Hi, At the old board we were discussing the PCFlank test: http://pub24.ezboard.com/fsecureyesecurityfrm6.showMessage?topicID=265.topic There is now a test published where they give a report about 8 firewalls with their default settings. http://www.pcflank.com/art19.htm
Glad they did that. Myself and others had been running those test and comparing notes. Glad to be able to rub my own Sygate 5.0 results in there face a bit.
While there is nothing that is absolutely secure, I was glad to see that result from PCFlank. ZA has been pretty good to me, and I am glad to see that it also is holding its own.
That test only tested for "stealthed ports". Why is that significant? I need to be pinged because I run a DNS server and netsol needs to be able to ping it. Does that mean I am unsecure? Now if it tested how many firewalls protect against a rogue .dll grafted to IE when IE has full ability to hit the net, then that might be worth something. Stealthing ports is one thing, but we can only stealth ports we don't use. I need a firewall that does more than that. My hardware firewall from 3com (3c510) does that better than any software firewall can because no virus or trojan on my machine can shut it down. What about security for ports that have to be open? How do these little firewalls fair then? The server that this forum is on has port 80 open (or you couldn't find the site), so does it fail the test? It is not stealthed, so I guess it does. Does that make it insecure? Try to hack it and find out. It forcefully rejected all requests during the port scan, it uses an Apache/1.3.19 (Unix) webserver. Seemed solid at first glance. I won't go further since I don't want to anger anyone at security-pro.co.uk I just think stealth is over rated. It means every server behind enterprise level Cisco routers fail, and any Jonny Lunchbox with ZA is a fortress. Talk about a false sense of security. Poor Jonny won't know what hit 'em.
Unicron, An interesting point. You may already be aware of this, but there was a recent thread in the comp.security.firewalls newsgroup (a USENET NNTP newsgroup) on this subject. It starts on or about 12 Feb 2002 and is entitled "How to Stealth POP3 Port 110 using NIS 2000?". I made a bunch of replies in that thread. Anyone who's interested can find them there. (No point in double-posting them.)
Rick - have you already got a complete NG's listing through your ISP? Mine's news.clt.bellsouth.net . When you first call it up, it asks you if you want to d/l a listing of all available NG's. Let it do that (it's a lengthy process on dial-up). When it's finished, you just can type 'comp' (without the quotes) under the box which says 'Display newsgroups which contain'. When you find comp.security.firewalls , you just click on it once to highlight it, then click 'Subscribe'. It's listing will appear under your ISP's 'news' category, and it'll load however many messages you've got it configured to. If you don't have NG's set up already in your mail program (I use OE and that's what my instructions were for, BTW), let us know and we'll help you with that. Pete
got it thx......took awhile...... I registered a couple of days ago and still havben't got a password? any idea why?
Try to register once again. You should normaly receive your password a few minutes later. If you still have problems with the password try to contact one of the admins for help. wizard