Firewall gratuito ottimo

[tommy781]

un porting da FreeBSD per winzozz

sembra un ottimo prodotto, è open, completo, gratuito, e potente.

http://force.coresecurity.com

http://force.coresecurity.com/index.php?mo...e&page=download

1. What is CORE FORCE?

CORE FORCE is a comprehensive endpoint security solution for Windows operating systems. It provides security features to protect against malware, trojan horses and external attacks that exploit and leverage security vulnerabilities in the operating system and software applications running on the workstations.

2. What is CORE FORCE Community?

CORE FORCE Community is a Web site where security profiles for programs are shared by security experts around the world. Every user can download and use security profiles that have been uploaded to the Community. These profiles are rated by all users in the Community and they can be peer-reviewed on the site. Over time, CORE FORCE Community will develop a large base of security profiles to protect popular programs running in your computer.

3. How can I use CORE FORCE?

You can use CORE FORCE to:

Protect your computer from compromise by worms, virus and email-borne malware

Prevent you computer from being used as a staging point to amplify attacks and compromise others

Prevent exploitation of known bugs in the operating system and applications running on your computer

Prevent exploitation of unknown bugs (0-day) in the operating system and applications running on your computer.

Detect and prevent execution of adware, spyware, trojan horses and other malware on you computer

4. How much does it cost?

Nothing.

CORE FORCE is available free of charge, both in commercial and non-commercial environments.

5. What is the license for CORE FORCE?

CORE FORCE is released to the public using the Apache 2.0 license (a liberal BSD style license which is commercial friendly). It is completely free for commercial or noncommercial use. The license does not restrict reverse engineering, disassembly or decompiling of the software.

6. What is the license of security profiles submitted to CORE FORCE Community?

All security profiles available in CORE FORCE Community (either submitted by registered users or provided by Core Security Technologies) use a Creative Commons license (Attribution-NonCommercial-ShareAlike 2.5). The license guarantees that all users in the community will be able to use these profiles and create new ones based on other people's submissions.

7. What Operating Systems does CORE FORCE support?

CORE FORCE runs on:

Windows 2000 Professional or Server Edition, SP4 or above

Windows XP Professional or Home Edition, SP1 or above

Internet Exploer 6 or above

8. What are the minimum system requirements needed to run CORE FORCE on my computer?

In order to run CORE FORCE you will need:

Pentium III, 800 Mhz or higher.

128 MB RAM

30 GB hard disk

9. What kind of protection does CORE FORCE provide?

CORE FORCE provides inbound and outbound stateful packet filtering for TCP/IP protocols, granular file system and registry access control and programs integrity validation.

These capabilities can be configured and enforced system-wide or on a per-application basis for specific programs such as email readers, Web browsers, media players, messaging software, etc.

10. How does CORE FORCE work?

CORE FORCE enforces security configuration settings independently of the operating system's own configuration.

Security permissions are configured using a configuration tool with a powerful graphical interface. They are stored on XML files, which facilitates the sharing of settings among users, and accessed through a Windows Service. Permissions are enforced by custom device drivers running at kernel level.

Permissions can be configured for the entire operating system (System permissions) or on a per application basis by grouping them into application profiles (Program permissions). They can include inbound and outbound network traffic restrictions, file system access restrictions to files and folders and registry access restrictions to registry keys and values.

Programs are identified by a cryptographically strong hash of the file's contents that is checked every time the program runs.

CORE FORCE supports several configuration levels.

Basic configuration method consists in choosing a standard Security Level (High, Medium-High, Medium, Low) for each application. The user can change this level at any time, according to the task he/she is performing. For example, if the user is about to open a suspicious mail attachment, he/she can raise the Security Level for the mail program and for the entire system. On the other hand, if the user is installing a new application, he/she can lower the Security Level to avoid unnecessary false alarms.

If none of the standard security levels meets the needs of the user, he/she can change them by enabling and disabling individual policies. Each policy represents a task on the context of the application (for example, allow opening attachments (confirmation required)). With this configuration method, CORE FORCE releases the user from the tedious task of dealing with files and registry permissions directly.

Finally, the user can configure permissions for specific files, registry keys and network connections. Several tools, such as log generator/viewer, a Learning Wizard and confirmation popups aid the user on this task.

Authorized and unauthorized operations can by logged to a system wide or per application audit trail. Program permissions grouped as application profiles can be exported and imported to CORE FORCE as a mean to facilitate updating and sharing of security settings among users.

11. How does the personal firewall work?

The firewall component of CORE FORCE is a Windows port of OpenBSD's PF, the open source, mature, server-level firewall (PF: The OpenBSD Packet Filter). PF's functionality has been trimmed and tailored to make it suitable for desktop systems and to minimize code complexity.

CORE FORCE support inbound and outbound stateful filtering with advanced settings such as TCP flags and ICMP type/code flags. It works on a per application basis, loading and unloading rules dynamically at application runtime and it can be configured to require runtime user confirmation on certain connections. It is implemented at kernel level as an intermediate driver that mediates communications between the network card drivers and the operating system's TCP/IP protocol stack, making it difficult to bypass.

12. How does the registry and file system restrictions work?

The file system and registry access control component of CORE FORCE is implemented as a file system filter that mediates communication between the operating system and file systems drivers.

The component runs at kernel level and captures file system and registry access operations performed by the rest of the operating system (user-level applications, services and kernel subsystems) and enforces permissions for create, read, write, execute, delete and list operations. Due to its location inside the operating system, it can trap calls to any file system, and even calls made by other kernel components. The file system permissions can be specified using wildcards and recursion masks.

13. What does CORE FORCE does NOT do?

CORE FORCE does not protect the workstation from malicious users with legitimate access to the system. Also it cannot be configured on a per-user basis.

[Kiriranshelo]

Grazie per la segnalazion, Tommy.

Go letto la documentazion sul sito.

sembra valido.

qualchedun lo ga provado? (fazo mi da seconda cavia del forum?)

in questo momento me ritrovo che il mio Sygate Personal Firewall no sarà + aggiornado da Sygate in quanto xe stado acquistado da Symantec.. indi stago iniziando a varderme in giro

[Kiriranshelo]

purtroppo no go avudo la pazienza necessaria a poderlo usar correttamente.

go riscontrado due grossi problemi:

1) no rivavo + a far funzionar el messenger con el plus installado (funzionava solo nella modalità training.. una volta che ghe disevo che andava ben cussì e concludevo.. el messenger smetteva de funzionar)

2) el pc se inciodava andando in Stand By

--

al momento son tornado al vecchio Sygate che oramai non esisti +