|
|
|
|
|
|
| ISP Resources |
| ISP-Lists ISP Glossary ISP News The List ISPCON Events Free Newsletters |
|
|
|
||
| internet.commerce | ||
|
Partner With Us |
Thinking Outside The (Windows) Box,
Part 4: Free Windows Firewalls—Primedius Firewall Lite
While many businesses depend on Microsoft and its various product suites, alternatives exist, some of which are not well known. Part four of this series examines free windows firewalls.
VP Core Competence, Inc. [March 3, 2006] |
 |
At the opposite end of the bells-and-whistles spectrum lies Primedius Firewall Lite. We tried Primedius Firewall Lite v1.0.0.1 on Windows XP, where it consumed just 1.34 MB of disk space and 1 MB RAM. This simple, free application firewall also runs on Windows 2000.
|
Primedius
Firewall Lite |
 |
With Primideus, what you see is (almost) what you get. In fact, the installer doesn't even auto-launch Primideus. This start-up option, and all firewall rules, must be explicitly configured after manually starting the firewall program.
Primideus
Lite does little more than permit, deny, or prompt when applications use
Windows sockets. Rules can be populated by accepting prompts when applications
try to use Winsock, or by manually adding programs through the Basic Firewall
configuration panel (see figure at right). Unlike other firewalls
reviewed here, Primideus can only enforce black-or-white program rules.
If an application is allowed, it can use any TCP or UDP port to any destination. If an application is denied, it cannot use sockets, period. Or you can choose to be prompted each time a given application tries to open any port. The basic but easy-to-read Program Log lets you eyeball every allow, deny, or prompt action taken.
However, we found that these rules depend to some degree on how a program is invoked. For example, we manually added a rule to allow C:\Windows\System32\Telnet.exe. But when we ran "telnet 10.0.0.1" from a command window, Primideus considered that to be a different program, prompting us to create a new rule. Programs like Internet Explorer, consistently invoked with the same shortcut, path, and arguments, can be controlled by a single rule. This could help you spot a trusted program being invoked in an unusual way (e.g., by a trojan), but makes it awkward to control programs with variable arguments.
Moreover, programs that use lower-level interfaces, like Ping and Nmap, were permitted even when explicitly "denied" by Primideus program rules. In fact, except for Messenger Pop-Ups, Primideus Lite does not appear block any unsolicited inbound traffic. During a port scan, the Primideus Firewall Log showed incoming packets passing through hidden rules that cannot be configured in the Lite version (see figures below). But they can be configured in Primedius Firewall Pro ($39.99), a commercial upgrade that also supports Interface/ Protocol/ IP/ Port-based firewall rules.
 |
 |
We were initially attracted by the simplicity of the Primideus user interface. However, given Lite's glaring network firewall omissions, we cannot recommend using it alone. But you might consider running Primideus Lite in conjunction with the free Windows XP SP2 firewall. XP can block inbound traffic; Primideus can control outbound traffic from local programs. We briefly tried this, and it seemed to work. But we did not exhaustively test that combo; conflicts often exist between any two firewalls. In short, if you just want free, simple program control, then give Primideus Lite a try. If you need a full-featured personal firewall, then find another program.
|
Free Windows Firewalls: Primedius Firewall Lite
|
|
|
| Best of ISP-Planet | ||
|---|---|---|
|
ISP-Planet
Guide
ISP-Planet's Principal Studies Directories:
Q2 2008 Top U.S. ISPs by Subscriber (Updated 08/29/2008)
ISP-Planet's Blogroll | ||
ISP-Planet's
RSS feed
Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia
Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers