Is Kerio 2.1.5 OK?

kareldjag, a bit of your meaning is lost in translation, so to say. However, I don't hear much about inbound testing. The noise is all about exotic malware that can bypass application control. None the less, sandboxing does provide additional protection for those that are willing to put up with it. Its cutting edge stuff for those with a real interest in computer security, but definitely not ready for prime time yet.

To the best of my knowledge, application control is not widely used in the corporate desktop world. It is just too much trouble to implement over a large number of computers. Also, the corporate networks are set up to block P2P activity and unauthorized servers.

One can spend quite bit of time tinkering with tightening up firewall rules, and it is quite easy for a non technical person to mess up and give premission to some malware. That is why if your AV does not know an application trying to make an outbound connection is malware, most users will not know either.

The mainstream approach to these problems is to use something like Freeze. It allows minor user changes, but the machine reverts to a predefined state each time it is rebooted. It is mainly used for kiosk browsing.

Most spyware is intentionally installed by users in search of free P2P and screensaver applications. Thats why user awareness is the most important layer of your defense.

So, does anyone have any good links on inbound firewall testing?

 

Hi,

Each post reply is an english lesson for me...

Others links:

***http://www.spywarewarrior.com/uiuc/info17.htm (networking test)

***http://www.secuobs.com/news/03022004exoscan.html

***http://www.dslreports.com/scan

***http://www.auditmypc.com/

***http://www.testmyfirewall.com

***http://www.pc-facile.com/security/scanner.php

***http://192.41.65.171/portscan.adp

***http://check.sdv.fr/

Regards

 

Thanks for the links guys. However, I was looking for something where a bunch of firewalls were tested side by side, using hacker techniques. Sort of like gkweb's site, but for inbound instead of leaks.

Seems like firewallguide links to a Mary Landsman review of Zone Alarm which puts it in a class analogous to Norton Antivirus: A number one seller that just might not be so great anymore.

kareldjag: keep trying, your English will improve with use. Is French your native language?

 

Come to think of it two of the more popular firewall tests are not listed above:

http://www.grc.com

http://scan.sygatetech.com

Just for fun I put my machine in a DMZ so my router would not have any effect and ran all of these tests using Jetico. It passed each time, except on one which happened to reveal a gap in one of my application rules. Once the rule was changed it passed that one as well.

 

Hi,

It seems that GRC and Sygate online scan are linked on my first link (netfiles)...

Like this little bit dangerous one:

http://www.jtan.com/resources/winnuke.html

But the best way to test stiffly your network protection is to do it with an advanced Admins.
Some DOS attacks could crash the machine and show how vulnerable could be a firewall.

English (or spanish) is in fact not my native language.

Have fun.

Regards

 

K- I did not say anything about Spanish. Actually, you make it easy, it says your location is Paris.