Has anyone tried kavs anti hacker

Discussion in 'other firewalls' started by Morgan Mundane, Nov 23, 2004.

Thread Status:
Not open for further replies.
  1. Morgan Mundane

    Morgan Mundane Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    3
    If youve tried it ....please your likes and dislikes about it

    and of course its effectiveness

    thank you
     
  2. gazoo

    gazoo Registered Member

    Joined:
    Nov 21, 2004
    Posts:
    18
    Who is Kav?
     
  3. Morgan Mundane

    Morgan Mundane Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    3
    Im sorry ......its Kaspersky's Anti Hacker Firewall
     
  4. Bdiamond

    Bdiamond Registered Member

    Joined:
    Apr 26, 2002
    Posts:
    74
    Location:
    N Carolina, USA
    I have used Kaspersky Anti-Hacker for almost 6 months on a WinXP Home, SP2 OS with all updates. In addition, KAV 5.0, PG 3.05, Ewido 3.0, Giant 1.0.285 and BO Clean 4.11 are installed and running their resident programs.

    The system shows "Stealth" when all ports are scanned using eitherthe PC Flank or GRC port scanners. It was very easy to install and setup and has not caused any problems with allowing automatic updates for these security programs. Additionally, it has caused no noticeable changes in system performance.

    I have a perhaps stupid question? If a system shows all ports to be stealthed, then is there any way firewall-related security can be improved beyond this point? In other words, would the use of any other firewall with different features or characteristics provide me with better priotection? If so what measures would I need to make to verify the improved protection?

    The biggest weakness in KAH probably lies in the performance against various "leak-tests" which is fairly unimpressive (in my hands). This needs to be improved, but it is unclear to me how other firewalls rate in this respect and, additionally, how important it is.

    Overall, given the ease of setup and use and the performance listed above, I have been very pleased. Should I be looking at other features or ways of looking at its performance.

    Any suggestions or comments will be much appreciated. As you can, no doubt, tell, I am in no way a computer expert.
     
  5. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    I have not ever used KAV's AntiHacker, so I cannot comment on it. You should take a look at www.firewalleaktester.com for information on how firewalls perform against leaks and how serious leaks are. If you read most of the information that is there you will understand a lot of aspects on firewalls and security. Some things to look into are what type of packet inspection KAV has, how configurable are the rules and what types of attacks does/can it stop (Land, WinNuke, ect.) I'm sure there are more, but these seem to be the basics.
     
  6. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    In KAH you cannot tweak much. A few pre configured settings and that's it. It is the best program for people who like the XP2 firewall, because KAH does more in a somewhat similair way. But it's not up in the league of the really good ones.
     
  7. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    Any firewall including the "chocolate fireguard" XP inbuilt firewall will give a stealth result at grc or pcflank

    and they all seem to stop unwanted incoming requests but very few of these firewalls that don't have good configuration capabilities are able to stop the outbound unwanted requests from pests on your system espercially those that use the techniques in the leaktest demos and several of the latest trojans/worms do use those techniques and it's no good saying that the firewall will stop them being downlaoded in the first place as NO firewall will stop what you intentionally download
     
  8. Bdiamond

    Bdiamond Registered Member

    Joined:
    Apr 26, 2002
    Posts:
    74
    Location:
    N Carolina, USA
    Thank you for the advice and explanations. If I understand correctly, the inbound protection is pretty much a non-issue given that almost all firewalls are able to achieve the "stealth" goal? Does it follow that the inbound protection for most firewalls achieving stealth is generally equivalent?

    I appreciate the explanations regarding outbound protection. The question I am really begging here is whether a firewall is the best tool for providing outbound protection given the efficacy of PG demonstrated against the leaktest "tools" as shown at the leaktest site?

    Since PG protection runs virtually "trouble free" on my system is there any reason to be worried about the ability of a firewall to provide outbound protection in this setting? It appears that PG is probably at least as effective as many (most?) firewalls in providing outbound protection? In this context, would a combination of the SP2 firewall and PG provide protection equivalent to virtually any firewall providing "stealth" conditions? (I am assuming here that the SP2 firewall gives stealth results but am not totally sure about this)

    I apologize if all this appears to be niave, but I am just trying to understand the relationship between the tests used to evaluate a firewall and the results it actually provides.

    Anyway, thanks again for your time and explanations.
     
  9. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Don't forget that the 'leak tests' are usually done on set-ups that have been optimised. That doesn't mean that the 'average' user can hope to achieve this level of security - he simply won't know how to configure his software for best results.

    Those who lack the expertise are better off with a FW which does the basics and is easy to use. If you get your settings wrong with a potentially more advanced FW you will be in a less secure position than if you relied on a more elementary model.

    But experts do love to do their fine tuning!
     
  10. myluvnttl

    myluvnttl Registered Member

    Joined:
    Aug 23, 2004
    Posts:
    150
    I have used this before, it is hard to tweak the program the way you want it, so I switch to OutPost.
     
  11. Morgan Mundane

    Morgan Mundane Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    3
    Thanks both dvk01 and topper

    You've both made some very good points....I really asked about kasperskys

    fire wall because of it noted fame as an anti virus....and was wondering how

    good their firewall was....as I dont see it mentioned often


    Thanks again

    Morgan
     
  12. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    KAV are very good as an antivirus

    they are new at the firewall business and I'm not 100% convinced that the firewall is as good as some others yet.

    No doubt with KAV's reputation for good products it will improve but I personally wouldn't rely on it without more info from people who have used it or tested it to destruction
     
  13. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Process Guard does not provide any control over network traffic and therefore should not be relied upon to provide any sort of traffic filtering. What it does do is counter process manipulation used by some (but not all) leaktests - DNSTester is one example that would not be affected by PG. Also, some malware (notably adware) do not use any techniques to hide their traffic.

    A firewall that provides outbound filtering and allows restrictions to be set on IP addresses and ports used can also be used to restrict partially trusted applications (i.e. when you wish to block certain features like "phoning home" or stop your email client from downloading web-bugs in spam emails) or to tighten up the security with other applications (e.g. enforcing the use of an anonymising proxy by restricting your web browser to its address only or preventing web filter proxies from being accessed by outside addresses). The Firewall with these features?? thread is worth checking out since this issue is debated quite extensively there.

    Another worthwhile thread is the KASPERSKY ANTIHACKER thread at the UseIce Kaspersky forum which discusses its pros and cons.
     
Thread Status:
Not open for further replies.