which firewalls pass all leaktests?

Which firewalls pass all the leaktests out there and is lightweight/unbloated? Is there a site that does something like av-comparatives where you can see this information? I'm just looking for a list so I can start trying them out for myself and see which one works best for me.

 

Firewall leaktester

 

Firewalls' ratings
The table below sorts the tested firewalls by their final score. This table also shows the exact version of every tested product.

--------------------------------------------------------------------------------

 

antus where did you find that info?
firewallleaktester only has a couple of software listed

i'm looking for something more general as I'ved tried kis and the antivirus part of it lagged my computer like crazy

 

http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

 

Antus,
Do you know if these are all tested with the default out of the box settings?? With proper tweeking most of them can be made more secure.

gobbledog

 

http://www.matousec.com/projects/wi...-analysis/leak-tests-results.php#introduction

--------------------------------------------------------------------------------

 

I know with Avira, there is a marked difference between the medium setting and high. High is pretty secure but can cause some issues as we found out in testing. Anyway, Stefan said there are some updates coming to it so I only see it getting better.

 

On my machine it was better than good as it knocked most all the leak tests i threw at it and especially uncovered those that try to sneak thru explorer or the shell to filter thru IE to get to the internet.

I'll have to retry those and check to see if any newer ones are floating the web too as well as updates, but KIS6 thoroughly impressed me with it's results so far.

edit:

Umm, it's one thing to test "outbounds" does anyone have any vaild links to attempts to invade/flood "inbounds"?

 

I believe the pcflank website has various tests to test inbound protection.

 

No firewall will EVER pass ALL leaktests. You are not absolutely leakproof even when crossing the street every day, right? So why would a firewall be?
I would keep my faith im Matousec, and yep, we are all running a very buggy quality software on our machines. It's not just the M$ thing.

 

No. Maybe not the firewall alone, but so long as you have a layered shielding in place which includes behavior blocking/suspending HIPS in essence, your firewall is a safe as Fort Knox IMO.

Try it and see.

 

Not exactly. You are under the "strong impression" that you're tight as Fort Knox. That's good, you feel more confident. It is also good because in the process of building your system defence you learn alot of useful information of how your system works and communicates. That's the best defence you can get, if you understand how protection works you can put your brains as a first line of defence. Applications are there just to help you to protect yourself, and to make you feel more confident. What does top firewall and HIPS mean to an absolute newbie. Nothing. He is not preotected simply by installing some software. Well, I am getting too philosophic here, so... let's help the original poster, and say Jetico, Comodo, Outpost or Kerio.

 

What about k anti hacker?

 

Freeware firewall that i'm aware of:

Kerio 2.1.5 and Kerio 4 free version; the latest is easier to use, i guess, but a lot of people say you don't need more than 2.1.5.
Comodo PF
Jetico1
Sygate Personal Firewall Free 5.6.2808
Zone Alarm v.something, free version
others that i can't remember

Comodo is easy to use. I'm about to try Kerio myself (2.1.5) to learn more about setting up a firewall. You see, Comodo does almost everything for you except outbound. You can change whatever, but since it comes already configured, i never bothered.
Comodo passes the leaktests, Kerio 2.1.5 i doubt, but with other programs, leaktests are not so important.
I still like to know that it passes them, because it's just another way for information to leak.

All of these seem very good. I tried Zone Alarm and Kerio before, but eventually i chose Comodo. I liked it better somehow. One of them gave me some issues, but i won't name it for it will not help you. You and your computer (system) have to choose. I hear others report Comodo dragging the computer. I don't see that, although my conection seems sluggish these days (maybe because of last update). Can't say what's the problem, it could be Comodo. I'll find out while testing Kerio.

I'd recomend reading reviews and testing yourself some that caught your eye. When you choose, tell us . Or ask what you want while using them (some folks here really know about firewalls, like Stem; just don't ask them for the BEST FIREWALL).

Do not choose based only on leaktests IMHO. Use it as another criteria.
Choose what you like most, and what fits you best.

 

I found this interesting:

On the same page, which I also came across in another forum here, there is also a link to another article. I don't want to start a war or anything (I even fell hesitant posting this, in case it's just "no news" or "old news"), and I admit that I lack the knowledge to discuss the seriousness of these issues, but for me, it put this "leak testing craze" in a different light:

From:
http://www.matousec.com/matousec/bl...erception_of_the_test_did_not_fix_the_problem

So if someone knowledgeable could explain or clarify this, then please do so.

 

lol, this was what i asked in a thread about the last Outpost's features/ changes. I noticed that "Fake Protection Revealer leaktest interception" part. Nobody knew.
Not sure if what he says is important too, but to build a feature to cheat the uncheater is funny though.

 

How clever!

 

Hmmm, matousec recently revealed a serious problem with outpost.

"One of vulnerable files in the Outpost installation directory is SandBox.sys, the driver that implements Outpost Self-Protection mechanisms. Attackers are able to replace this driver with a fake copy that will be loaded into the system after the next reboot. This can result in a complete system control because driver's code is executed in the privileged kernel mode. The fake driver can be implemented such that the user has no chance to notice the attack."

I wonder if this would have been discovered/revealed if outpost had responded differently to the FPR (fake protection revealer) revelations?

 

Kerio 2.1.5 only checks name of executable, path and checksum (MD5) so it´s only able to stop old leaktests like Leaktest from GRC.com.
In other words, Kerio 2.1.5 has not any HIPS abilities.

 

Latest results are posted.
Kaspersky and ZoneAlarm has improved.