Matousec Firewall Challenge = new Test

Discussion in 'other firewalls' started by GES/POR, Mar 18, 2008.

Thread Status:
Not open for further replies.
  1. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
  2. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Yes and one here very often discussed Suite did not well at all.
     
  3. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Hmmm

    I sense another try with CFP coming on.

    Online Armor is right there in the mix too.
     
  4. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    I do apreciate his tests but some thinghs are bugging me.

    1 The av's are disabled in suits but the hips in firewalls aren't?
    2 Outpost and PS paid versions were tested against OA's free version?

    I fink PS and Outpost have free version as well.
     
  5. Dieselman

    Dieselman Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    795
    Comodo out on top with the lead......................:D
     
  6. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    I bet Matousec runs his tests from an administrator account.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Well Prosecurity came in third and it isn't even a firewall. So here we have a ....... that doesn't leak out, but lets everything in. What's wrong with this picture.
     
  8. SecOmnius

    SecOmnius Registered Member

    Joined:
    Mar 2, 2008
    Posts:
    70
    Location:
    In the Light of PARTHENON
    I guess, it would be better for Matousec to test products seperately:

    a) Free Firewalls without HIPS.
    b) Free Frewalls with HIPS.
    --------------------------------
    c) Paid Firewalls with HIPS.
    d) Paid Firewalls without HIPS.
    --------------------------------
    e) Classic HIPS.
    --------------------------------
    Just to keep the...Fair-Play... :D
     
    Last edited: Mar 19, 2008
  9. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    But the problem with categorizing is firewalls with new technology will not be looked at as firewalls just because of their more advanced security. A firewall is a firewall no matter what additions there is.
     
  10. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, that's right. Some firewalls don't have HIPS so it's not fair to test them against tests involving this aspect. Anyway, this is the trend today to introduce hips in every firewall or security suite.
     
  11. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Glad to see new tests and results as they are always interesting.
    Kinda wondering though, why are there only 8 tested this time?
    Last time there were 42.
    What's up with that?
     
  12. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    It's all in the introduction page.
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    That'll teach me to skip pages to get right to the result's. :eek:
    Thanks GES/POR. :thumb:
     
  14. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Hi,

    ESS doesn't have HIPS of course.
    ESS failed both Termination tests (Kill1, Kill2) at Level 1.
    "Kill1 tests whether your firewall protects its processes against termination. If your firewall fails this test, it probably means that it does not implement self-defense mechanisms at all."
    "Kill2 tests whether your firewall protects threads of its processes against termination."
    http://www.matousec.com/projects/firewall-challenge/level.php?num=1

    Does having no HIPS mean, don't protect your Firewall or your Firewall threads against termination?

    Cheers
     
  15. Gez

    Gez Registered Member

    Joined:
    Jan 15, 2006
    Posts:
    65
    Location:
    Ireland
    I have been trying out LooknStop over the past few days and it really is a most excellent, lightweight, pure firewall. I don't care for a so-called firewall which is more HIPS than firewall - I have EQSecure running flawlessly on my system with LnS for that.
    Matousec in my opinion is muddying the waters with these tests because he's making it look as though excellent firewalls like LooknStop, Jetico, Kerio 2.1.5, InJoy and 8signs/Visnetics are poor firewalls. They are not. They are excellent, lightweight firewalls which do one thing and one thing well.
    If you want HIPS then by all means combine one of these superb firewalls with ProSecurity or EQSecure, but in my opinion "firewalls" which try to be all things to all men run the risk of ending up doing nothing well.
    Let a firewall do one thing well, and that one thing is to firewall. I don't expect my antivirus to be a firewall; why should I expect my firewall to be a HIPS?
    No doubt there are excellent firewalls like OnlineArmor and Outpost Pro which in my opinion do a great job, but please don't make the mistake of thinking that a firewall like LooknStop isn't an excellent firewall just because it does poorly in Matousec's tests. LooknStop in my opinion does what it is supposed to do extremely well, and indeed better than most other firewalls I've tested, and in my own amateurish way I've tested many.
     
  16. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Just regarding Matousec's new Security Software Testing Suite (SSTS) -

    It includes 4 "SSS" leaktests which are based on the idea of System Shutdown Simulator leaktest.

    Previously I have supplied Matousec with source code of original System Shutdown Simulator leaktest.

    Matousec have completely rewrote the test in C and it is completely new / different leaktest with different payloads etc.

    ZeroDay Software will only support / distribute the original System Shutdown Simulator. Any queries / issues with Matousec's all-new SSS tests need to be directed to Matousec.
     
  17. 3xist

    3xist Guest

    Comodo Firewall 3 Back to #1...


    Nice!!! :D
     
  18. despuesvengo

    despuesvengo Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    19
    I think Comodo latest version must have reached a 10 in this Matousec's pc, because in mine....it just did the opposite.
    Anyway, for me it is very funny to see how people "believe" this matousec...word of a god?

    cheers
     
  19. a256886572008

    a256886572008 Registered Member

    Joined:
    Oct 26, 2007
    Posts:
    103
    How to pass the folowing tests?

    Schedtest series, NewClass
     
  20. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Reading skills are on a free downfall, I'm afraid :(
     
  21. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    schedtest - to pass it you need to control Task Manager tasks creation
    newclass - to pass it you need to control new registry OLE entries creation
     
  22. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    I never had any doubt. Comodo rulezzz :D :D :D :D :D :D :D :D :D

    OA is losing ground.... Outpost loses more and more ground (best times are over, regression period)
    Eset looks like a drama, reminds me on my tests with AVG firewall..loool
     
  23. a256886572008

    a256886572008 Registered Member

    Joined:
    Oct 26, 2007
    Posts:
    103
    How to pass the folowing test?

    Runner2
     
  24. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Runner2 substitues default web browser with fake executable. So, you need either:

    1.) to control executable creation
    or
    2.) to control the hash of the process
     
  25. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Oh , dear ... The greatest mistakes people were doing while concluding too fast ...

    PS. :)
     
Loading...
Thread Status:
Not open for further replies.