New firewall test site

Discussion in 'other firewalls' started by firewalltester, Jan 6, 2006.

Thread Status:
Not open for further replies.
  1. Itsme

    Itsme Registered Member

    Joined:
    Jan 31, 2004
    Posts:
    148
    maybe I did not look good enough but I could only see test results and I could not perform a test myself.

    Using Tinys firewall for years I never ever had my ports "NOT Stealth" ... so I would very much like to know where they got their results from....

    As long as I cannot test it myself along their procedures... then this site is not important to me.

    Ciao
    Itsme
     
  2. What are you talking about?

    The site does not talk about 'stealth' whatever it means. There is a 'port stealing' test, maybe you misread?

    Look below where they tell you how they test with nmap.
     
  3. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    Are tests for Look 'n' Stop and Kaspersky Anti-Hacker on the to-do list? :)
     
  4. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Kerio, Outpost Pro and Tiny having the best results .. I didn't expected anything else ;)

    nice testing done by them

    cheers
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    If they combine Sygate, Outpost and Kerio into ONE firewall, you have the very best firewall, except for Port Stealing and IDS.

    As usual MS Firewall needs to be replaced by a 3rd party firewall. :rolleyes:
     
  6. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    No it DOESN'T if you are content with INBOUND only :)
     
  7. Stefan_R

    Stefan_R Registered Member

    Joined:
    Dec 12, 2004
    Posts:
    47
    I am really happy our code mutated itself and learned how to deal with your "taffic blocking" test:

    "Traffic Blocking Test

    Can "Firewall" detect and deny new applications network access?

    Fails if "Firewall" is unable to block application from accessing the network."

    As for :
    "Self Protection Test

    Can "Firewall" protect itself from being shutdown?
    "

    Is this with root rights?

    In any case - nice effort, but I'd appreciate if you describe the sec tool config used for your testing. e.g. if you were to "test" IPTables, the results would greatly depend on your configuration.

    Furthermore - what is the point of testing a car for flying abilities? (e.g. testing a pf for IDS, application control, etc)

    Best Regards,

    Stefan (from the CHX-I team)
     
  8. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    From looking at it, I'd say ZoneAlarm almost came out the winner for those things it was tested on. I'm not surprised kerio did so well, either.

    This about convinces me that when my trial of the new McAfee runs out, I might just go with Kerio. Actually, I'd be tempted to try Tiny, until I remember when I tried it a year and how totally lost I was trying to set it up.
     
  9. yahoo

    yahoo Registered Member

    Joined:
    Feb 23, 2004
    Posts:
    290
    Location:
    nowhere
    Maybe I have not read the test throughly, my question is: what is the testing condition, is it on firewalls right out of box or configured firewalls?. It seems that it is on firewalls right out of box, because I am sure that Tiny can definitely pass the self-protection test if it is configured properly. If the testing is indeed on firewalls right out of box, I do not think the testing results are really that significant. For advanced firewalls, the users are expected to configure the firewall properly to take the full advantage of the firewall.
     
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    ZoneAlarm Pro seems to do much better than ZoneAlarm Free according these tests.
    Maybe I have to buy ZoneAlarm Pro after all.

    Tiny requires too much knowledge. Tiny would play with me in stead of me playing with Tiny.

    If all these tests are true, than each Firewall Company has still alot of work to do, because they all failed in something.
    I stick to ZoneAlarm, because I don't see any good reason to try another one.
     
  11. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    By the time I finished trying to configure Tiny last year, I'd completely locked myself out of my own computer and had to reformat. That cured me of using Tiny.

    My guess is that these are tests of firewalls out of the box, which is probably good since that's how most people will use them. The average user doesn't want to bother configuring a firewall. They want it all done for them. I'm sure ZA could make a better showing if configured, as can most of the others except maybe Windows firewall.

    I'm using the new McAfee right now and really like it, but am also a huge fan of the latest sunbelt kerio and might go to it when McAfee's trial runs out. I've never been a big fan of ZoneAlarm but do think the newest version is one of the best firewalls out there right now. Tests like this one are proving it. I'd like to see how they all show up if configured just a little bit.
     
  12. Piolyte

    Piolyte Registered Member

    Joined:
    Jan 7, 2006
    Posts:
    15
    Thank firewalltester for starting this post :)

    I have digested all the comments here and have to say its great feedback.

    I'd like to point out I am the real owner of the www.firewall-test.net site.

    I will address any suggestions/feedback as soon as I am able.

    If any part of the site is unclear please tell me :)

    Oh and I don't test out of the box, firewall is reconfigured first, and I have retested them several times too.

    TODO LIST: Look 'n' Stop, Kaspersky, eEYE Blink
     
    Last edited: Jan 7, 2006
  13. FatalChaos

    FatalChaos Registered Member

    Joined:
    Aug 6, 2005
    Posts:
    98
    A few suggestions:
    1. maybe you could rate each test in terms of importance to a secure box to make the site more newb friendly.

    2. Maybe you could give a brief summary of what each firewall is supposed to do (like CHX is only supposed to be inbound protection...so it's pretty clear that if you use CHX you don't expect leaktest protection from it).

    3. It would be interesting if you tested products like Process Guard and Antihook too.

    4. Just a question, are you going to be doing kaspersky 2006 beta or the current kaspersky firewall?

    5. Could you do core force security? http://force.coresecurity.com/
     
  14. StevieO

    StevieO Guest

    Another potentially useful test site in the making.

    One of your headers says Port Stealing, i think you mean Port Stealthing !

    My ZA Free v 5 achieves 100% Stealth at grc.com, so i don't understand why version 6 doesn't ? It also passes the vast majority of leak tests too. It's possible that other factors come into play though here, such as how i have secured my PC. Maybe it would be nice to test ZA Free.

    Looking forward to more good testing.

    Thanks


    StevieO
     
  15. FatalChaos

    FatalChaos Registered Member

    Joined:
    Aug 6, 2005
    Posts:
    98
    ppl read the portion of his port stealthing test on his site. It's not the same stealthing that Shields up and the like are talking about.
     
  16. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,185
    We have to think also other things that what these tests are telling us.
    Many people like myself don't have a router, so a stable software firewall is important.
    Comes only after more thorough experience with a product and then better stick to one that has proved trusty.

    Many people here get overly conscience about security and after a few security product tries have to reinstall windows etc, instead they had been better with just almost default setting and no paranoia :p
     
  17. Piolyte

    Piolyte Registered Member

    Joined:
    Jan 7, 2006
    Posts:
    15
    Nope I mean Port Stealing. Its a new method as far as I can tell and its currently hard to block. Anyone can rent a linux server in say level3.net and capture usernames and passwords with ease.
     
  18. J32P

    J32P Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    1
    Hello people,

    I have been using zonealram Pro. It seems pretty secure to me.

    I can make it fully stealthed by raising the internet security to high but then firefox start messing up when I'm opening multiple homepages at once. That is prolly one of the only problems that I have with it. I want to be fully stealth and fully functional.


    Can you explain this better ? And What passwords of mine will they be getting by this method and How can I stop it ?

    Does level3.net mean something different then a regular website ?


    Thanks,
    J32P2006
     
  19. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    Apparently you can't. Read the web page:

     
  20. Arup

    Arup Guest

    I fail to see the heavy load test and CHX failing that, day in day out, run CHX on a T3 connection at univ, also with my 4mbps connection at home, nowhere does it fail or bog down, infact, for P2P,no other firewall comes close to a heavily loaded P2P app running multiple connection an giving the best throughput of all the other firewalls I have tested.
     
  21. quip

    quip Guest

    I hope all those firewalls tested are already freely available and/or need registering online, because you hosted all the executables on your site, even the "pro" versions!
     
  22. Piolyte

    Piolyte Registered Member

    Joined:
    Jan 7, 2006
    Posts:
    15
    By level3.net I mean the backbone ISP.
     
  23. Piolyte

    Piolyte Registered Member

    Joined:
    Jan 7, 2006
    Posts:
    15
    It bogs down badly under the load I place on it.
     
  24. Piolyte

    Piolyte Registered Member

    Joined:
    Jan 7, 2006
    Posts:
    15
    This is done for archival purposes.
     
Loading...
Thread Status:
Not open for further replies.