Jump to content
Sign in to follow this  
Tarun

Testing firewalls

Recommended Posts

well after using comodo it can be quite buggy and it was fooled by that stuff i cleaned out of pc 10 days ago when i had to reformat it fooled mimiced the comodo turned it off i stumbled upon that fact investigating the tojans etc. i had no firewall trojan turned off commodo but comodo acted as if it was on.so i think im getting rid of comodo and using that other online armor or just plain windows1/2 a firewall better then none at all.

Share this post


Link to post
Share on other sites

oops i found it but still not impressed by its description looks like a comodo clone and unnecessary spyware scanner i just need a firewall not another cumbersome behemoth. i'll hold off on firewall. i went back to windows xp good enoughf or now.

Share this post


Link to post
Share on other sites

i respect your opinion but comodo too buggy for my taste. EDITED i did some Further reading outpost is just a basic firewall i think i earlier i was reading the paid pro version i stand corrected

Share this post


Link to post
Share on other sites

OKAY LET ME OPEN MY MOUTH AND INSERT FOOT. Yes I was way too harsh and after really comparing the two Comodo is the better firewall. Online Armor Free does not offer half the features or protection. So lets just say I jumped the gun on my assessment . i will be keeping my system protected by Comodo .

Share this post


Link to post
Share on other sites

Between Outpost and Comodo , Outpost has a slight edge, I guess it comes down to personal preference. Comodo has more features.

Share this post


Link to post
Share on other sites

Well, the test only tests the application/leak-related part of the firewall.

It did not test resource usage (CPU/RAM), the intrusion-detection system (IDS), security, features, etc.

That is an excellent point has anyone seen a really comprehensive test showing comparative results of these factors. That would really show how they all stack up versus one another.

Share this post


Link to post
Share on other sites

Yeah, but its still testing the core part of what a firewall is meant to do. And it does test performance; http://www.matousec.com/projects/firewall-...level.php?num=1

"Firewall" is a bit diffuse term.

Most Windows firewall are so called "personal firewalls" which usually contains an application that filters packets based on a set of rules and a IDS (intrusion-detection system). Later these personal firewalls started to block access to the network by unauthorized applications.

When I think of the "core part of what a firewall is meant to do" it is packet filtering according to a set of rules.

Share this post


Link to post
Share on other sites

I understand both your points of view but i think also how much it cost you on processing speed should be done. plus things like is it a turnkey program no worries ease of use etc. for novices and do you need to uninstall to get the updated version i know i read somewhere online armor you need to uninstall and reinstall new updates that's with the free one anyway. does it have a learning mode things like that

leak test is the most important but i think every facet of all the firewalls features need to be given a test to allow people to look at the overall picture of the firewalls. its a give and take on all their features anyway. just thought an overview look of the firewalls features in some type of chart with the categories would mean more to more users other then the break down charting of the leak test which is too most pc users hard to understand.

Share this post


Link to post
Share on other sites

Between Outpost and Comodo , Outpost has a slight edge, I guess it comes down to personal preference. Comodo has more features.

Not really after features, IMHO they don't 'make' the program, you can have a gazillion and six features on a program, that however doesn't actually mean that it's any good. It's the functionality and 'better' results that I look for.

Will give Outpost a try and go from there.

Cheers :)

Share this post


Link to post
Share on other sites

i guess i used the wrong words functionality was what i meant, just had a slight brain fart earlier. thanks

Share this post


Link to post
Share on other sites

Hmm. But arne't these tests meant to prove whether malicious software (intrusion) could be stopped (detection) by the firewall (system)?

No, those tests are leak-tests.

It is when software already installed on the computer tries to connect to resources outside the computer. That is not an intrusion, it would be more like an extrusion or something.

An intrusion is when an outside computer tries to connect to your computer.

Also detection doesn't mean it stops it, it merely means it detects it. Also, the system doesn't need to be firewalled for it to be running an IDS.

Example, Snort is just an IDS, not a firewall.

Share this post


Link to post
Share on other sites

I understand both your points of view but i think also how much it cost you on processing speed should be done. plus things like is it a turnkey program no worries ease of use etc.

Yeah, it can be a convienence with an application that includes an intrustion-detection system, packet filtering and application-based filtering.

leak test is the most important but i think every facet of all the firewalls features need to be given a test to allow people to look at the overall picture of the firewalls.

I don't think that the leak test is the most important part because if triggers when a malware is already installed on your computer (and tries to reach out). That means it already went through your defense, and its in your system, which kinda means your failed. If its already in your system, it already made it into your system, and it went too far.

I remember being on dial-up and switching from ZoneAlarm to Outpost. It was an amazing difference how much faster Outpost was over ZA.

Wow, if ZoneAlarm is slow even with the crappy throughput of a dial-up connection, then it must really suck (in terms of network I/O efficiency).

Share this post


Link to post
Share on other sites

Hmm. But arne't these tests meant to prove whether malicious software (intrusion) could be stopped (detection) by the firewall (system)?

No, those tests are leak-tests.

It is when software already installed on the computer tries to connect to resources outside the computer. That is not an intrusion, it would be more like an extrusion or something.

An intrusion is when an outside computer tries to connect to your computer.

Also detection doesn't mean it stops it, it merely means it detects it. Also, the system doesn't need to be firewalled for it to be running an IDS.

Example, Snort is just an IDS, not a firewall.

What would you suggest as an alternative?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...