Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Leak' Test of 21 Personal Firewalls

Posted by Zonk on from the keep-the-hold-sealed-there-lad dept.

mork writes "Matousec.com, as part of a larger analysis of personal firewalls on Windows, has conducted a thorough leak test of 21 pieces of firewall software. Leak tests imitate common methods used by trojans or spyware to send your information from your computer. Windows Firewall XP SP2 fails every test, so the fears that the days of third party firewall software was over seem groundless. Surprisingly the two top programs are both freeware." From the article: "Some firewalls totally failed tests made against their default settings but their results on the highest security settings were much better. Kaspersky Internet Security 6.0.0.303 is the product with the biggest difference between the default settings score and the highest security settings score. Another such product is Safety.Net. Some products like BitDefender, F-Secure, McAfee, Panda, etc. include antivirus engines. The sad and funny thing in once is that lots of them mark leak-testing software as viruses or malware."

9 of 104 comments (clear)

  1. Comodo by Hennell · · Score: 2, Informative

    Just to say I've been running comodo for ages, and find it great to use. Slows down the computer allot less then Norten and is far easier to customise and make rules for. Not to mention it has a very helpfull message board and its free. Comodo Site.

  2. XP SP2 firewall is inbound only by MagicM · · Score: 4, Informative

    The "personal firewall" in Windows XP SP2 was never advertised to block outgoing connections. In fact, this PDF states: "Windows Firewall blocks unsolicited incoming traffic. However, you cannot configure Windows Firewall to block outgoing traffic."

    So of course it failed every test.

  3. Re:Firewalls for Linux by silentounce · · Score: 2, Informative

    http://www.linux-sec.net/Firewall/Testing/

    --
    There are many tongues to talk, and but few heads to think. -Victor Hugo
  4. Re:What about Zone Alarm FREE? by jandrese · · Score: 1, Informative

    Perhaps, but that still doesn't help the fact that ZoneAlarm is a shocking resource hog on a system.

    --

    I read the internet for the articles.
  5. Re:Hardly critical by KermodeBear · · Score: 3, Informative

    By stopping outgoing traffic you can protect your privacy and, in the event you become infected with a worm of some kind, it can help prevent you from infecting others and clogging up the network.

    --
    Love sees no species.
  6. Re:Yet it tries to anyway, and poorly by MagicM · · Score: 2, Informative

    Did they include outbound protection at all? If so, I'm not familiar with it.

    They include "protection" when an app opens a port to receive data on. That would "protect" against apps that are trying to allow your computer to be controlled remotely. However, nothing gets filtered when an app decides to send data somewhere.

    disclaimer: These arguments are 100% based on truthiness.

  7. Re:Typical Security Guys by redtetrahedron · · Score: 2, Informative

    I keep looking for a simple, light weight connection viewer, I don't care about popups and warnings and stuff, but it would be nice to be able to look at open connections if I think something is up. I'm sure there is something out there, I just haven't found it yet. Try TcpView at http://www.sysinternals.com/
  8. Re:Typical Security Guys by rcamera · · Score: 2, Informative

    have you tried 'netstat -a' at command prompt?

    --
    Wave upon wave of demented avengers March cheerfully out of obscurity into the dream
  9. Re:Hardly critical by KermodeBear · · Score: 2, Informative

    I run Windows AND Linux; Strangely enough, I've never had a problem with either in well over six years. Windows has more holes than a goth girl's ear but if you do what I do you'll have the same success:

    Keep up with the updates, use FireFox for web, use a webmail client or Thunderbird, don't download anything from an untrustworthy site, don't run executables from Usenet or P2P networks, stick yourself on a private network, isolated from the 'net. In short, be smart about where you go, how you get there, what you download, and what you run. It isn't that complicated. Whenever I see a friend's computer crawling with the nasties I have to wonder what on earth they were doing to get it...

    --
    Love sees no species.