http://techfocus.org/comments.php?id=4339&catid=39

ProtoWall is an app that is like PeerGuardian, but it will block much more. Thus far it will block Tcp-Ip/Udp/ICMP/IGMP and raw ip packets from entering or leaving your machine.

The help file for this app is located at http://bluetack.co.uk/pwhelp

Protowall is a driver-based blocking program that will be turning into a full firewall soon, but we wanted to release it as a alternative, due to the high memory usage that PeerGuardian has been experiencing with the last few builds.

Get it at http://www.bluetack.co.uk/forums/index.php?showforum=18

And the verdict BB??

It uses far less resources. It seems to work but I have yet to see anyone test it.. :D Try it out. See what you think.

Some other things I noticed, it continuously updates the IP ranges that it searches. It is more difficult to install than Peer Guardian, but with the online guide you can get it sorted in less than 2 minutes or so. It involves installing a driver in your network card properties.

Hopefully the installer can be configured to automatically install that driver.. along with installing the program in the future.

It does have a database updater built in.. that I do appreciate.

If I think of anything else I will post it here.
:D

This looks interesting. I'm not sure of any other application that actually works with the network card driver. Most typically just scan the incominig IP address.

I'll give it a go tonight and see how it is :D

You should call um RIAA and ask them to try to investigate your PC with the protowall working ?!

LOL

You should call um RIAA and ask them to try to investigate your PC with the protowall working ?!

LOL

go ahead stripe be the beta tester for riaa.

Hmmm, maybe over my head. It just goes on and on allowing packets and not blocking anything. I have emule running, deleted Sygate rules, and disabled Sygate driver level protection.

**edit - I spoke too soon - I have 3 blocks - Taiwan government - and they are "packet to" - UDP

http://www.quickbase.com/up/8q9jbnau/g/rbba/eg/va/proto.JPG

BB, what do you know about the block list manager. It advises the use of it. How to get?

Go to their website Lynch. They have loads of information on it. Baycom was blocked on my machine 30 times in the first hour I had it launched. Make sure you have updated the latest DB of blocked IPs.
:D

Yes, I have hit the update button - then it recommends "block list manager" I will check site - thanks.

Running on my PC as we speak. Uses far fewer resources than PeerGuardian, half the RAM (7MB) and only 1-2% of my CPU (PG used to use anywhere from 20-70%!!)

I'm seeing only 3,760K and 0-3% of cpu but it's probably not blocking anything at the moment (don't know if that makes a difference)

I was RDC from work at the time so there was a lot of data going in and out.

How far up have you guys set your, "log-o-meter"?

i need help with protowall every time i enable it it disconnects me and then i cant connect

@lynch - My log-o-meter is on the default setting, 3-quarters of the way up. I'm only logging bad packets..most are coming from port 80 :confused:

@biker - It disconnects you from the internet? What the... :confused:

@Supa, are bad packets to or from your port 80? It may be the reason why you had trouble with your sig? Although, your sig seems quite stable atm.

@biker, are you on dial-up and that what disconnects?

Kinda funny that I changed all my emule ports by adding a 0 to the port (and made adjustments in my router config) - such as 4673 is now 40673 but they are still trying to get through 4673 - I don't know, it probably makes no difference - they maybe will try to get through all standard emule ports. I, mainly, see standard emule ports being blocked

I was able to install it and it works fine. Got tired of the allowed packets flying by so I disabled it.

I like the app. It's already blocked a few pop-up's as well :D

So far, (besides the pop-ups) nothing's been blocked. I still have Sygate going with my advanced rules intact as well as Peer Guardian for comparisions.

im using dsl from sbc

im using dsl from sbc

Do you see any blocks before protowall disconnects you? If so, can you post what it blocks? I read somewhere where protowall was blocking router access. Also, did you download any block lists and if so, which one are you using?

no blocks and i didnt download a block list

@Supa, are bad packets to or from your port 80? It may be the reason why you had trouble with your sig? Although, your sig seems quite stable atm.

2004/02/10 17:47:11 [->] REJECTED - Source is DELL DELL split 2.3 PGIPDB (XXX.XXX.XXX.XXX) [protocol: TCP / destport: 80]

2004/02/10 17:47:11 [->] REJECTED - Source is DELL DELL split 2.3 PGIPDB (XXX.XXX.XXX.XXX) [protocol: TCP / destport: 80]
Hmmm... a little weird.

Yep. Anyone else shed some light? Is it jsut someone from dell viewing the forum and trying to d/l my sig?

The protowall website is down.

something is wrong. I'm getting hit with packets from IANA reserved every few seconds or less - so far over 8000 this morning - it is slowing my connection down to a crawl. Any thoughts?

protowall also using large memory - 99k

99k a lot of memory? That is less than a megabyte???

When you are getting hit, the program is doing it's job. Do you have your performance optimized for programs or background applications? Try switching it and see if it improves.

:D

99,000k - is more than any app i'm using. :) getting hit every second - now by mostly Red sherrif. - http://cexx.org/sheriff.htm

You should have written 99,000KB.. not 99KB.. :D That's 99MB roughly which is quite a lot.

But with 1GB of ram, it shouldn't even effect your system in the slightest.. now CPU usage might be a different matter...

You might want to configure your router software to block the traffic, and use protowall as a backup?? You might want to reload protowall? Does this happen after a fresh reboot?

I blocked the red sherrif range in my router - so far down to 6,440k - much better

*edit - opps still coming through on the IP I blocked not as much though- its destination is emule ports

Change your default emule port in emule to 4661-9.. and open that port in your router.. the number of hits you get from these companies should be reduced.. I use 4663 on my setup.

I have changed my ports a long time ago. I'm using 10000 and 40660. They still try to get 4662 as well as the new ports i'm using

I have blocked this yet it still comes through.


http://www.quickbase.com/up/8q9jbnau/g/rbgy/eg/va/mule2.PNG

http://www.quickbase.com/up/8q9jbnau/g/rbgz/eg/va/mule.PNG

Dump your shared/incoming folder as soon as you get the files.. the less you share the less they scan.
:D

Your firewall on your router should kick it out.. strange indeed. What they need is a program that would bounce back any scan from a list of know baddies..

That way for every scan they do multiple packets would bounce back and effectively slow down or even bump offline the server that is doing the scanning.. you scan 1 million PCs, and 1 million PCs bounce back multiple packets, well you can see how easy that would f uck them up.
:D

I'm not liking this D-link much anymore. I'm having problems with emule connecting. If I change ports D-link will not allow it or won't pay attentions to settings - even after re-boot.


I don't share much - yes, I do move files out as soon as I get them. I leave some apps in though.

Got a ? about proto and BLM. Do I need to manually update protowall's IP range after downloading with BLM? There is no directory for automatic update retrieval in Protowall.

it dont wanna work for my comp lol,. keeps saying protowall.sys not loaded?i tryed installing, wait for it to finnish then try same thing,

heres the message i get after manuelly installin the xp driver,

so do you see this?

http://www.quickbase.com/up/8q9jbnau/g/rbg8/eg/va/55.PNG