Connect to the Internet if you can't see this image.

Which is the best firewall depends on who you talk to.

ZoneAlarm, highly recommended by Steve Gibson, is an application based firewall.

Others are ruleset applications and are for those who prefer an hands-on approach, and have more control.

STEVE GIBSON has tested Firewalls, for their reliability or "leaks" , with his LEAKTEST

Tiny Personal Firewall
Connect to the Internet if you can't see this image.


Zone Alarm

Connect to the Internet if you can't see this image.

Connect to the Internet if you can't see this image.




All about SFP 5x.  A real good follow up to previous site for this firewall.

Connect to the Internet if you can't see this image.


Comes in 2 versions:

1.04 LooknStop Lite.  Without application filtering.  -  FREEWARE

2.03 LooknStop       With application filtering.

For Download: here

The official 2.04 is out. 

Version 2.04p2 02-10-2003


  • new criteria "Equal Or" and "Different And" for the address IP selection in the internet filtering rule edition.
  • new attribute for the row (Internet Filtering) in order to select on a rule basis if a sound is played or not
  • it is now possible to sort the log items by clicking the column headers


  • Modification in the way Look 'n' Stop handles the "Windows Ending Session" event (in order to improve/fix the slowness issue when Windows is being closed).


  • under Windows 2000/XP, with some Ethernet cards the Internet filtering was not working for the downlink.
  • when the maximum number of application is reached, the alert dialog box is now correctly displayed.
  • crash in the lnsfw1 driver if the PC contains a lot of logical drives (>16)
  • GDI (Graphic Display Interface) memory leak when displaying the application icons in the Application Filtering page
  • in very rare circumstances, application could crash when resolving an IP name
  • correct display of the attribute icons in Internet and Application filtering page when the password is enabled or when the Windows system colors are changed

Version 2.04 11-24-2002


  • TCP Stateful Packet inspection and dialog box with the TCP connection states.
  • Internet Filtering rules enabled with application detected through the Application Filtering.
  • Application Filtering: addition of a new attribute to allow or not applications that start another one which connects to Internet.
  • Automatic Selection of the network adapter in the options
  • Option to confirm when clicking the "Exit" button
  • Option to lock all the buttons in the Log page when the password mode is enabled
  • Win2000/XP, Application Filtering: "Raw Socket" connection supported.


  • In raw logs, application name and application path have been added.
  • In logs (application and files) a new type has been added to differentiate application connecting from application starting another one
  • Win2000/XP: during the driver installation the command dialog box (DOS Like) no longer appears and an error dialog box is displayed in case of problem.


  • Under Windows XP, Fast User Switching handling to prevent some problems.
  • The "Create Rule" in the Log page was not disabled when the password mode was enabled
  • the operation to save the ruleset no longer takes a long time under Windows 2000 and XP.
  • Ruleset files can now be larger than 64 KB.
  • Sometimes the Apply button in the Options page was not greyed just after Look 'n' Stop is started.

The Web site has been updated. Here are the direct link for downloading:


the new version 2.05 beta 01 is out.

Here are the links for download:
- English release:
- French release:

To install this new version over an existing one, no need to uninstall first the current one, just run the setup and anwser Yes to the question.

Here the content of this version (quite the same as the preview):

Features Added:
  • DLL Filtering (Windows 2000-XP only)
  • Port & IP selection for the Application Filtering
  • Plug-in interface for localization, rule creation and log analysis by third party applications.
  • Detection of troyans that are using DLL injection or DNS request through svchost/services.
  • Detection of non-standard protocols and drivers under Win2000/XP.
  • Signature verification improvements (Windows 2000-XP only).
  • New attribute in Application Filtering to have only blocking access in the log or all access.
  • Addition of GB unit for statistic display in the Welcome page (however there is still the 4 GB limitation)
  • All miscellaneous options in one list in the Advanced Options dialog box.
  • In the "U/D #" column addition of a '-' or '+' information to know if the packet has been blocked or allowed.
  • In the Application Filtering, it is now possible to sort the lines by clicking on the column headers.
  • Addition of the 'TCP or UDP' selection to the list of protocols in the rule edition dialog box
  • Automatic log entries removal when reaching a limit (configurable by the user).
  • Application filtering: automatic removal of applications which no longer exist
  • Under some 2003 Server configuration, the network interface wasn't correctly detected.
  • The field "IP to exclude for auto-detection" was sometimes badly interpreted.
  • The rule names in the log are now correct even if some rule have been added without applied yet.
  • Crash when the maximum number of Internet Filtering rules was reached.
About plugins, you will find more information here:

In case of problem, please use the following Web form to report the problem to us:

This version will expire by March, 2003, the official 2.05 or a new beta will be available before.

To re-install the 2.04 over the 2.05b1, two solutions:

  1- uninstall the 2.05b1, reboot, reinstall 2.04, reboot
  2- remove lnsfw.vxd/lnsfw1.vxd (Windows 9x/Me) or lnsfw.sys/lnsfw1.sys (2000/XP) and remove fwapi.dll, then execute the 2.04 setup and reboot

Look and Stop  Questions and answers PAGES

Look and Stop     Screenshots PAGES

One of LNS's great fan ( besides me ) is known as Phantom

It is worth to take a look at at what is now know as Phantom's ruleset and why he likes this firewall



For linux users   

Astaro Security Linux is:             All-in-One Firewall + VPN + Anti Virus + more

This product is an all-in-one software solution, providing firewall,
virus protection, intrusion protection, content filtering and spam
protection.  Astaro, offers a free version  for home users



For a review of firewalls:


Connect to the Internet if you can't see this image.

Connect to the Internet if you can't see this image.

Connect to the Internet if you can't see this image.

FIREWALL.NET  has installation screenshots for all major firewalls.  Must site to visit.


                             How well did you configure your firewall ?  Any Ports open ?

                                                               Have it checked at  : 





Blackcode [EXCELLENT]:



Computer Cops Security Professionals:


PC Flank Complete Check [EXCELLENT]:

PCPitStop Checks/TuneUp:

Qualys' Free Browser Checkup:

Sygate Online Services [EXCELLENT]:

Steve Gibons's ShieldsUP [GRC-Gibson Research Centre]: