On Thu, 13 Dec 2007 14:49:23 -0800, Victek wrote:
>> I wonder which one is better?
> As you can see no one is going to say anything nice about the Norton
> Firewall <g>. I don't think it's a bad product, but there are others if you
> want a firewall that monitors outbound connections...
Scroll down to: Vendors' responses; Sunbelt Software - the vendor of
Sunbelt Kerio Personal Firewall.
A realistic assessment with respect to 3rd party PFW from a respectable
software manufacturer 2007-08-07.
It's just a matter of time when others follow (but then again they may
stubbornly refuse giving up the mighty advertisement dollar).
Aside from Microsoft, Steve Gibson of Gibson Research Corporation, Sunbelt
makers of Kerio PFW and quazillions of IT experts the list is growing;
We're gonna have a "I-told-you-so 'cum' egg-on-the-face party' pretty soon
and ya'll invited to join BB and KM are paying
Sunbelt Software - the vendor of Sunbelt Kerio Personal Firewall
....we have some reservations about personal firewall "leak testing" in
general. While we appreciate and support the unique value of independent
security testing, we are admittedly skeptical as to just how meaningful
these leak tests really are, especially as they reflect real-world
The key assumption of "leak testing" -- namely, that it is somehow useful
to measure the outbound protection provided by personal firewalls in cases
where malware has already executed on the test box -- strikes us as a
questionable basis on which to build a security assessment. Today's malware
is so malicious and cleverly designed that it is often safest to regard PCs
as so thoroughly compromised that nothing on the box can be trusted once
the malware executes. In short, "leak testing" starts after the game is
already lost, as the malware has already gotten past the inbound firewall
Moreover, "leak testing" is predicated on the further assumption that
personal firewalls should warn users about outbound connections even when
the involved code components are not demonstrably malicious or suspicious
(as is the case with the simulator programs used for "leak testing"). In
fact, this kind of program design risks pop-up fatigue in users,
effectively lowering the overall security of the system -- the reason
developers are increasingly shunning this design for security applications.
> ...and is easier to interact with then the firewall built into Vista.
> Consider ZoneAlarm and PC Tools Firewall PLus which are both freeware.
Why your firewall sucks.
"But I quickly realized the truth: The added protection provided by
outbound filtering is entirely illusory."
Security is a process not a product.