it on a laptop and abandoned it for a simpler soloution.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

I haven’t used ZA for a long time, so I fear I cannot reply with full knowledge. Last time I used it, ZA had all the features of a HIPS and, most importantly, featured whitelist based program monitoring, ensuring only allowed programs could run.

I suggest you ask the question on ZA’s support forum.

Reply | Quote

Hi wavy
Have a look at Privatefirewall, meets all yr specs and their help service super.

Reply | Quote

Thanks for the suggestions folks. My system w/ ZA does seem to be behaving at present, at least for an 11 year old installation that started on a single core processor. Maybe a bit of a breakin period was needed (or that Wired space photo page). I will visit the ZA forums to ask about HIPS, I am guessing there is a variety of ways to implement that.
I might check out Privatefirewall since it comes w/ HIPS.

Thanks for the suggestions

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

One thing I have a question about is this:

ISPs!! – Realize higher profit margins and superior customer satisfaction by participating in the Privatefirewall Reseller Program. Learn More

How can they offer to let someone resell a free product?

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Money makes the world go round.
This is common practice, with or without the user’s knowledge.
When Privatefirewall is offered to an end-user as part of a paid package deal (online or CD/DVD) then the reseller is responsible for support. The reseller may even rebrand and/or modify Privatefirewall to his specs. This all happens in agreement between Privatefirewall and the reseller, both profit from it, it’s known as “revenue sharing”.

I’m not complaining because that could be the reason why Privatefirewall is and remain totally free. It’s not a crippleware version of a “pro” version.
I’ve been through Sygate, ZA, Outpost, Online Armour, PC Tools, Panda, Comodo, Ashampoo, Jetico and Kerio but Privatefirewall is the only one that allows me to carry on using my puter w/o endless fiddling. If there is a pop-up it makes sense and I can make a decision within a second. Running on four PCs w/o hiccups and I filter & block as I like.

Reply | Quote

Rompy
Yeah that makes sense, if needed Privatefirewall is next in line.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Ok finally got around to posting in the ZA forums (They did not like anything about my old forum ID, what a pain)
ZA free does NOT have a HIPS.

Hi!

The latest ZAfree inherited the smardefense function from the retail versions. While in the retail version also include HIPS (monitoring for dangerous behavior) the ZAFree one only provides local/internet zone(s) outbound control.

Programs and executable are added to the program list but they are dormant unless they access to the local/internet zone(s). On default settings, executable and files are given permissions based on the central ZA database of known good / know bad (cloud). If the file is not presented in the central database it will be added but you will see “?” all across the different sections.

On top of the smartdefense, Microsoft certified executable are granted access automatically regardless of the program control settings. If you want to turn OFF this feature you will need to UNcheck “Enable Microsoft catalog utilization” (somewhere in the advanced options). The same applies to smartdefense database that can be turned off under the ZA program control section.

With both features turned OFF you will flooded by requests (especially on fresh install of ZA) and normally this is not recommended unless you know what are you doing. Blocking permissions to certain executables may only give raise to issues under particular scenarios that are not easy to track back to ZA once they happen.

Always keep in mind that ZAfree offers limited outbound control on the system as compared to the retail version, you will need to adapt yourself to those limitations (including no support) otherwise you may want starting testing other free tools to see if they better fit your needs.

Hope this helps.

So now what was that HIPS standalone??
Malware Defender
WinPatrol

that or private firewall and ditch ZA

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Odd issues often arrive after changing security software, you really need to ensure that any old security software is fully removed, preferably by using the uninstall tool from the software maker (some might need running twice or from from Safe Mode, etc) and and checking manuall.

ZA, Norton/Symantec and McAfee are amongst the worst for not uninstalling cleanly and triggering other issues down the line. On my own W7 machine earlier this year, I had a real work out trying to stop the driver remnants of OA from continuing to run at boot after ‘uninstalling’ it.

My suggestion would be to use John Carrona’s list as a reference and ensure you’ve removed all traces of the old software: http://www.carrona.org/avuninst.html

There have also been times when I’ve ‘fixed’ an odd 3rd party firewall ‘bug’ by enabling Window’s own firewall, sometimes it silently blocks an application and, because it’s disabled, it can’t create the popup asking if you want to allow/deny or it cannot make changes without being enabled. Yes, I know you’re not supposed to run more than one but it’s worth trying for a session or two to see if it improves the situation – if it does, you can disable it again.

Reply | Quote

Thanks Satrow, just in time. I spent almost all yesterday getting my main box to boot.
I plan to post a long account of my exeriences.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote