Leakage review puts Comodo, Jetico way ahead of field.
An in-depth study subjecting 23 different personal firewall products to a range of leak tests has granted two free products,
Comodo Personal Firewall
and
Jetico Personal Firewall
, the only ‘excellent’ ratings in the field. Behind them are the popular
ZoneAlarm PRO
and
Trend Micro
‘s
PC-cillin Internet Security
, both rated ‘very good’.
Kaspersky
and
Lavasoft
products are in the ‘good’ category, as is
Outpost
, despite being accused of cheating. Meanwhile
Sunbelt
and
Norton
are in the ‘poor’ group and
McAfee
alongside
Sygate
under ‘very poor’. The level of protection offered by products from
CA
,
BitDefender
,
F-Secure
,
Panda
and
AVG
, among others, is described as ‘none’. At the bottom of the class, with a score of zero, is of course the
Windows XP SP2
built-in firewall, which only protects against inbound attacks.
The tests were designed and carried out by a small group of researchers led by David Matousek and published at
matousec.com
. Their methodologies have come in for some criticism, particularly concerning treatment of integrated products combining firewalls with anti-malware; many such products picked up on the suspicious behaviour of the leak tests themselves, and had to have their anti-malware modules disabled to complete the testing. Some vendors have suggested that this impairs performance, as their firewalls are intended to work in conjunction with malware blocking without unnecessary overlapping.
Results of the tests were released last week, and responses from several vendors have begun to be posted on the results site. These can be viewed, along with detailed results, a description of the testing methodology and many of the test programs used,
here
. Further firewall testing is planned.
Elsewhere in the firewall world,
heise security
reports that a bug in the
Convert-UUlib
Perl library, discovered in April 2005, was left unpatched in its implementation in the
Barracuda
firewall until a very recent update. The vulnerability left
Barracuda
users at risk of remote access attacks for the full 20 months.
heise
‘s report is
here
, and details from the researcher who found the hole are
here
.
Posted on 07 December 2006 by
Virus Bulletin
Leave a Reply