Anyone heard of FortGuard?

Discussion in 'other anti-malware software' started by dmenace, Feb 15, 2009.

Thread Status:
Not open for further replies.
  1. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    I am always looking for the most efficient security setup for my server.

    This is how I discovered FortGuard - a firewall that claims to protect you against DDOS. It claims to have a Network IPS.

    Has anyone tried this / could test? (Stem / Phant0m?)

    There is a free version. Seems like a chinese security firm like Rising.

    Very interesting... :thumb:

    Link: http://www.fortguard.com/

    Edit: Link
     
  2. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Just thinking about alternatives...

    They would be Sax2 (I have a giveawayoftheday version)

    There's 8signs Firewall,

    and Injoy Firewall... (my favourite firewall)

    How would they compare...?
     
  3. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Ok just realised it's a 2hr trial... that sucks... and it costs money

    No more FortGuard....

    back to FortKnox Firewall :D Its Sygate with the latest signatures :thumb:
     
  4. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    LMAO A 2HR TRIAL, WTF lol :eek: :eek: :eek: thats not much of a trial...
     
  5. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    Sure it is.it tests your patience^^might try it on a vm later
     
  6. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Looks and sounds gimmicky. I see they have a PC Magazine Editor's Choice along with a bunch of other worthless "5 Star" awards from download sites, but I could find no mention on the PC magazine site.
     
  7. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    You get the feeling that this is one of those companies that deliberately attacks websites with DDOS so you have to buy their software. Like antivirus companies creating viruses. :ninja: :doubt:
     
  8. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi,

    I doubt that you'll find someone to satisfy your wish: why would a Wilders member test anti DDOS abilities of this firewall?
    Does ZeroDay-Software pay for that?
    I have personally no need to test this soft for given an opinion: if such product was really efficient against DDOS why top 500 Forbes firms, Casinos online and some Eastern Europe governments administrations have not integrate it in their infrastructures?
    As a guy involved in vulnerability assessment, i guess that "In software we trust" is not your religion, and i hope that you have a sceptic mind to limit the impact of such bling bling marketing (this firewall also claims SQL injection protection...wunderbar/great/fantastico/merveilleux...what Kaspersky Lab's waiting for deploying it to protect their clients database?...)

    Injoy is with no doubt an excellent firewall, but even with the level 10 (+ traffic shaping enabled etc), it won't stop any effective DDOS.
    In fact detection of classical floods (ICMP for instance) is not diificult, and some firewall, H/IDS already include an emergency mode when the number of request/min raises from a few to thousands or more.
    But more difficult is the case of HTTP floods: when an attacks comes from various IP sources, and when the presence on the web is "business critical", the sysadmin. should already have the right solution.
    And i don't talk about the recent (200:cool: DOS attack on hardware surfaces (phlashing/PDOS or permanent denial of service):
    http://www.darkreading.com/security/management/showArticle.jhtml?articleID=211201088

    With such marketing, no doubt that Fortguard can counter these attacks!

    If you're looking for a less expensive firewall, i can suggest Rusroute, free for personal use (tested only 20 minutes so i can't ensure that the free code works): http://www.rusroute.com/
    Unlike Injoy with its level rules, this is a firewall for "Ivan (as Joe is not :) ) the plumber" (manual cofig.).

    But before wondering if this anti-DDOS firewall product is effective or not, the main question is: do i need it?
    I think and it is just a personal opinion that your site has not significant risk of being a target for DDOS attacks.
    But your server can be compromised by a bot or spambot (rootkit) and be used as an attack vector platform/resource (but malwares intrusions are more easier to prevent than some network attacks).

    Regarding the test of this anti-DDOS firewall, the main technical problem is to reproduce the same conditions of real life DDOS done via botnets.
    In a private LAN of 10 or 15 pc, it is possible to get significant resources, but all attacks will have the same network origin.
    More over, there is legal issues of such testing: your IP is assigned by your ISP, and does not belong to you.
    And from testing to jail, there is only absence of jurisdictional cautions...
    For information there is services and products specialized in such tests:
    http://www.networktest.com/
    http://www.mudynamics.com/solutions/overview/security.html
    http://advanced.comms.agilent.com/networktester/
    http://www.networktest.com/

    More than a software that only provides (generally) the right (license) to use it for one year, an hardware solution would be a more interesting investissment (for 500 or 1000 euros, it is possible to get a complete solution which integrates HIDS).
    An alternative solution is to use hosting servers wich offer DDOS protection, but it is expensive (in these crisis times 500 E/month is a luxe for an hypothtical attack).
    For a home/soho server, an hardened host, a well configured firewall (especially ICMP rules) and a judicious network architecture would be enough.
    i've published an article about TCP/IP stack hardening in the past, and for thoses interested, a free soft like HardenIt might help for some Windows versions:
    http://www.yasc.net/hardenit.shtml
    For information purpose only ( i really doubt of its efficiency: black list detection of "old" bot agent) there is WAZ:
    http://www.secniche.org/projects/waz/

    A good strategy is to switch for a non Windows server (Linux or Solaris): the Open Source Community already has a "relative" good protection with DDos Deflate:
    http://deflate.medialayer.com/

    Ps: i doubt that this campany uses the same strategy as some av campanies in the past.
    But the russian undergound IT community provides all kinds of services, from Virus Total clones without sample submission to DDOS services (and anti-DDOS firewall test if you want: it's a kind of Gorbuchka market place: everithing you want and every day low prices! Da da da...
     
  9. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Wow! Quite an interesting read. :thumb:

    Yes ZeroDay Software investigates POC malwares and similar. At one stage, we were developing "NukeBox", a sandbox leaktest, however this project has been delayed indefinetely due to lack of funding for independent security research companies.
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    This kareldjag knows how to hit paydirt doesn't he?

    Nice summary YET AGAIN and very in-depth, but then you surely aren't in any debit to need anothr horn to blow that trumpet of truth after you've examined so many different claims & programs as well as pitted them up against their adversaries while all the time making notes & concluding those end results. Good One Indeed!

    EASTER
     
Thread Status:
Not open for further replies.