Matousec Firewall Challenge = new Test

http://www.matousec.com/projects/firewall-challenge/results.php

Congrats to all that did well.

 

Yes and one here very often discussed Suite did not well at all.

 

Hmmm

I sense another try with CFP coming on.

Online Armor is right there in the mix too.

 

I do apreciate his tests but some thinghs are bugging me.

1 The av's are disabled in suits but the hips in firewalls aren't?
2 Outpost and PS paid versions were tested against OA's free version?

I fink PS and Outpost have free version as well.

 

Comodo out on top with the lead......................

 

I bet Matousec runs his tests from an administrator account.

 

I guess, it would be better for Matousec to test products seperately:

a) Free Firewalls without HIPS.
b) Free Frewalls with HIPS.
--------------------------------
c) Paid Firewalls with HIPS.
d) Paid Firewalls without HIPS.
--------------------------------
e) Classic HIPS.
--------------------------------
Just to keep the...Fair-Play...

 

But the problem with categorizing is firewalls with new technology will not be looked at as firewalls just because of their more advanced security. A firewall is a firewall no matter what additions there is.

 

Well, that's right. Some firewalls don't have HIPS so it's not fair to test them against tests involving this aspect. Anyway, this is the trend today to introduce hips in every firewall or security suite.

 

Glad to see new tests and results as they are always interesting.
Kinda wondering though, why are there only 8 tested this time?
Last time there were 42.
What's up with that?

 

It's all in the introduction page.

 

That'll teach me to skip pages to get right to the result's.
Thanks GES/POR.

 

Hi,

ESS doesn't have HIPS of course.
ESS failed both Termination tests (Kill1, Kill2) at Level 1.
"Kill1 tests whether your firewall protects its processes against termination. If your firewall fails this test, it probably means that it does not implement self-defense mechanisms at all."
"Kill2 tests whether your firewall protects threads of its processes against termination."
http://www.matousec.com/projects/firewall-challenge/level.php?num=1

Does having no HIPS mean, don't protect your Firewall or your Firewall threads against termination?

Cheers

 

I have been trying out LooknStop over the past few days and it really is a most excellent, lightweight, pure firewall. I don't care for a so-called firewall which is more HIPS than firewall - I have EQSecure running flawlessly on my system with LnS for that.
Matousec in my opinion is muddying the waters with these tests because he's making it look as though excellent firewalls like LooknStop, Jetico, Kerio 2.1.5, InJoy and 8signs/Visnetics are poor firewalls. They are not. They are excellent, lightweight firewalls which do one thing and one thing well.
If you want HIPS then by all means combine one of these superb firewalls with ProSecurity or EQSecure, but in my opinion "firewalls" which try to be all things to all men run the risk of ending up doing nothing well.
Let a firewall do one thing well, and that one thing is to firewall. I don't expect my antivirus to be a firewall; why should I expect my firewall to be a HIPS?
No doubt there are excellent firewalls like OnlineArmor and Outpost Pro which in my opinion do a great job, but please don't make the mistake of thinking that a firewall like LooknStop isn't an excellent firewall just because it does poorly in Matousec's tests. LooknStop in my opinion does what it is supposed to do extremely well, and indeed better than most other firewalls I've tested, and in my own amateurish way I've tested many.

 

Just regarding Matousec's new Security Software Testing Suite (SSTS) -

It includes 4 "SSS" leaktests which are based on the idea of System Shutdown Simulator leaktest.

Previously I have supplied Matousec with source code of original System Shutdown Simulator leaktest.

Matousec have completely rewrote the test in C and it is completely new / different leaktest with different payloads etc.

ZeroDay Software will only support / distribute the original System Shutdown Simulator. Any queries / issues with Matousec's all-new SSS tests need to be directed to Matousec.

 

Comodo Firewall 3 Back to #1...


Nice!!!

 

I think Comodo latest version must have reached a 10 in this Matousec's pc, because in mine....it just did the opposite.
Anyway, for me it is very funny to see how people "believe" this matousec...word of a god?

cheers

 

How to pass the folowing tests?

Schedtest series, NewClass

 

Reading skills are on a free downfall, I'm afraid

 

schedtest - to pass it you need to control Task Manager tasks creation
newclass - to pass it you need to control new registry OLE entries creation

 

I never had any doubt. Comodo rulezzz

OA is losing ground.... Outpost loses more and more ground (best times are over, regression period)
Eset looks like a drama, reminds me on my tests with AVG firewall..loool

 

How to pass the folowing test?

Runner2

 

Runner2 substitues default web browser with fake executable. So, you need either:

1.) to control executable creation
or
2.) to control the hash of the process

 

Oh , dear ... The greatest mistakes people were doing while concluding too fast ...

PS.