I tested Outpost and it failed

I tested it out of the box, and tweaked for my systems configuration, and it failed wallbreaker, dnstester, thermite, pcaudit, yalta, and test 3 of awft

 

What firewall passes all the leaks test then?

 

I would have to say that no firewall will pass every leak test. There are bound to pass some and fail some.

This is why people don't only rely only firewall but will also rely on other application to help them strengthen their security.

Adding a AV, AT, A Process Control ( PG, AB, SSM ). etc. Will help you prevent these type of problem.

Since these leakiest will use methods like injection then some FW won't even see them launching another app. Best offence starts with a good defence which is layered to cover various aspect of your security force.

cheers!

 

Well when I tested Kerio, it only failed three tests, not six like Outpost just did, but it used more resources than Outpost does.

 

Every Firewall will have their weakness and also have their strenght. All depends why your getting a Firewall.

If the goal of your firewall is to control outbound app then a Firewall with this capability and a dll detection would be to consider.

If you need a firewall for inbound then pretty much all of them can be configured to protect you from inbound with good descent security. For sure some software firewall or not easy to setup and some are very GUI friendly.

When looking into a software firewall someone would need to consider the usage of the FW they need.

1 - Inbound/Outbound
2 - App Control
3 - DLL control
4 - Rules creation base on application specs
5 - SPI
6 - Level of control
7 - Loggin of informations
8 - Support
9 - Known issues with the app
10 - Sure it might look like OMG wtf ! But it's consider what you'll be using it for.

Just my 2cents

 

I tested Tiny Personal Firewall 5.5.1332:
DNSTester - Failed (I guess)
Firehole - Pass
Ghost - Pass
Copycat - Pass
Leaktest 1.2 - Pass
PCAudit 1&2 - Failed (but possible to deny PCAudit to build the report)
Thermite - Pass
Wallbreaker
1-Fail
2-Pass
3-Pass
AWFT-Firewall Pts: 10
AWFT Pts: 0

 

According to Guillaume's (gkweb's) site Outpost can be configured to pass pcaudit, yalta, and test 6/10 of awft tests (based on Win2k/XP). His site agrees with you on dnstester & thermite.

Further, I agree with FluxGFX; no firewall can pass every leak test. Just secure Outpost -or Kerio- as best possible with the help of the advice from the official forums for these products. Build a nice layered defense on top and rest easy.

 

It's my strong opinion that it's not the firewall that failed, but the owner of the system who failed to protect his system. This has been discussed lots of times. It's a nice bonus that client side firewalls can check the integrity of outgoing processes, but it's a bonus, nothing else.
Catching a leak test tool is a PR matter. Leak tests are demonstrations of potential threats (hijacking trusted processes). So far these threats require local access to a system, so there's your risk.
Worms like Sasser could perhaps exploit this risk, but your firewall will protect you.
Worms like Bagle could perhaps exploit this risk, but it would require manual intervention.
Biggest problem in this area is browser hijacks. I haven't seen this detected by firewalls.

As was mentioned before: layered defense is the way to go. And the best defense is limiting risks by avoiding them. You need not test your firewall. Protect yourself and your firewall.

 

The Outpost forum's Leak Test Score Card FAQ will provide more details on what leaktests Outpost can stop and what configuration measures are needed with some. Only Wallbreaker and Thermite should bypass Outpost regardless of configuration.

For DNSTester you need to implement the "Application DNS" rules given in A Guide to Producing a Secure Configuration for Outpost.