Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Firewall tests

19 Sep 2011   #31
FranzB

Windows 7 Home Premium 32bit, Linux Mint Julia, in dual boot mode
 
 

Quote   Quote: Originally Posted by logicearth View Post
You want to test a firewall? GRC. It test only the firewall. fancy port scanner you say? Well yes that is how you test a firewall. A firewall blocks ports, allows/blocks communications on said ports. That is all a firewall does. Simple right?

Now, my personally evaluation. If you are behind a NAT Router, almost every consumer router is a NAT Router. Then you are perfectly safe from almost anything that is not an accomplished hacker. But I seriously doubt you as a home user would ever be targeted by anyone high level enough to warrant their attention.
I never will argue with your last sentence and i am not worried about break-ins. I guess, the whole issue for me is (was?) more a matter of intellectual curiosity
about how all these things can be tested and checked objectively. My scientific
curiosity


My System SpecsSystem Spec
.
19 Sep 2011   #32
FranzB

Windows 7 Home Premium 32bit, Linux Mint Julia, in dual boot mode
 
 

But another question. If the GRC port scanner states that all my ports are in "stealth" then why does the firewall
penetration test fails, i.e. the firewall is penetrated?
My System SpecsSystem Spec
19 Sep 2011   #33
logicearth

Windows 10 Pro (x64)
 
 

And what test is that? What are you using to test firewall penetration? If it is some program you are running on your computer, then I doubt it is testing the router firewall but the one on your computer. Even then it would be like a robber stealing from his own family (aka., already has the keys and access). The only way to test firewall penetration is from external sources. Over the internet for your router, from another computer for internal systems.

You cannot test firewall penetration from the other side of the air-tight hatch way. Remember that saying, other side of the air-tight hatch way. Security becomes pretty easy then. The hatch is to keep attackers out but if the attacker is already on the other side. Then....you lost.
My System SpecsSystem Spec
.

19 Sep 2011   #34
FranzB

Windows 7 Home Premium 32bit, Linux Mint Julia, in dual boot mode
 
 

Quote   Quote: Originally Posted by logicearth View Post
And what test is that? What are you using to test firewall penetration? If it is some program you are running on your computer, then I doubt it is testing the router firewall but the one on your computer. Even then it would be like a robber stealing from his own family (aka., already has the keys and access). The only way to test firewall penetration is from external sources. Over the internet for your router, from another computer for internal systems.

You cannot test firewall penetration from the other side of the air-tight hatch way. Remember that saying, other side of the air-tight hatch way. Security becomes pretty easy then. The hatch is to keep attackers out but if the attacker is already on the other side. Then....you lost.
................................

Both tests (port scanner and leaktest) are from GRC. The leaktest is downloaded.
But you gave me an idea. The test is apparently only for outgoing traffic.
I gave the order to download it and once on my computer i gave the program
the order to connect to port 80 of the GRC server. The message comes back:
Firewall penetrated. Then i say "So what? I gave all the orders". So what does the test prove? IMO, only that my computer follows my orders. Or is my thinking completely off course?
Heise Securities (see my thread "Some security checks and issues") gives
email checks with a variety of viruses whereby YOU give them your email address. Then they send you an email with a link. If YOU ckick on the link they send you an email with the requested virus hidden somewhere or in an attachment. You can then check how your email program and your AV program reacts to it. This is all done from the outside (the GRC leak test is from the inside as you pointed out).
Heise has various other checks but surprisingly none for firewalls. I guess they just don't want to stick out their neck. They do have a ping test though.

Actually who cares about outbound traffic? A malicious program must first come in from the outside as you pointed out. Once in, it can give orders for outbound traffic that you are not aware of. This is never tested by the GRC leak test or other programs i am aware of. So again, what use are these leak tests? No use at all, i think. Wrong thinking?
My System SpecsSystem Spec
19 Sep 2011   #35
Barman58

Windows 10 Pro x64 x2 Windows 10 Enterprise x64, Ubuntu
 
 

Quote:
Actually who cares about outbound traffic? A malicious program must first come in from the outside as you pointed out. Once in, it can give orders for outbound traffic that you are not aware of. This is never tested by the GRC leak test or other programs i am aware of. So again, what use are these leak tests? No use at all, i think. Wrong thinking?
The outbound test (leaktest) is to check your total security - yes you have let the program onto the system but what about those programs you let in without your knowledge? or do things that are not expected. Your system should at least inform you of any program that is attempting to access the web that has not been given your express permission.
My System SpecsSystem Spec
19 Sep 2011   #36
FranzB

Windows 7 Home Premium 32bit, Linux Mint Julia, in dual boot mode
 
 

Quote   Quote: Originally Posted by Barman58 View Post

The outbound test (leaktest) is to check your total security - yes you have let the program onto the system but what about those programs you let in without your knowledge? or do things that are not expected. Your system should at least inform you of any program that is attempting to access the web that has not been given your express permission.
...............

I agree but it is more of a double security should something slip through onto your computer.
Still the emphasis should be on incoming traffic and that is checked by the firewall as well as the real time AV **. A good, solid check on incoming traffic and there will be no problem with unauthorized outgoing traffic.
As far as i understand those leak tests check the outgoing traffic and as logicearth pointed out, then it may be too late. Letting something in on purpose and then getting the message "your firewall failed" seems a bit ....well, i don't know .... silly. The download of the leak test is aparently not considered harmful by any AV because YOU have give it the order for outbound traffic and the program does not connect on its own.

** and of course the router firewall - i almost forgot
My System SpecsSystem Spec
19 Sep 2011   #37
HammerHead

win 7 X64 Ultimate SP1
 
 
Well Wishes

To all that are striving for 100%. I wish you well. Meanwhile I haven't got the time to agonize over something that is not perfect nor ever will be.
My System SpecsSystem Spec
19 Sep 2011   #38
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

I also like my firewall to tell me when legit programs, I installed, are calling out. Some programs have no business calling out, it isn't necessary for the proper operation of that program. Generally speaking, once told yes or no, they don't bother me again. A Guy
My System SpecsSystem Spec
20 Sep 2011   #39
FranzB

Windows 7 Home Premium 32bit, Linux Mint Julia, in dual boot mode
 
 

Quote   Quote: Originally Posted by HammerHead View Post
To all that are striving for 100%. I wish you well. Meanwhile I haven't got the time to agonize over something that is not perfect nor ever will be.
Hammerhead, it's a learning process (a well as curiosity) and this IT isn't an exact science so experience does count. And i learned a lot from my own thread, not only from the replies to it but also from my own digging and especially from having to formulate my replies and questions (something that very often helps to solve a problem). Of course there is no 100.0000% security but you can always try to get closer. And checking how secure it is can never do any harm.
The thread was actually started because i got frustrated by my internet supplier telling me my computer was infected by a "redirecter" when i wanted to change my password and saw that this could be done on a non-encrypted page. Believe it or not. And that while they also have an https site for logging in. The http site is given in first place when you google. I then checked my computer rigorously with all kinds of AV and looked around for checks on firewalls. It took me hours.
My System SpecsSystem Spec
29 Sep 2011   #40
Creer

Windows 7 Home Premium x32 SP1
 
 

Quote   Quote: Originally Posted by FranzB View Post
Thank for all your replies.
On a rainy, quiet Sunday morning i did some digging with Google and i came across three websites that set me straight or at least left me wondering. If i would have read them before posting this thread i would probably never have posted it.
The three are:
www.matousec.com: Security software testing, analyses, research and reviews. ---->projects ------>proactive security challenge
(...)
Keep in mind that Matousec tests mainly implemented HIPS module in listed firewalls.

That's why i.e Look 'n' Stop Firewall (extra light and strong pure firewall without HIPS module) in Matousec tests is noted so bad.

Discussion about that you will find here: Matousec - COMODO 100% again - Wilders Security Forums

Another new FW test you wanna look into it (it's firewall outbound test):
Google Translate [Automated Google translation]
My System SpecsSystem Spec
Reply

 Firewall tests




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows Firewall disables itself every 5 or 6 hours "Wndows Firewall i
I have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...
System Security
Windows Firewall starts with 3rd party firewall installed and active
Hi guys, Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running? It makes me nervous! :confused: I have a fresh installation of Comodo Internet Security. The only reason I knew it was running was because I got the message after a reboot,...
System Security
Windows Personal Firewall service and Mcafee firewall not turning on
I have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps: Download both...
System Security
eset firewall and anti virus or whats the best firewall with windows
IS the esset firewall any worth comparied to comando? or outpost or others? I know its mainly a anti virus with built in firewall but does is it worth it? is comando the best?
System Security
Firewall tests by Matousec, Comodo is #1 !
hi ! the latest testresults from Matousec: Comodos is #1 with 100% score on 148 tests ! OnlineArmor is #2 with 96%, a good alternative if you don´t want Comodo... the 2 firewalls at the top are both FREE, it can´t be any better, can it ? PcTools is #9 with 51% score....:eek: i decided to...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 18:16.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App