AV-Comparatives Firewall Test 03/2014

Fax, good point. But the default policy when first installed is RulesWizarrd which means it asks questions.
Perhaps for first reboot one does learning, but that's all.

 

Well, if Auto-learn is not the default at install then indeed the Av-comparitives test is flawed for Outpost...

 

Maybe comodo firewall was not tested for the very same reasons comodo will not have their av tested...incorrect testing methodology.

 

It s not surprise for me the Outpost results ,having in mind the amount of ports in the excepted ports list.The firewall is a mess.

I wonder what would be the outcome if the firewall would be tested while switched to Enterteinment Mode ,applied to the situation when multimedia applications require full screen.

The Outpost users know very well that the default firewall policy for Enterteinment Mode is Allow Most ,everything not denied is allowed.
Also due to a bug even if you set the default policy to something else like Block Most the application for which the Enterteinment Policy is allowed will switch the firewall in the same Allow Most.
If in the normal mode you are wide open what would happen while you are watching a movie or playing a game ?!

I wonder if any of the guys at Agnitum are using this firewall in their own PC-s
I am no hater (loved this firewall in the past) ,but had to tell this for the users to know that the results are bad because there are issues not due to the fact the test is biased or something.
This firewall has flaws.

Zone Alarm might be having problems due to the default rules ,i find some of them being to open by default.Stability of this software is another thing.

Kudos to Kaspersky and the build in firewall.

I think we need firewalls and not watergates .

 

Hmmm...now most of "great" FWs suck and Win FW is the best?
Who is wrong? AVC or users?

 

I'm still waiting for Fabian Wosar's answer concerning OA
Off Topic did you see his avatar photo at Emsisoft's forums?

 

Yeah, so?

 

he looks creepy

 

Lol.

I thought it was because of the past issue between AV Comparative and Comodo's CEO? Y'know, that email stuff.

 

It doesn,t matter if the test methodology was too limited. All that matters is that they tested the very basic function of a FW that no firewall is supposed to fail and many big names failed miserable here. It"s time for these vendors to wake up and work more rather than making big claims.

 

To give a quick update: I tried to replicate their results but was unable to. Online Armor behaved the way I expected it to which is:

1. Block access to all file sharing ports unless it the access originates from a trusted network/computer.
2. Block ping requests unless the requests originates from a trusted network/computer.
3. Allow access to the RDP port, no matter which network, as the RDP port is not a restricted port by default.

I contacted AVC. Unfortunately they no longer had the original test systems, but they kindly agreed to replicate the test and collect some additional logs for us. The problem we are facing at the moment is that at least according to the logs Online Armor performed exactly as it should be, blocking all the access attempts from the untrusted network:

Code:

[02/04/14 10:17:34]  2068/814  UDP <- 192.168.20.100:137, 192.168.20.133:137, System(4/0)
[02/04/14 10:17:34]  2068/814  Blocked by restricted port list

[02/04/14 10:17:37]  2068/814  TCP <- 192.168.20.100:139, 192.168.20.133:49822, System(4/0)
[02/04/14 10:17:37]  2068/814  Blocked by restricted port list

However, even though the network connection attempts were blocked according to the logs, AVC was still able to create/edit files remotely. At this point it is clear that somehow Online Armor messes up on their test system, but we don't know why yet. AVC offered remote access to their test setup and we will surely take advantage of that offer, but it will take a bit longer until we know exactly what is causing it.

Thanks, that is exactly the look I was going for . To make sure I haunt you in your dreams, I set my Wilders avatar to the very same avatar I use in our forums. You are welcome.

 

Thanks, Fabian!
I put a link to your post on Comodo's forum.
Maybe they will answer to their users' questions about bad results.....

 

hehe
the dubiousness of software developers

thanks for your answer about the AV-C issue

 

Haha. He looks like a German man

 

Fabian looks like a guy I could drink few beers with....

 

Well, we will have to wait, and see exactly what went wrong with the test.

 

I agree. I sometimes wonder why all the scepticism that security vendors receive on Wilders is never applied to AV-Comparatives. Some people here listen to them as they would listen to God himself.

 

a couple of years ago i ditched all those 3rd parties firewalls and let Windows7/8 handle the task.
the Windows firewall does its job silently and without my input.

i think Win XP used a version of Tiny firewall, if i recall.

 

agree

 

I could be mis-understanding something here, but it seems to me like Comodo Firewall would ask the end-user to trust or not trust the network (very first time connecting to that network).

Seems to get these results, they would have to have choose to trust the local network.

Something I'm missing?

 

Since this was a Firewall Test they should have tested Look "n" Stop, SpyShelter FW, and Jetico FW.

 

Well, it's a commissioned test and what's to be tested in these kind of tests is chosen by the client (here: the German computer magazine Chip)

 

Uh oh. Software firewalls are bad for your health. I am using Online Armor paid version. Should I uninstall it and continue with W8 firewall. Any relevant info is appreciated.

Thanks,

Tech

 

If you are running a real computer and not an AV-Comparatives virtual machine everything is fine with Online Armor.

 

"If the product displays its own prompt for the network type, we set this to the equivalent, e.g.
“Public” or “Untrusted”. However, we do not make any other changes to the product’s configuration."

Read the rest on there too instead of going directly to the results.