Firewall rules.. auto- decide or not?

Apologies for posting in the wrong thread but I am trying out AIS and have firewall rules set to “auto-decide” which of course eliminates a lot of pop-ups but using GRC leak test,AIS allowed it to run. Why would AIS allow GRC to connect to the net? (Paranoia speaking here) Wink ? Should I be concerned? Should I just go with “ask”? even though that would initiate more pop-ups?

I definitely recommend setting it to Ask.
The rules are remembered so you won’t see more than one popup per application.
It all boils down to what you’re most comfortable with though.

That would be a matter of personal preference, no? “Ask” would be the safer, yet more cumbersome, way to go.

no need to apologize, it’s okay :wink: leave the firewall set to auto-decide at least for a couple of hours, even one day, so that it’s got enough time to learn automatically what’s connecting on your system. Then if you’re if you don’t trust it a hundred percent, you can always set it to “ask”. I’ve been there and I switched it back to auto-decide a while ago. No need after all, following an alert, to confirm what the firewall would do automatically anyway. Just make sure that you’ve got a pop up for both blocked and allowed connections, to keep in touch with traffic management. You can always override a rule if needed. The risk is what if a trojan silently downloaded attempts to connect, but honestly, you’ll have already noticed something wrong going on. And auto-decide doesn’t mean “allow” necessarily. There are blocking rules…more transparency needed there because there’s no obvious way so far to tell how this firewall takes its decisions. The interface will still change, new settings will be implemented from what I read, so let’s wait and see…

That is good useful info :wink:
Set to auto-decide and it failed both GRC leak test and PC Flank.
Set to ask and it passed GRC but sill failed PC Flank. Hmmmmm ??
Any info on how leaky AIS firewall really is?
I am behind a Cisco router but I still become a bit paranoid :-\

Hi smoaky,
were you on “Public/Airport profile” during the PC Flank leak tests?


No. Got it on Work zone
Do you suggest Public zone even at home?

while “public zone” might indeed prevent the leak, you don’t need it. Sticking to work zone is safe enough, and obviously more appropriate on a private LAN.

Cool ;D
Still worried how leaky AIS Firewall is.
Anyone seen any test results on how AIS (Firewall) ranks compared to other ISS i.e. Norton,Kaspersky,Eset,GData, etc.
I have seen a few reviews but it leaves me with doubts.
Have been using Comodo Firewall along with Avast 5 AV.
Comodo Firewall is excellent but get tired of pop-ups …seems forgetful of rule settings.

for your own sake, forget about the leak test, have a glass of wine, and relax ;D

I’m sure we all say that until we get infected. No harshness intended but as you know it is always safer to practice preventive maintenance that try to fix an unexpected hacker, drive by, key logger, trojan attack.
Honestly, over the years what has been your personal experiences with viruses,key loggers,etc. and why did you decide on AIS?
I have had a few bad encounters but only because of my stupidity clicking on a malicious link or web site.

I'm sure we all say that until we get infected

nope ::slight_smile: >>> watch your clicks first, that’s the best line of defense, no need to elaborate, as to drive by downloads and keyloggers…never seen any of these here…I’m not saying this doesn’t exist, I know it does, but not here ;D
Why AIS? well I’ve been running Avast AV for a few years now, I like the interface, V4 like V5…specifically AIS >>> firewall and sandbox…not much to comment on that yet, it’s too early. I was running CIS (Comodo), got fed up with it and was looking for another solution.

Me too,
Drive by and key loggers …never seen em (key loggers are more prevalent with dial-up internet connections I guess)
Ex-CIS user too huh?
Really lliked CIS but damn…got tired of the incessant pop-ups even after setting rules. You too?

no that’s the worse about it, I didn’t have single problem with it, I was running Comodo stuff since CFP 2.4 >>> I just got bored with the interface, not a very serious attitude in terms of security I admit but when I get bored with something I ditch it. And when I saw that CIS 4 brought almost nothing new compared to V3, there was no regret. Avast firewall is far from being perfect yet, but I really like the interface, meant to be silent and efficient at the same time. Not all the bells and whistles of Comodo, no HIPS but I can very well live without that. Yeah I got fed up with the HIPS too, not that it was that noisy, but I was starting to have doubts about the necessity to have it. Yeah, and finally Comodo as a company, not much to add as I don’t want to start another Comodo bashing thread here :wink:

As far as the aIS firewall being leaky, well, I guess it kinda is from everything I gather.
What needs to be remembered though is it can’t get out if it can’t get in in the first place. :wink:

it can't get out if it can't get in in the first place

exactly :wink:

well if a firewall allows it in without asking then that is a problem huh?
proof that AIS blocks this attempt??

Allows what? GRC pointless tests? Eh… we seriously need some firewall testing, beyond Matousec’s crap and GRC’s “stealth” nonsense. :-\

Here is a nice review:,2817,2358469,00.asp Firewall review starts halfway down the page,2817,2358471,00.asp Scroll down to see rating (4.5/5)

Other Firewalls:
Avira (2.5/5),2817,2362248,00.asp
Mcafee (3.5/5),2817,2358913,00.asp
PC Tools (3/5),2817,2356102,00.asp
Norton (5/5),2817,2352816,00.asp
Kaspersky (4.5/5),2817,2351580,00.asp
ESET (3/5),2817,2343658,00.asp

About the leak tests limitations: