Free firewalls rated best in leak tests

Posted by   Virus Bulletin on   Dec 7, 2006

Leakage review puts Comodo, Jetico way ahead of field.

An in-depth study subjecting 23 different personal firewall products to a range of leak tests has granted two free products, Comodo Personal Firewall and Jetico Personal Firewall, the only 'excellent' ratings in the field. Behind them are the popular ZoneAlarm PRO and Trend Micro's PC-cillin Internet Security, both rated 'very good'.

Kaspersky and Lavasoft products are in the 'good' category, as is Outpost, despite being accused of cheating. Meanwhile Sunbelt and Norton are in the 'poor' group and McAfee alongside Sygate under 'very poor'. The level of protection offered by products from CA, BitDefender, F-Secure, Panda and AVG, among others, is described as 'none'. At the bottom of the class, with a score of zero, is of course the Windows XP SP2 built-in firewall, which only protects against inbound attacks.

The tests were designed and carried out by a small group of researchers led by David Matousek and published at matousec.com. Their methodologies have come in for some criticism, particularly concerning treatment of integrated products combining firewalls with anti-malware; many such products picked up on the suspicious behaviour of the leak tests themselves, and had to have their anti-malware modules disabled to complete the testing. Some vendors have suggested that this impairs performance, as their firewalls are intended to work in conjunction with malware blocking without unnecessary overlapping.

Results of the tests were released last week, and responses from several vendors have begun to be posted on the results site. These can be viewed, along with detailed results, a description of the testing methodology and many of the test programs used, here. Further firewall testing is planned.

Elsewhere in the firewall world, heise security reports that a bug in the Convert-UUlib Perl library, discovered in April 2005, was left unpatched in its implementation in the Barracuda firewall until a very recent update. The vulnerability left Barracuda users at risk of remote access attacks for the full 20 months. heise's report is here, and details from the researcher who found the hole are here.

Posted on 07 December 2006 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.