CeeCee Posted November 29, 2007 Share Posted November 29, 2007 Just tried this firewall leaktest and my Sygate 5.6 failed it. PCFlank states, that so far only Outpost Firewall Pro and Tiny Personal Firewall 2005 has passed the test. Can someone who got one of those firewalls confirm this? http://www.pcflank.com/pcflankleaktest.htm PCFlank's Leaktest is a small utility that tests any firewall's ability to protect against unauthorized or illegal transmissions of data from a user's computer that is connected to the Internet. Path Copy TeraCopy Unlocker Link to comment Share on other sites More sharing options...
Humpty Posted November 29, 2007 Share Posted November 29, 2007 Downloaded and run from within a sandboxed session with Sandboxie configured to stop all outbounds other than the default browser. No text sample was received by PCFlank so I consider it a pass. Link to comment Share on other sites More sharing options...
Tarq57 Posted November 30, 2007 Share Posted November 30, 2007 Sorry, can't speak for the two firewalls you mentioned, but I can report that Comodo 3 with default settings failed, apart from a defense+ alert, which is really a test of the HIPS. (Which passed.) The firewall itself should have blocked a non-whitelisted application, AFAIK. Reinstalled version 2, it passed. Will continue with V2 at least until hearing a satisfactory explanation of this. Thanks for the test. Link to comment Share on other sites More sharing options...
smilingralph Posted November 30, 2007 Share Posted November 30, 2007 Just tried this firewall leaktest and my Sygate 5.6 failed it. PCFlank states, that so far only Outpost Firewall Pro and Tiny Personal Firewall 2005 has passed the test. Online Armor Free does too. Link to comment Share on other sites More sharing options...
LUSHER Posted December 4, 2007 Share Posted December 4, 2007 Sorry, can't speak for the two firewalls you mentioned, but I can report that Comodo 3 with default settings failed, apart from a defense+ alert, which is really a test of the HIPS. (Which passed.) The firewall itself should have blocked a non-whitelisted application, AFAIK.Reinstalled version 2, it passed. Will continue with V2 at least until hearing a satisfactory explanation of this. Thanks for the test. Let me explain something to you. The only way to pass most leak tests is to employ HIPS like functions. This mean watches various system functions, monitoring inter-process communications, protecting process memory space, handling OLE etc. All major firewalls that aim to beat leak tests have already being using these (HIPS) techniques for ages. The jump from comodo firewall 2 to 3 isn't one from 0 hips to 100% hips as you seem to think, but rather a formal recognition of what already exists (plus even more system monitoring). So in the past when they did the same stuff, except they didn't call it defense+ Another difference between full blown HIPS and hips like functions employed by firewalls (that do not claim hips), is that the later only monitors a smaller subset of processes that directly does network communication while the former does all processes. But the same basic thing is monitored. If a firewall stuck only to basic firewall functions it would pretty much fail all leak tests , since it would be filtering only network connections and would be blind to higher level transactions. BTW pcflank test is considered a fairly primative test these days. http://www.matousec.com/projects/windows-p...sts-results.php shows that a fairly large number of firewalls block it. Link to comment Share on other sites More sharing options...
CeeCee Posted December 4, 2007 Author Share Posted December 4, 2007 The only way to pass most leak tests is to employ HIPS like functions. Is HIPS protection necessary? Path Copy TeraCopy Unlocker Link to comment Share on other sites More sharing options...
LUSHER Posted December 5, 2007 Share Posted December 5, 2007 Is HIPS protection necessary? To pass leak tests/ outbound filtering definitely. The leak tests already runs on your system, if it is running completely unrestricted it has dozens of way to beat your firewall. HIPS is just a complicated way of restricting what it can do to tunnel out./.. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now