Papers on inbound tests and other non-leak tests of firewalls

Discussion in 'other firewalls' started by MrBrian, Mar 6, 2014.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From The 2010 Personal Firewall Robustness Evaluation:
    ----------

    From "Security Vulnerability Evaluation of Popular Personal Firewalls and Operating Systems" (2010):
    Pdf at hxxps://portal.utpa.edu/utpa_main/daa_home/ogs_home/ogs_imagesfiles/surisetty.pdf .

    ----------

    From Testing and Analysis of Personal Firewalls (2010):
    ----------

    From Analysis of Vulnerabilities in Internet Firewalls (2003):
    ----------

    From "Performance and Information Security Evaluation with Firewalls" (2013):
    Pdf at hxxp://www.sersc.org/journals/IJSIA/vol7_no6_2013/37.pdf .
     
  2. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Unfortunately, the author(s) of the papers that tested the built-in Windows 7 firewall didn't specify (if I recall the papers' contents correctly) the network location (e.g. Public, Home, Work) used, and didn't test different network locations.
     
    Last edited: Mar 8, 2014
  3. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,206

    Sorry, Brian; to me, this is a bit too much to understand; what does this all mean: all of the software firewalls except Outpost and Eset are vulnerable to these attacks?
    So every single software firewall, except Outpost and Eset, is vulnerable to these mentioned attacks?
    Why should I use; let's say, Comodo Firewall or Private Firewall than, if this is all true?
    Sorry, Brian, but I'm a bit confused.
     
  4. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Here is a ports tutorial: http://www.bleepingcomputer.com/tutorials/tcp-and-udp-ports-explained/.

    One issue is whether there are ports open that other computers on the Internet (or others computers behind the same router, if you use one) could send data to. If a program listening on an open port is vulnerable, then an exploit of that vulnerability could be used to achieve remote code execution in some cases. You can use sites like https://www.grc.com/x/ne.dll?bh0bkyd2 to test whether open ports are "reachable" from other computers on the internet, and programs like Advanced Port Scanner to test whether open ports are "reachable" from other local computers. You should test your own system if you're concerned about your current setup. I use the built-in Windows 7 Firewall.

    Another issue tested is Denial-of-Service.
     
  5. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    With network location=Public.
     
  6. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    836
    Location:
    Québec, Canada
    Nice tip, thanks! ;)
     
  7. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    You're welcome :).

    That setting doesn't guarantee that no open ports will be reachable from other computers, but it's the most restrictive setting.
     
  8. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  9. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  10. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
Loading...
Thread Status:
Not open for further replies.