Can we really trust Filseclab Personal Firewall Pro 3 for blocking Trojans?

Discussion in 'other firewalls' started by sweater, Sep 21, 2005.

Thread Status:
Not open for further replies.
  1. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    What really attract me in this latest firewall were its built-in rules for blocking Trojans. And I think every firewall made should have these pre-made rules for blocking Trojans instead of adding some “other things” making them “bulky” and bloated. But, I’m not an expert on this… can someone out there knowledgeable enough to test this firewall if it can really does its job in blocking Trojans? Well, this could be very valuable for those who don’t have real-time Trojan monitor. :)
     
  2. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    A firewall is only going to keep a trojan from connecting out, it won't keep you from getting infected in the first place. Fileseclab also doesn't have any protection against tricks trojans can use to slip through your firewall unnoticed. In short, if you're looking for secondary trojan protection, I wouldn't count solely on a (any) firewall. Some will argue the need for secondary trojan protection at all, however, so it's ultimately up to you and what you want :)
     
  3. rawr

    rawr Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    128
    Location:
    Illinois, U.S.A
    Yep, Notok's right. All Filseclab does with the built-in Troajn rules is that it blocks a number of ports mostly used by Trojans.
     
  4. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Yap... I know, but what I'm referring into was that if this trojan blocking rules in this firewall if they are really effective in blocking these certain trojans from entering our pc. :rolleyes:

    Because... of all the Firewalls I've seen so far...('m not really sure) I think Filseclab provides the most trojan blocking rules compared to others. The question was that... are they really effective? :rolleyes: o_O

    Of course I'm aware that trojan real-time monitor from anti-trojan specialist was much more better... but this an "active protection" and I'm just wondering then if the rules made for the "passive protection" of this firewall can really do its job effectively. :( *puppy*
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Only really old trojans (BackOrifice, NetBus, etc) use fixed ports for communicating, so only those could be affected by firewall rules blocking set ports. Since most trojans enter a system via a legitimate download (hidden within another application) no firewall is going to stop them coming in (unless set to block everything) - what firewalls can do is alert and block any new applications (including activated trojans) from sending data out. This is done not by blocking specific types of traffic, but by having a tight configuration which only allows legitimate applications to send data out (e.g. email clients, browsers, etc).
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Your firewall should be configured so that anything not permitted by rules (inbound or outbound) is implicitly denied. With this type of configuration there is no need for specific trojan rules. Focus on your permit rules and let the firewall deny anything else. This approach also helps keep the rule set smaller and easier to manage.

    Regards,

    CrazyM
     
Loading...
Thread Status:
Not open for further replies.