Jump to content

Testing firewalls


Recommended Posts

  • Administrator

I've going to be testing out a bundle of firewalls, and I have a nice list already together. If you can think of any additions, please let me know and provide a download link and I will test it. Trial versions are fine. :happybday:

* - Thanks to Ultimate Predator for the links.

** - Thanks to Eldmannen for the links.

After the firewall test, I will more than likely get more malware to infect my virtual system and test a bunch of anti-malware tools.

Link to comment
Share on other sites

  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

Ashampoo Firewall

pktfilter

Kerio Firewall

Jetico Firewall

Lavasoft Personal Firewall

On download.com there are hundreds of firewall, I never even heard of them.

I don't think Winpooch is a firewall, I think its anti-spyware.

I think thin, slim, light-weight firewalls with extensive possibilities of hardcore in-depth configuration.

The best firewall, I've ever came across is iptables, but its for Linux only though.

Link to comment
Share on other sites

Link to comment
Share on other sites

  • Administrator

For the time being I'm going to document the basics on each firewall I test. The good sides and the bad sides as well.

The next series of test I'll run will be on free anti-malware tools. I may do a few that are pay; but the primary goal will be ones that are free for end users to use. I will have to gather a good deal of malware, though. :happybday:

Link to comment
Share on other sites

For the time being I'm going to document the basics on each firewall I test. The good sides and the bad sides as well.

The next series of test I'll run will be on free anti-malware tools. I may do a few that are pay; but the primary goal will be ones that are free for end users to use. I will have to gather a good deal of malware, though. :happybday:

How do you do the test?

Will you use virtualization todo the test?

Installing 20 different software just for a test doesn't sound like something I would do on my everyday-use machine.

I will have to gather a good deal of malware, though. :happybday:

shouldn't be hard.. just run IE and surf the net for like 10 minutes. =P

LOL! Word. :)

Link to comment
Share on other sites

You can run leaktest to test them.

You can also use nmap which is the best portscanner that exists. It is widely used in the security industry. Normally I don't think you can scan localhost, but maybe with a virtual PC, I don't know how they work, else you can use it from another PC.

Else you have to settle with something like GRC ShieldsUp!

Link to comment
Share on other sites

Some day, you have to try out iptables (Linux only).

Most firewalls or personal firewalls for Windows are actually some sort of packet filter/firewall + and IDS (Intrusion-detection system).

iptables is a small little command-line based stateful firewall application. No IDS. If you want an IDS, you can get one separate, such as Snort, etc or whatever IDS you prefer.

It runs, calls the netfilter API in the kernel about the rules you defined, then closes and does not run in the background.

In iptables, you write the rules (or get an application or script to generate them for you), and those rules you can define detailedly such as source port, destination port, source address, destination address, protocol, network interface and even TCP flags, ICMP codes, etc.

There are three tables, but you can add more tables with modules.

  • The filter table for packet filtering which is good for firewalling.
  • The NAT table which is good for routing.
  • The mangle table which is good for QoS (Quality of Service) which allows you to put rate limiters, put priorities, do traffic shaping, etc. Example, you can do so that your VoIP or online game don't lag while you download stuff.

The tables have chains like input/output/forward and prerouting/postrouting. You can put the rules in the chains. And define a target for the chain, so if no packet doesn't match any rule in the chain, it goes to the target which can be like ACCEPT the packet, DROP (stealthily) the packet, or REJECT (gracefully) the packet, LOG the packet, or forward the packet to a third-party application like a logger, alerter or IDS. It supports both IPv4 and IPv6.

You can load modules which extend the functionality with extra tables, chains, targets, and features such as maximum concurrent connections, packets per second, bandwidth quota, packet length, random matches, string matching, time-ranged rules, TTL value match, etc.

With the "ipset" tool, you can load whole lists of IP addresses (blocklists) just as in PeerGuardian, and you can put them in one or more chains. If you put it in the INPUT chain, then none of those IP addresses can connect to you (good if you don't want them to be able to download files from you), and if you put them in the OUTPUT chain, then you cant connect to those IP addresses (good, if you want to unknowingly connect to baits).

iptables is no cute little skinned toy with an ON and OFF button. It is a real security tool.

Link to comment
Share on other sites

  • Administrator

Here's the list so far:

  • Agnitum Outpost Free - Downloaded
  • Agnitum Outpost Pro - Downloaded
  • Comodo Firewall Pro - Downloaded
  • ZoneAlarm Free - Downloaded
  • ZoneAlarm Pro - Downloaded
  • eTrust Firewall - Have on CD, free from Microsoft
  • Look 'n' Stop - Downloaded
  • PCTools Firewall Plus - Downloaded
  • Winpooch - Downloaded
  • McAfee Firewall Trial - Unable to download, not found
  • Norton Firewall Trial - Downloaded
  • pktfilter - Beta only - skipped
  • Ashampoo Free - Downloaded
  • Ashampoo Pro Trial - Downloaded
  • Jetico Freeware Firewall - Downloaded
  • Kerio Firewall - Downloaded
  • Lavasoft Personal Firewall - Downloaded
  • Sygate Firewall - Unable to download, not found

Link to comment
Share on other sites

# ZoneAlarm Free - Download

# ZoneAlarm Pro - Download

I was just wondering whether its worth downloading the ZoneAlarm Internet Security Suite and just disabling the AV, as it has so much more, including basic stuff that a firewall should have like SmartDefense™ Advisor (it looks really good): http://www.zonelabs.com/store/content/comp.../comparison.jsp

Link to comment
Share on other sites

  • 1 year later...

I hope the announced testing includes this program. I never saw any follow up on any results. did I overlook any comparison results on the testing of all those firewalls.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...