I was using Zonealarm Pro, but I got tired of the current version crashing frequently and forgetting zone settings after each boot, so I went and got the trial of tiny firewall.
So far so good. Much less CPU overhead for file sharing, no crashes so far, no warning from cisco vpn client on boot since there is a period of time with ZA in-between the Truevector internet monitor loading and the GUI interface loading where you have no network access, no more memory growth over time, etc.
However, it seems to have some issues of its own:
1) the need to specifically create a default rule that denies access to most ips in addition to the rule for what to allow in each profile seems counter-intuitive... am I missing something here? Is this true for port-based restrictions as well?
2) any easy way to move applications between groups?
3) ZoneAlarm would have applications settings for VMWare to allow the virtual machine restricted internet access (although if I wanted only certain applications on the virtual machine to have network access the VM would still need its own software firewall). Tiny Firewall is not noticing that the virtual machine is accessing the net! (its running Kazaa!) This may have something to do with the fact that the current VMWare configuration gives the VM it's own hardware MAC address and my router actually sees it as a separate physical box. But does this mean that any program can bypass Tiny by doing low-level ethernet access like that?
So far so good. Much less CPU overhead for file sharing, no crashes so far, no warning from cisco vpn client on boot since there is a period of time with ZA in-between the Truevector internet monitor loading and the GUI interface loading where you have no network access, no more memory growth over time, etc.
However, it seems to have some issues of its own:
1) the need to specifically create a default rule that denies access to most ips in addition to the rule for what to allow in each profile seems counter-intuitive... am I missing something here? Is this true for port-based restrictions as well?
2) any easy way to move applications between groups?
3) ZoneAlarm would have applications settings for VMWare to allow the virtual machine restricted internet access (although if I wanted only certain applications on the virtual machine to have network access the VM would still need its own software firewall). Tiny Firewall is not noticing that the virtual machine is accessing the net! (its running Kazaa!) This may have something to do with the fact that the current VMWare configuration gives the VM it's own hardware MAC address and my router actually sees it as a separate physical box. But does this mean that any program can bypass Tiny by doing low-level ethernet access like that?
