AV-Comparatives Firewall Test 03/2014

Discussion in 'other firewalls' started by FleischmannTV, Mar 30, 2014.

Thread Status:
Not open for further replies.
  1. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,739
    Fax, good point. But the default policy when first installed is RulesWizarrd which means it asks questions.
    Perhaps for first reboot one does learning, but that's all.
     
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Well, if Auto-learn is not the default at install then indeed the Av-comparitives test is flawed for Outpost... :thumbd:
     
  3. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,047
    Maybe comodo firewall was not tested for the very same reasons comodo will not have their av tested...incorrect testing methodology.
     
  4. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    598
    Location:
    Wallachia
    It s not surprise for me the Outpost results ,having in mind the amount of ports in the excepted ports list.The firewall is a mess. :)

    I wonder what would be the outcome if the firewall would be tested while switched to Enterteinment Mode ,applied to the situation when multimedia applications require full screen.

    The Outpost users know very well that the default firewall policy for Enterteinment Mode is Allow Most ,everything not denied is allowed.
    Also due to a bug even if you set the default policy to something else like Block Most the application for which the Enterteinment Policy is allowed will switch the firewall in the same Allow Most.
    If in the normal mode you are wide open what would happen while you are watching a movie or playing a game :) ?!

    I wonder if any of the guys at Agnitum are using this firewall in their own PC-s :)
    I am no hater (loved this firewall in the past) ,but had to tell this for the users to know that the results are bad because there are issues not due to the fact the test is biased or something.
    This firewall has flaws.

    Zone Alarm might be having problems due to the default rules ,i find some of them being to open by default.Stability of this software is another thing.

    Kudos to Kaspersky and the build in firewall.

    I think we need firewalls and not watergates . :)
     
  5. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Hmmm...now most of "great" FWs suck and Win FW is the best?
    Who is wrong? AVC or users?
     
  6. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,599
    I'm still waiting for Fabian Wosar's answer concerning OA
    Off Topic did you see his avatar photo at Emsisoft's forums?
     
  7. guest

    guest Guest

    Yeah, so?
     
  8. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,599
    he looks creepy
     
  9. guest

    guest Guest

    Lol.

    I thought it was because of the past issue between AV Comparative and Comodo's CEO? Y'know, that email stuff.
     
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,159
    Location:
    UK / Pakistan
    It doesn,t matter if the test methodology was too limited. All that matters is that they tested the very basic function of a FW that no firewall is supposed to fail and many big names failed miserable here. It"s time for these vendors to wake up and work more rather than making big claims.
     
  11. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    To give a quick update: I tried to replicate their results but was unable to. Online Armor behaved the way I expected it to which is:
    1. Block access to all file sharing ports unless it the access originates from a trusted network/computer.
    2. Block ping requests unless the requests originates from a trusted network/computer.
    3. Allow access to the RDP port, no matter which network, as the RDP port is not a restricted port by default.
    I contacted AVC. Unfortunately they no longer had the original test systems, but they kindly agreed to replicate the test and collect some additional logs for us. The problem we are facing at the moment is that at least according to the logs Online Armor performed exactly as it should be, blocking all the access attempts from the untrusted network:

    Code:
    [02/04/14 10:17:34]  2068/814  UDP <- 192.168.20.100:137, 192.168.20.133:137, System(4/0)
    [02/04/14 10:17:34]  2068/814  Blocked by restricted port list
    
    [02/04/14 10:17:37]  2068/814  TCP <- 192.168.20.100:139, 192.168.20.133:49822, System(4/0)
    [02/04/14 10:17:37]  2068/814  Blocked by restricted port list
    However, even though the network connection attempts were blocked according to the logs, AVC was still able to create/edit files remotely. At this point it is clear that somehow Online Armor messes up on their test system, but we don't know why yet. AVC offered remote access to their test setup and we will surely take advantage of that offer, but it will take a bit longer until we know exactly what is causing it.

    Thanks, that is exactly the look I was going for :p. To make sure I haunt you in your dreams, I set my Wilders avatar to the very same avatar I use in our forums. You are welcome.
     
  12. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Thanks, Fabian!
    I put a link to your post on Comodo's forum.
    Maybe they will answer to their users' questions about bad results.....
     
  13. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,599
    hehe
    the dubiousness of software developers :D

    thanks for your answer about the AV-C issue
     
  14. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Haha. He looks like a German man :cool:
     
  15. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Fabian looks like a guy I could drink few beers with....
    :)
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,605
    Location:
    USA
    Well, we will have to wait, and see exactly what went wrong with the test.
     
  17. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    I agree. I sometimes wonder why all the scepticism that security vendors receive on Wilders is never applied to AV-Comparatives. Some people here listen to them as they would listen to God himself.
     
  18. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    a couple of years ago i ditched all those 3rd parties firewalls and let Windows7/8 handle the task.
    the Windows firewall does its job silently and without my input.

    i think Win XP used a version of Tiny firewall, if i recall.
     
  19. :isay: agree
     
  20. john martin

    john martin Registered Member

    Joined:
    Apr 14, 2014
    Posts:
    28
    I could be mis-understanding something here, but it seems to me like Comodo Firewall would ask the end-user to trust or not trust the network (very first time connecting to that network).

    Seems to get these results, they would have to have choose to trust the local network.

    Something I'm missing?
     
  21. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,605
    Location:
    USA
    Since this was a Firewall Test they should have tested Look "n" Stop, SpyShelter FW, and Jetico FW.
     
  22. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Well, it's a commissioned test and what's to be tested in these kind of tests is chosen by the client (here: the German computer magazine Chip)
     
  23. Technic

    Technic Registered Member

    Joined:
    Aug 31, 2005
    Posts:
    430
    Uh oh. Software firewalls are bad for your health. I am using Online Armor paid version. Should I uninstall it and continue with W8 firewall. Any relevant info is appreciated.

    Thanks,

    Tech
     
  24. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    If you are running a real computer and not an AV-Comparatives virtual machine everything is fine with Online Armor.
     
  25. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    "If the product displays its own prompt for the network type, we set this to the equivalent, e.g.
    “Public” or “Untrusted”. However, we do not make any other changes to the product’s configuration."

    Read the rest on there too instead of going directly to the results.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.