Discussion in 'other firewalls' started by firewalltester, Jan 6, 2006.
Any comments welcome.
maybe I did not look good enough but I could only see test results and I could not perform a test myself.
Using Tinys firewall for years I never ever had my ports "NOT Stealth" ... so I would very much like to know where they got their results from....
As long as I cannot test it myself along their procedures... then this site is not important to me.
What are you talking about?
The site does not talk about 'stealth' whatever it means. There is a 'port stealing' test, maybe you misread?
Look below where they tell you how they test with nmap.
Are tests for Look 'n' Stop and Kaspersky Anti-Hacker on the to-do list?
Kerio, Outpost Pro and Tiny having the best results .. I didn't expected anything else
nice testing done by them
If they combine Sygate, Outpost and Kerio into ONE firewall, you have the very best firewall, except for Port Stealing and IDS.
As usual MS Firewall needs to be replaced by a 3rd party firewall.
No it DOESN'T if you are content with INBOUND only
I am really happy our code mutated itself and learned how to deal with your "taffic blocking" test:
"Traffic Blocking Test
Can "Firewall" detect and deny new applications network access?
Fails if "Firewall" is unable to block application from accessing the network."
As for :
"Self Protection Test
Can "Firewall" protect itself from being shutdown?
Is this with root rights?
In any case - nice effort, but I'd appreciate if you describe the sec tool config used for your testing. e.g. if you were to "test" IPTables, the results would greatly depend on your configuration.
Furthermore - what is the point of testing a car for flying abilities? (e.g. testing a pf for IDS, application control, etc)
Stefan (from the CHX-I team)
From looking at it, I'd say ZoneAlarm almost came out the winner for those things it was tested on. I'm not surprised kerio did so well, either.
This about convinces me that when my trial of the new McAfee runs out, I might just go with Kerio. Actually, I'd be tempted to try Tiny, until I remember when I tried it a year and how totally lost I was trying to set it up.
Maybe I have not read the test throughly, my question is: what is the testing condition, is it on firewalls right out of box or configured firewalls?. It seems that it is on firewalls right out of box, because I am sure that Tiny can definitely pass the self-protection test if it is configured properly. If the testing is indeed on firewalls right out of box, I do not think the testing results are really that significant. For advanced firewalls, the users are expected to configure the firewall properly to take the full advantage of the firewall.
ZoneAlarm Pro seems to do much better than ZoneAlarm Free according these tests.
Maybe I have to buy ZoneAlarm Pro after all.
Tiny requires too much knowledge. Tiny would play with me in stead of me playing with Tiny.
If all these tests are true, than each Firewall Company has still alot of work to do, because they all failed in something.
I stick to ZoneAlarm, because I don't see any good reason to try another one.
By the time I finished trying to configure Tiny last year, I'd completely locked myself out of my own computer and had to reformat. That cured me of using Tiny.
My guess is that these are tests of firewalls out of the box, which is probably good since that's how most people will use them. The average user doesn't want to bother configuring a firewall. They want it all done for them. I'm sure ZA could make a better showing if configured, as can most of the others except maybe Windows firewall.
I'm using the new McAfee right now and really like it, but am also a huge fan of the latest sunbelt kerio and might go to it when McAfee's trial runs out. I've never been a big fan of ZoneAlarm but do think the newest version is one of the best firewalls out there right now. Tests like this one are proving it. I'd like to see how they all show up if configured just a little bit.
Thank firewalltester for starting this post
I have digested all the comments here and have to say its great feedback.
I'd like to point out I am the real owner of the www.firewall-test.net site.
I will address any suggestions/feedback as soon as I am able.
If any part of the site is unclear please tell me
Oh and I don't test out of the box, firewall is reconfigured first, and I have retested them several times too.
TODO LIST: Look 'n' Stop, Kaspersky, eEYE Blink
A few suggestions:
1. maybe you could rate each test in terms of importance to a secure box to make the site more newb friendly.
2. Maybe you could give a brief summary of what each firewall is supposed to do (like CHX is only supposed to be inbound protection...so it's pretty clear that if you use CHX you don't expect leaktest protection from it).
3. It would be interesting if you tested products like Process Guard and Antihook too.
4. Just a question, are you going to be doing kaspersky 2006 beta or the current kaspersky firewall?
5. Could you do core force security? http://force.coresecurity.com/
Another potentially useful test site in the making.
One of your headers says Port Stealing, i think you mean Port Stealthing !
My ZA Free v 5 achieves 100% Stealth at grc.com, so i don't understand why version 6 doesn't ? It also passes the vast majority of leak tests too. It's possible that other factors come into play though here, such as how i have secured my PC. Maybe it would be nice to test ZA Free.
Looking forward to more good testing.
ppl read the portion of his port stealthing test on his site. It's not the same stealthing that Shields up and the like are talking about.
We have to think also other things that what these tests are telling us.
Many people like myself don't have a router, so a stable software firewall is important.
Comes only after more thorough experience with a product and then better stick to one that has proved trusty.
Many people here get overly conscience about security and after a few security product tries have to reinstall windows etc, instead they had been better with just almost default setting and no paranoia
Nope I mean Port Stealing. Its a new method as far as I can tell and its currently hard to block. Anyone can rent a linux server in say level3.net and capture usernames and passwords with ease.
I have been using zonealram Pro. It seems pretty secure to me.
I can make it fully stealthed by raising the internet security to high but then firefox start messing up when I'm opening multiple homepages at once. That is prolly one of the only problems that I have with it. I want to be fully stealth and fully functional.
Can you explain this better ? And What passwords of mine will they be getting by this method and How can I stop it ?
Does level3.net mean something different then a regular website ?
Apparently you can't. Read the web page:
I fail to see the heavy load test and CHX failing that, day in day out, run CHX on a T3 connection at univ, also with my 4mbps connection at home, nowhere does it fail or bog down, infact, for P2P,no other firewall comes close to a heavily loaded P2P app running multiple connection an giving the best throughput of all the other firewalls I have tested.
I hope all those firewalls tested are already freely available and/or need registering online, because you hosted all the executables on your site, even the "pro" versions!
By level3.net I mean the backbone ISP.
It bogs down badly under the load I place on it.
This is done for archival purposes.