2 page of CB
Scarso=Insufficient
Pessimo=Very Baaaaaad!
Gratuito=Free
Buono=Good
Molto Buono=Very Good!
PC Magazine test was on 20 (twenty) firewalls. Every test= 1 page! Impossible to scan all these pages!!! ;D
Don’t worry… if it says that no firewall is good it’s ok… It will be very bad if it says: only this firewall works…
I doubt that some tests are paied by the winners ;D
You don’t have to pay for a firewall: ZoneAlarm does its job (everyone recognizes the knowleadge of ZoneLabs), Sygate (if you don’t have a local proxy, in my opinion), Outpost and Kerio. All have free versions.
Yeah, Tech, this is the point. I trust in the tests because the result (in short words) is BAD for ALL the softwares:
1 Firewalls blocks inbound connection - good
2 Firewalls are vulnerable to malware attacks - not good
3 Firewalls are dismantled or damaged (totally or almost) by massive attacks
4 ALL the Firewalls don’t block the most of the outbound attacks
All known firewalls tested: Outpost, Kerio, McAfee, Norton, ZoneLab, Sygate, Kaspersky, Microsoft Beta, etcetera.
The final comment (by the journalist) is (as I said in other part of this Forum):“These products are good products… but they have no right to call itself firewall”
Yes Kamulko! these are good products not perfect just good that’s what keeps us looking for better ones
these products are good enough for personal use !
they keep your ports stealth and warn you if an application tries to go on the internet without your permisssion…
Maybe in case of a targetted professionnal hacker attack it’s not enough but… most attacks come from sniffing by script kiddies.
we just have to be “aware” (like JC van Damme ;D) If you’re too paranoid, just unplug your internet wire.
Thanx for the tip, David R.
I tested some of leak-test apps and found that most of them are harmless as long as IE is blocked (I use an IE alternative for a few sites such as Windows Update, which is a cheap trick which even a non-specialist like me can think of). However, one of the leak-test apps was successful in connecting to the net through svhost. Unfortunately, I need svhost for my router. Is there any way to solve this issue or should I have to live with it?
I asked about sandbox apps in another thread but maybe I should have asked in this thread from the start.
What was the URL of the svchost leak test?
What firewall were/are you using?
I tend to keep with firefox as my primary browser where ever possible because it doesn’t use activeX, BHOs and isn’t an integral part of the OS, this makes it (IMHO) less vulnerable than IE.
If you lessen the risk of attack (the program has to get in first), you lessen the risk of this type of outbound connection being initiated. Another thing I do is to restrict the rights of your browser so you are not browsing whilst logged on as a user with administrator rights ‘MS Drop My Rights’ can do this just for apps that connect to the internet so you can remain logged on with administrator rights.
I just want to say to all.
Having outpund protection is nice.
But is not really needed for normal users.
All the years I have used Sygate, sure it has allowed me to control and monitor the traffic going in and out. Kind of grown and need to know, hehe.
But I never had reason to think I was anymore better safe than with only XP SP2 fw.
Must be my safe habits then?
So why I say those are for only peoples paranoia minds mostly is not a generalition, just my own experience.
So I have to agree with Lukas.
I forgot to mention those users running software firewalls as their only protection, but having them poorly configured, allowing more than poor sp2 fw. ;D
Not everyone has the same level of experience to help protect them so a firewall that provides outbound protection is advisable. So I would say it is more essential for the ‘normal’ user who tends to be less experienced.
You are obviously not the ‘normal’ user so may statement holds true for you, so you could get away without outbound protection. But it only takes one outbound connection with your account details, user names, passwords, etc. to be quite expensive.
If you lessen the risk of attack (the program has to get in first), you lessen the risk of this type of outbound connection being initiated.
If you’re the sort of person who could spot malicious outbound traffic and block it, you’re probably the sort of person who is going to be careful about not downloading any Trojans in the first place.
And if you’re the sort of person who downloads Trojan horses, you’re probably going to click ‘yes’ to an outbound traffic warning without giving it a lot of thought.
For this reason, I agree with Jarmo P: outbound traffic control is not that important for ‘normal’ users. The importance of leaktests is exaggerated in some places. It’s more important to be careful about what you allow onto your computer in the first place.
Ok, ask this to ‘normal’ users that even know what they’re doing, what they’re allowing onto their computers in the first time.
Sorry, this is a loop discussion: oh, outbound monitoring is useless for normal users, they’re to intelligent that they will never commite a mistake and allow nothing bad on their computer… unfortunatelly, they’re ‘normal’ users and even know what and where they are, how bad could be surf…, etc..
Yes, Tech, you are right… and UNFORTUNATELY many normal users come here every day with spyware, viruses, trojans and worm problems eheheh ;D
Normal users come here because they have not been using an anti-virus and firewall, they have been downloading any opening any shiny thing they saw on the web, their operating system hasn’t been updated since they bought the computer in 2001, their ISP for somereason doesn’t filter email viruses and they click on every attachment which says ‘I am an evil Trojan’ please open me’.
For ‘normal’ users, outbound traffic control means squat. They’ll just click ‘yes’ to the pop-up which says ‘would you like to allow program.exe to connect to the internet?’
A little bit of education about internet security, safe browsing and web behaviour will go a lot further than a firewall that passes all the latest leaktests.
You can blow $40 on outpost if you want; for me, Kerio free and a bit of web sense is enough: never had a Trojan yet.
Very wise words: I’m not a monster of pc but I had only 1 malware in my pc-life. I know, I’m a little paranoid but maybe this is the cause of my “luck”. You know, most of us like to try new utilities and software: is normal. Without any hazard is impossible to discover and learn something new… I think like you: INFORMATION, PRECAUTION and FORUM FRIENDS WHO HELP IN THE CASE OF DAMAGES!!! ;D
Howdy FreewheelinFrank,
It is not always the user, and it is not always the OS, it is also consumer friendliness. What are to-days’ common hazards to surfers in general malicious scripts, drive-by or rather surf-by infections, the same bugs all over and over all as sort of variations of Java out of the sandbox bugs (e.g. BiteVerify exploit etc.). Problem number 1 virus, problem number 2, and growing spy-, ad- & scumware, problem number 3 spam. There are pessimists that predict the internet with its dozen or so backbones will completely clot up, we’re heading for a traffic jam. Or is there a way out?
But remember always stay on the bright side of life, tadoo, tadoo,
yours sincerely,
polonus
;D Thanks for your friendly suggestions: may the Gods of the web protect us! ahahah ;D
I love to try new software too, but ever since my first experience with spyware, I’ve learnt a few thing:
-only download from reliable sources
-check out the software on Google
-scan before installing
For most ‘normal’ users (i.e. not geeks, and, let’s face it, anybody hanging out in a computer forum is by definition a geek a geek) these rules are more important than a ‘leak proof’ firewall.