Is blocking leak test with your firewall important?

Currently it seems that no firewall alone unaided can defeat all the leak tests out there. The best one currently seems to be Outpost Pro, though it misses the DNStester (which can be handled if you are willing to take the trouble of allowing DNS requests for each process indidivually)

Do you think it's important that your firewall can handle these leak tests? Or is it just a matter of bragging rights? Maybe you think you would rather vendors focus on other things like True SPI maybe?

Or do you think it's critical that firewalls block these leak tests? After all they make a joke out of the premise that personal firewalls can handle outbound connections.

Poll follows.

 

don't think i could relly put out a fire??

 

The goal is NOT to download the malware in the first place! I would only worry about leaktests if, in the future, these baddies can sneak past a properly configured FW, auto execute, and sneak OUT without user's intervention.

Vendors use leaktests to sucker-in new buyers...new improved with more bells, whistles, and better detection! Crooks don't target steal PCs! ZA is very popular because it is easy to setup. Unfortunately, this program is becoming BLOATWARE over the last year. You can't go wrong with the latest revision of ZA Pro 4.0 or 4.5. Version 4.0 should run well with W98, WME, W2K, and WXP.

 

Hi,

if you allow me to participate, I voted that it is important but not critical.
I primarely done my site to show that a firewall alone cannot handle everything, and that so additional softwares was needed, such as sandboxes (ProcessGuard, Tiny, etc...).

I think it's important, the more they catch, the better (I think so it's important, but it may sounds as "critical"), but adding additional layers to prevent the malwares to launch or even simply to reach your computer is better.

Just my opinion

regards,

gkweb.

EDIT :

be carefull with IE, this is precisely what can happen with ActiveX and Spyware auto installing and auto executing, before calling home.

 

Agreed, but we're not living perfect world. If you have a sure way to avoid infection by any malware in any circumstances, why don't you also uninstall your AV/AT soft for example? Leaktests are merely a way of testing some aspect of your system vulnerability, no more, no less. Sure, firewall vendors use them as a commercial argument, but the same do all the others : antivirus vendors claiming more "bells and whistles and better detection just to sucker in new buyers", if I paraphrase your argumentation . I don't see anything wrong with it myself.


Isnogood

 

I only scan incoming mails for infection. NO FULL TIME AV protection. And I supplement the AV with a properly configured FW. Not one bug over the last 3+ years.

I agree with GKWEB that too low of a security in IE can present a problem. However, the user has the ability to fix this problem WITHOUT the aid of the latest whiz bang FW. I challenge all the security experts to set up a website that could infect my "low tech" system just by "visiting" the site. All the tests that I have seen require the user to download THIS and click on THAT to prove their points. In the real world, the most effective solution turned out to be elegantly simple in execution.

Instead of spending $ on filtering proggies, you need to learn how to surf safely. You don't let strangers into your house, but you will click on any link presented by a non-mainstream website. Having anti-lock brakes will not protect an intoxicated driver from auto collision. Licensed drivers KNOW how to drive safely. The question is how many practice defensive driving behind the wheel? If you must rely on ABS to save your butts, then you are flying too close to the sun.

There are no 100% solution. However, with common sense and a properly configured OS, browser, AV, and FW, one can achieve a very high margin of PC security. Call me an informed consumer.