Firewall test (matousec)

The new test from matousec PC tools scoring 100%
More Info

Hope they include DFW in their next test.

 

wow PC Tools keeps getting better and better, kinda surprising results for it.

 

i thought that also, i wish they would do more with their AV like they do with their firewall.

 

free pc tools firewall plus and Comodo IS above paid Online Armor
Ive tried pc tool when it became 2nd with 99%. But when i checked with
https://grc.com/x/ne.dll?bh0bkyd2
it was true stealth but failed due to some reason (ping reply received something like that). .
how is it now??

 

I am not surprised by the top three finishes but Kaspersky is within top 5 that is really surprising this is one is the first suite to be in top 5 .
But anyways congratulations to Kaspersky they have a built a great AIO suite.

 

I have been using the PC Tools Firewall Plus along with Avira Premium. It is running very smooth on my system.

I am glad to see Kaspersky do so well, but am somewhat puzzled by the performance of other suite firewalls.

Regards,
Jerry

 

Sometime ago I tested the PC Tools Firewall a bit:

1.) On Windows x64 it almost doesn't have any proactive capabilities, it fails 99% of leaktests. It's just a poor joke. A really poor one.

2.) On Windows x32 it scored very poorly at the Comodo leaktest suite, its level of protection against malware is not compareable to OA or Comodo.
I was totally shocked.

It seems to me PC Tools just want to score well at synthetic, prestigiously public tests. Stupid marketing strategy, IMO.

 

o lol so u mean like the Comodo Leak Test that Comodo developed and Comodo scores 100% on? glad the level of ur testing only goes as far as the CLT...

now im not saying PC Tools FW is as good as OA or CIS, but im just saying, ur proof is no better...

 

When I use AntiVir with PC Tools Firewall, the firewall lets everything out through Avira's proxy. Is there any way to stop that?

 

Might be that Avira is trusted. So PC Tools allows everything from its proxy.

 

PCTools did very well indeed. I also think Kaspersky did very well for a AV company

 

PCTOOLS tested in December, Comodo tested in October ... maybe this is why they got 100%

Outpost FW tested in May ? The version tested (6.5) was replaced by 6.7 in July so the test isn't a comparison of the current version.

 

comodo back to his natural place and it is the FIRST

 

OA also passes all of its tests (except filedrop but this one is not important).

You don't get it how important some of the CLT test methods are.
Look how poor the results are:

LoadAndCallImage, RawDisk and DebugControl are very bad for not being passed.
LoadAndCallImage = Driver installation, bye bye PC Tools FW
RawDisk = Access to any data on the disk. All file protection layers of PC Tools FW are useless because via direct sector access (which PC T FW doesn't intercept) you can bypass them. For example, PC T FW doesn't block any MBR rootkits, disk killers, MBR killers and so on.
DebugControl: Can be used to get ring 0 access, bye bye PC Tools FW.

Also see this:
http://translate.google.com/transla.../antimalware.ru/hips_test_ring0&sl=auto&tl=en

Ring 0 access = death. And PC Tools is very bad at it...

Do you still think this?

 

mine:
http://www.pctools.com/forum/showthread.php?t=59248

 

Only by turning off WebGuard. It's not just a problem for PC Tools Firewall Plus; it's a problem for any third-party firewall running alongside an AV from another vendor where the AV is using a proxy for web filtering. The problem is that the firewall can't see behind the proxy to identify the source application making the connection request; it sees all traffic as having originated from the proxy, so you lose granularity of visibility and control within the firewall.

The only options are: -

1. Use a security suite. Where the firewall and AV are from the same vendor, the firewall will have been developed to have access to the inner workings of the AV, even if it is using a proxy for web filtering.

2. Use an AV that doesn't use a proxy for web filtering (e.g. NOD32 on Vista and Windows 7) or, alternatively, turn off web filtering. You don't lose that much by turning off web filtering anyway and web filters can slow down browsing a little. AntiVir's WebGuard also alters the user experience due to timing issues in the way in which web pages are displayed. For example, it will prevent speed test sites from returning accurate figures unless these are excluded from filtering.

3. Leave web filtering turned on and accept the loss of visibility and control through the firewall. Providing the firewall has a HIPS component (PCTFWP has ESV), you will still get alerted when an unknown, untrusted application tries to connect to the Internet. But after allowing the connection, you won't be able to see the traffic originating from it listed separately in the traffic monitor because everything will appear to be coming from the web proxy.

 

Thanks, pegr.
I did not have a clue. I did not realize that outgoing traffic was not controlled as I thought I remembered alerts regarding outgoing traffic.

Regards,
Jerry

 

Comodo Leak Test merely draws together a number of third party leak tests,apart from a couple they didn't develop them.

http://www.testmypcsecurity.com/securitytests/all_tests.html

 

wiser than I people said: those are outdated...

 

lol leaktests are never a good way to judge the actual performance of the product because all it does is simulate an emulated attack, it cant show u how it performs under a real attack, and leak tests can only show u so much.

its nice to see pc tools do well in this matousec test, but it really doesnt change my opinion on it since i dont really care what these leak tests say.

and good point to the guy saying the dates, why is it that Comodo always seems to get their product tested last, with the newest version possible while other vendors end up getting several month old versions tested?

 

Yep, and that's why Matousec is NOT a firewall test !

Matousec tests periodically, but every vendor can ask for a paid (re-)test any time.

Greetz, Red.

 

well that paid retest point reinforce why i think CIS is all about leaktests... and not much else

 

Same goes with all the top contenders there.

Matousec invited the firewall developers at his "party" and now all of them are "dancing" in matousec's rithm.

Kudos to "Look N Stop" developers that resisted; time to save some money for an LnS license...

Panagiotis

 

Yep, it is all about marketing and what the people beleve. Btw the Tall Emu ( Online Armor ), and as far as I know PC Tools, asked for retests too in the past.

Greetz, Red,

 

Hi Red,
are you Rednose from the comodo fora?(if remember correctly the nick; the avatar sure looks familiar...)

add also agnitum and kaspersky to the list of those that sometime paid for a retest.

Panagiotis