ESET Smart Security: Final Grade

Discussion in 'ESET Smart Security' started by Dennis7, Jun 1, 2009.

Thread Status:
Not open for further replies.
  1. Dennis7

    Dennis7 Registered Member

    Joined:
    May 5, 2009
    Posts:
    7
    In two days my free 30 day test drive with ESET Smart Security will be over.

    I am sure you all have read reviews from various sources concerning ESET and other security software.

    Can you really trust ANY reviewo_O

    ---Does advertising revenue influence favorable reviews?

    ---Do some review sources accept bribery, "payola", or special miscellaneous payments/compensation to guarantee a "top review"?

    ---Can some former irate/terminated employees of a software company post negative reviews of their former product for revenge?

    ---Do some current employees of a software company post negative reviews of their competitors products, and/or post highly favorable reviews of their own product---to boost saleso_O

    ---How many reviews are posted by people who are either barely computer literate, or try to install products on an old computer not up to the minimum specifications.

    ---Or how many reviews are posted "just for the fun of it", etc.

    Well, I have never been employed by a computer software company, and I have 10 years of computer experience. So here is my honest, truthful, and unbiased experience with ESET Smart Security.

    In the 29 days I have used this product:

    ---I have not experienced any conflicts or "hiccups" with my computer system. Smart Security played very nicely with my computer!

    ---No firewall intrusions occurred. Smart Security did it's job and kept my computer SAFE!

    ---At the end of day 28 of my free trial, I performed a full malware scan with ESET. It reported that my computer was free of malware. Of course this report had to be confirmed, so I followed this scan up with full deep scans using the following FREE security software products:

    Spyware Doctor (Free version part of Google Pack), Avira, and Maleware Bytes.

    The follow-up scans reported 2 false positives, and a few tracking cookies (not really a security threat).

    ESET certainly did it's job in keeping my computer safe from malware! And it's results could be trusted!

    FINAL GRADE: Therefore, I give ESET Smart Security a final grade of "A".

    Unfortunately, until I receive a satisfactory explanation from ESET on why it's Smart Security Suite is rated near the bottom at the highly respected "Matousec Firewall" review site, I will NOT purchase a license for Smart Security. Next I plan to experiment with using FREE top rated firewall and/or anti-virus products in order to make the paid alternatives EARN MY BUSINESS!!!

    Just take a look at the pathetic results of ESET Smart Security at the Matousec site. And worse of all, ESET will not even come to bat and defend their product with some adequate explanation!!!

    (Scroll up to see the chart)

    http://www.matousec.com/projects/proactive-security-challenge/results.php#detailed-results

    NOTE: These tests can easily be recreated by anyone to confirm the fairness of Matousec results. Detailed reasons are also given on the various tests a particular software product failed/passed to earn it's protection level.

    It is hoped that someone from ESET will reply and defend their product!
     
    Last edited: Jun 2, 2009
  2. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    Don't you get a free license?
     
  3. Dennis7

    Dennis7 Registered Member

    Joined:
    May 5, 2009
    Posts:
    7
    The only FREE license you get from ESET Smart Security is for a limited 30 day trial. After the 30 days you have to pay for a license to continue using it.
     
  4. miki69

    miki69 Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    133
    Location:
    Vienna, Austria
    as for MATOUSEC.com tests (which I highly appreciate), ESET said that you cannot test just firewall as a standalone feature rather you have to test it all together...

    Somehow I don't believe this, as if you check results you'll see Kaspersky IS scored pretty good also NIS (Norton) was rated good...also all major firewall players seem to praise matousec regardless of results (as you indicated in your post).
     
  5. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I think it is the best currently out there. I coupled mine with Sandboxie and feel that is about as good as you can get.
     
  6. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    I though you were using Prevx too?

    Um.... no.

    Do a little research on this forum and you will see most people think the entire thing is a joke.
     
  7. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,131

    Matousec is a hack I wouldn't believe a word he writes, trust ESS it will keep you safe...
     
  8. osip

    osip Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    610
    certainly among the best...The FW is great in interactive mode with all needed options. With sandboxie and ZemanaAL 1 year beta code I feel fine.
     
  9. miki69

    miki69 Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    133
    Location:
    Vienna, Austria
    All major Firewall/Security vendors recognize their test results and their methodology, so I would be careful with such statements. If you're devoted to ESET that's fine, but there are other solutions out there, and there is no such thing as all-in-one best suite.

    Cheers,
    Miki
     
  10. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,131

    no I just think that the vendor you name is questionable in his methods & he holds firewall makers hostage with the belief that his word is gospel...
     
  11. miki69

    miki69 Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    133
    Location:
    Vienna, Austria
    as I trust in VB100 and AV-Comparatives when it comes down to AV (topping NOD32), I take matousec for Firewalls (topping Online Armor and Comodo). Definitely not the other way around. But of course one can say ALL these resources are questionable/biased. It's a matter of approach.

    There are many solutions out there, people should find some according to their liking. As for me I already did.

    EDIT:
    I just realized, as this is ESET support forum, to talk negative about ESS. Sorry for that, no harm meant.

    Cheers,
    Miki
     
    Last edited: Jun 3, 2009
  12. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    That's the problem, they take the job of a firewall out of perspective, it's isn't a test for firewalls, otherwise they would probably all be 100.
     
  13. ddmd

    ddmd Registered Member

    Joined:
    Jun 6, 2009
    Posts:
    5
    Has anyone performed the various leak tests, including Matousec's, with the entire Smart Security package (FW + AV)? If it catches all malware, ingoing or outgoing, who cares if the standalone firewall doesn't perform well.
     
  14. toddzy

    toddzy Registered Member

    Joined:
    Jan 23, 2008
    Posts:
    10
    Yes I have, using build 4.0.437.0. I'm a reseller for Eset Australia. Matousec have confirmed for me that ESS is tested with all modules active, and with highest security options enabled i.e. in Interactive mode. As a reseller I wanted to see this for myself. I downloaded the test suite and only used the level 1 tests to compare them with Matousec's claimed results for ESS, and unfortunately Matousec's results are correct. NOTE, if you do these tests yourself, please ensure you understand Matousec's testing methodology, which they would obviously apply to each tested product. This documentation is not currently on their website, so I had to get the more detailed testing instructions from Matousec via email. They said,
    1) After the installation on the clean OS, the product has to be configured and initialized. This also means that permanent Allow/Permit rules are created for following actions

    a) network access via Internet Explorer 8,
    b) network access via Windows Explorer 8,
    c) all actions that happend during Windows Update procedure
    d) running cmd.exe and running scripts from cmd.exe, running scripts with scheduler
    e) running Internet Explorer and Windows Explorer from cmd.exe

    (I personally wasn't sure what they meant by b), d) or e), so all I did was ensured that each action worked i.e. they were already permitted/achievable without my intervention.)

    This initialization should simulate common user behavior and set the product to a state in which there are some very common rules. In general, all product alerts/popups asking about an action of system component should be permited and all product alerts/popups asking about the test or its part or helper component should be blocked.

    (Be careful with interpreting this one. My interpretation is, if it looks like a system component or "friendly" program is trying to access the internet, then permit it. Obviously you'll know it's the testing tool exploiting the system component, but still, that's the testing methodology, so you'll have to allow it.)


    2) ssts.conf must be configured properly:

    processes=2
    egui.exe
    ekrn.exe

    and

    services=7
    eamon
    ehdrv
    Epfwndis
    epfw
    epfwtdi
    EhttpSrv
    ekrn

    All tests should be run with -v (e.g. "leaktest.exe -v"), other options are for our internal use.

    (Don't forget to type "I agree" at the bottom of the configuration file and only do this on a test computer!)

    It's my interpretation that Eset's firewall overall failed the level 1 Matousec tests because it wasn't able to correctly identify that the "threat" (the testing tool) was the program that was actually trying to access the internet, not the system component. But having said that, I recall 1 or 2 of the tests not generating any alerts/pop-ups and doing exactly what they wanted to do to the computer.

    My perspective on Matousec's firewall tests used to be negative, but more reading into their website and understanding of the tests now seem very credible to me (assuming they apply the same consistent methodology to each tested product i.e. assuming they are unbias). I sincerely hope Eset improve their firewall to properly compliment their top-performing anti-virus protection.

    Having said all this, I wonder how many people actually realise most users (people who are NOT tech savvy) would actually click "Allow" on most, if not all, alerts/pop-ups because they don't know what they're looking for or what they're doing, which is why I only really care about inbound firewall protection and setting up my clients with ESS's firewall in Automatic mode. I'm still yet to test ESS firewall's inbound protection using shields-up at GRC.com.

    Also, all you techies out there take note, if you EVER click the button "Remember this answer for next time" on a firewall's security alert/pop-up, then you are literally LOWERING your firewall's outbound protection level and the Matousec test results become IRRELEVANT! The more "Allow" rules you create the less secure your firewall's "program control" is! So really, does anyone use the outbound firewall protection feature properly? I would guess not many, because people don't want to be annoyed by frequent pop-ups. Yeah you know it. :p ;) cheers
     
  15. ddmd

    ddmd Registered Member

    Joined:
    Jun 6, 2009
    Posts:
    5
    Thanks, that's the answer I was looking for. I'm sure the firewall, which is still
    relatively immature, will continue to be improved.
     
  16. ASpace

    ASpace Guest

    You are right .
    However , I think that ESS's firewall is made to comply the suit itself (the AV protection) and to provide good enough inbound protection to the whole thing . Matousec do one main mistake - no matter the methods used in the test they treat some products (at least in their minds) as stand-alone firewalls and not like "a suit" .

    A firewall must be properly configured . For example , I create rules for the common applications but I specify the application , the protocol , the local or remote port (where possible) , remote addresses . The more specific rules you have , the better the protection . It takes much more time and more pop-ups but it is not for everyone .

    I think (again) that it is not firewall's job to find/identify or block whatever tools/applications there might exist that try to exploit something . Firewall's basic job is to filter unwanted incoming communication (+ program connection outgoing filtering) but these that exploit something should be detected or blocked by other types of protection .
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.