Do old Firewalls pose a security risk?

Hi, I have been coming to this site for many years to gain information and I haven't felt the need to post before simply because any question I have ever had has already been answered before in a thread somewhere. This is a compliment to your community as a whole and retrospectively I'd like to thank you all for the help.

Anyway... what I mean by 'old firewalls' specifically relates to firewalls that are very infrequently updated e.g. Outpost Free and PC Tools or firewalls that are no longer free but a free version can still be downloaded e.g. Kerio Personal 2.1.5.

Just to give you some background, I'm on XP SP3 and I previously used Outpost Pro which I liked a lot but my license ran out recently so I've decided to go the free route. In the past I have used Online Armor but I installed 4.5 the other day and it caused a major lag in start up times. I'm using Private Firewall at the moment but I don't like it very much. As I liked Outpost so much I thought I would give their free version a go but I noticed it hasn't been updated since May 2009 and PC Tools hasn't been updated since September 2009 and Kerio is many years old.

So my question is would there be a risk in using one of these firewalls? My guess is the HIPS for Outpost and the Behavioural blocker for PC Tools (or whatever it is) are the things that pose a problem if they aren't updated. If this assumption is correct do you think I would be better off using a combination like Kerio and Threatfire (or Winpatrol) rather than relying on the old version of Outpost free.

Any advice you can give will be appreciated, thanks.

 

Old firewalls like Sygate are as good as the new ones especially if you do not care about leak tests. Along with a pure firewall you can run a HIPS with ease. See this thread for more https://www.wilderssecurity.com/showthread.php?t=236132.

 

Modern firewalls and older ones like Kerio 2.1.5 can't be directly compared. The modern firewalls are security suites that perform multiple functions while Kerio is strictly an internet firewall. A firewall like Kerio is still very effective provided the user knows how to configure it. The additional functions that are part of newer firewalls (HIPS, behavior blocking, IDS) can be provided by separate applications. There's pros and cons to both methods. Which is better depends on a lot of things, starting with the skill of the user and the type of security policy being implemented.

I still use Kerio 2.1.5 on XP and am very happy with it. When combined with System Safety Monitor, (one of the older HIPS that's no longer supported) it's a very effective combination that's lighter than any security suite/firewall. If you want to try Kerio, check out the Kerio learning thread in this forum.

 

I can only agree. I have an xp setup that I use regularly where I configured 8Signs FW to run with SSM/DefenseWall/Proxomitron. It is as rock solid and secure as any other more recent FW combinaisons that I also experimented with lastly. Particularly true if you are behind a good router.

 

in general yes they can pose a security risk because since its old software, if an exploit is found, it will not be patched, and also the firewall will no longer be improved on since its dead which means new firewalls have the potential to be more secure for current threats but thats not always the case.

 

Another aspect: an old firewall not more developed hardly will have a real autoprotection.

 

I use Comodo Firewall Pro version 3.0.25.378 Free with Defense+ (HIPS protection) and have been with it for about 4 years.

It cannot be updated since Comodo only provide their CIS now which is a package of AV, Firewall, Defense+ and sandbox. You can say Yes/No to any one of these, but CIS-v4 has always crashed for me and in any case means me uninstalling my FW Pro and Defense+ with all my settings and installing CIS to start again from scratch.

I am worried about the lack of updating, but I am told that because Firewalls protect selected ports say 80 - 139+/- with their protective set of fixed rules for Inward and Outward bound traffic, then updating is rarely if at all needed.

They are not so dependent on the rapid variations and bug growth which AV systems have to sustain.

So unless your FW is VERY old it should be OK. Personally if I were you I would go for a new FW like Comodo or give Online Armor another try, two of the most highly acclaimed Firewalls on the market and FREE. Why slog away with the Golden Oldies when a brand new FW is at your finger tips ? If OA really is a problem, there is a wide choice of others.

My Defense+ should be updated, but as explained, I am stuck with it for now.
When I have reason to do so, I will replace it.

John Bull

 

Thanks for the information and advice. I think i'll try out Kerio as the learning thread looks helpful and I might learn something about firewalls at the same time.

Having said that though I would prefer a newer firewall so I will try out the final version of PC Tools firewall when it is released, Kerio should tide me over till then.

Thanks again.

 

Heck, I'm still using Tiny Personal Firewall (TPF) with System Safety Monitor (SSM) without any Anti-Virus software- and have been for years with Win XP. TPF has a very user friendly "real time" network address IN/OUT monitor log with "real time" deny access ability. Are there any other firewalls that have that?

The number of "IP addresses" tracking your internet browsing habits from website to website is incredible (for example: omniture). But that belongs on another post.

About once a year I get a hacker malware event that requires a Back-up Restore.

 

Some caution is needed.

I have seen various reports of problems with firewalls such as (quick examples) Kerio 2.x and Jetico V1. Older/unsupported firewalls can become broken due to windows SPs/system driver updates, and in extreme cases cause system instability and BSOD. Not all problems can be so apparent, as just because an old firewall runs on the system and does not cause BSOD, that in itself does not prove the firewall is actually filtering correctly and protecting the system.


- Stem

 

Still running Sygate in all my snapshots, except for one which has a paid version of OA that I got in a promotion in February.