Can we really trust Filseclab Personal Firewall Pro 3 for blocking Trojans?

What really attract me in this latest firewall were its built-in rules for blocking Trojans. And I think every firewall made should have these pre-made rules for blocking Trojans instead of adding some “other things” making them “bulky” and bloated. But, I’m not an expert on this… can someone out there knowledgeable enough to test this firewall if it can really does its job in blocking Trojans? Well, this could be very valuable for those who don’t have real-time Trojan monitor.

 

A firewall is only going to keep a trojan from connecting out, it won't keep you from getting infected in the first place. Fileseclab also doesn't have any protection against tricks trojans can use to slip through your firewall unnoticed. In short, if you're looking for secondary trojan protection, I wouldn't count solely on a (any) firewall. Some will argue the need for secondary trojan protection at all, however, so it's ultimately up to you and what you want

 

Yep, Notok's right. All Filseclab does with the built-in Troajn rules is that it blocks a number of ports mostly used by Trojans.

 

Yap... I know, but what I'm referring into was that if this trojan blocking rules in this firewall if they are really effective in blocking these certain trojans from entering our pc.

Because... of all the Firewalls I've seen so far...('m not really sure) I think Filseclab provides the most trojan blocking rules compared to others. The question was that... are they really effective?

Of course I'm aware that trojan real-time monitor from anti-trojan specialist was much more better... but this an "active protection" and I'm just wondering then if the rules made for the "passive protection" of this firewall can really do its job effectively.

 

Only really old trojans (BackOrifice, NetBus, etc) use fixed ports for communicating, so only those could be affected by firewall rules blocking set ports. Since most trojans enter a system via a legitimate download (hidden within another application) no firewall is going to stop them coming in (unless set to block everything) - what firewalls can do is alert and block any new applications (including activated trojans) from sending data out. This is done not by blocking specific types of traffic, but by having a tight configuration which only allows legitimate applications to send data out (e.g. email clients, browsers, etc).

 

Your firewall should be configured so that anything not permitted by rules (inbound or outbound) is implicitly denied. With this type of configuration there is no need for specific trojan rules. Focus on your permit rules and let the firewall deny anything else. This approach also helps keep the rule set smaller and easier to manage.

Regards,

CrazyM