Author Topic: Avast free and PC tool firewall  (Read 10277 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67199
Re: Avast free and PC tool firewall
« Reply #15 on: May 19, 2011, 03:14:37 AM »
Just for the record...

Gizmo criticizes the Matousec's tests. It's a technical reading, but seems fair (http://www.techsupportalert.com/content/matousec-personal-firewall-tests-analyzed.htm).
Others point to an interest conflict on Matousec's tests, reducing their independence (?) (http://smokeys.wordpress.com/2008/04/20/matousecs-firewall-challenge-wrinkle-conflict-of-interests/).

Leak tests are popular mainly because they are very easy to perform: you simply run a program, and it tells you if it passed or failed the test. However, life is not that simple, unfortunately.

The primary goal of a firewall is to keep hackers out of your system, that is, prevent inbound attacks in the first place. It's astonishing that many firewaller "testers" only focus on outbound protection, completely ignoring the inbound part (which is absolutely vital). It's like they assumed it worked flawlessly in case of all the products, which, unfortunately, doesn't seem to be the case, really.

Next, outbound protection is of course also important, but so called leak tests are not everything. There's a myriad of other things that a decent firewall should do, and which are usually not assesed by these tests. All I'm saying is that testing a firewall is a very complex task and focusing on leak tests is a gross (and inappropriate) simplification.
The best things in life are free.

sded

  • Guest
Re: Avast free and PC tool firewall
« Reply #16 on: May 19, 2011, 03:55:46 AM »
Leak tests (Matousec, CLT, ...) are kind of interesting, but they mostly have nothing to do with firewalls.  They are HIPS tests, which look at what a process does and alert you to whether you want to allow or block the action.  See attachment for what OA watches; Comodo D+, Private Firewall, etc. have a similar list. You score well on the leak test if you alert enough stuff and tell the user to block all the popups.  A behavior blocker looks at a sequence of such behavior, and tries to tell if it is malicious to try to make it easier for you.  Both suffer in reality from the fact that perfectly legitimate programs need to do the same thing as malware; so most things that ring up are false alarms-unless you are doing Matousec type tests where you know the answer is "malware". ;)  .  Thus whitelisting has become very popular to recognize known programs with trusted signatures that do certain activities.  Blacklists have also been used, but the difficulty of keeping up with all the new malware has really made this too difficult.
Firewalls deal with connections, ports and protocols, mostly without looking at the content of your datastream (packet filters).  So they deal with permissions given to various processes to accept input and provide outputs over the internet to various external processes.  The simplest firewalls (like early Windows) simply allow all outbound connections (stuff your computer requested) and deny all inbound connections (processes that want to connect to you).  This works pretty well until you need to deal with rogue processes within your computer that want to connect out, and you need a way to block outbound connections.  There are also things like active FTP and Torrent that legitimately need to make connections to you, and also have malware that try to imitate them.  So it does get a little more complicated.  Many firewalls provide additional monitoring and control of the connections, but most of this is for advertising and a perceived competitive advantage.  Silent firewalls, like Avast!, do the packet filtering and connection control, but no HIPS-they rely on the behavior blocker and now the sandbox (isolates execution of a program from the real world until you are satisfied it is not malware) instead.  But all of these things generally require a "standard user" as part of the test, and that is simply too difficult for Matousec et al to deal with.  :)  IMHO.
« Last Edit: May 19, 2011, 04:10:41 AM by sded »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67199
Re: Avast free and PC tool firewall
« Reply #17 on: May 20, 2011, 04:09:12 PM »
Be careful with comparison websites that come with a sales link to their 'top contenders'.
+1 Matousec is not an independent tester. And it tests HIPS not firewall capabilities like sded said.
The best things in life are free.

Daris

  • Guest
Re: Avast free and PC tool firewall
« Reply #18 on: May 21, 2011, 09:09:08 AM »
I have tried Online Armor, Private Firewall, Filseclab Firewall, Comodo, Sygate, Ashampoo Firewall, and Outpost I might have missed a few more...None of the Firewalls are that bad and most are better than the XP firewall or even Vista...Yet I find that some do stop or don't recognize certain services in the administrative tools, and they do block them, which then leads to alot of errors or things not working properly...Also If you have a state of the art firewall and you get pop ups in the learning mode that you don't understand or get discouraged from constant pop ups and than decide to let stuff in.....or if the firewall is too hard to configure or if you are a beginer to firewalls ...The best of the Best with the best ratings won't be of any use to you...
   The choice for a good firewall depends on the user or your preferences ...and understanding for advanced users or beginners..I find that the PC Tools is a full Firewall with no upgrades to the paid version and it is very light and easy to understand, hassle free, also it does go very well with Avast on Windows Vista and XP..."There is some issues with the PC Tools firewall with Windows 7"....Which they are looking into but their support in my opinion is terrible, and you have to be approved by the administrator to get on the Forum to ask a question...Lots of people with questions but nobody with answers...I'm stil waiting to get to their forum.....I could care less for any of their other software and don't even want to go there...
   So In Conclusion I guess that most of the Firewalls you have...Paid or free, you have to be comfortable with that firewall and your Machine has to accept that Firewall with no issues or stopped services....Just my opinion after so many firewalls that I have tried..And feel free to add if I did miss anything here...I would also suggest a "security suite" where your firewall comes along with your antivirus it makes things much easier on compatabillity
Just not the PC Tools Security Suite unless you want to download 1 gigabyte of PC TOOLS security
   Cheers !!!and safe surfing!!!!

Raveen Kool

  • Guest
Re: Avast free and PC tool firewall
« Reply #19 on: May 21, 2011, 10:14:49 AM »
Quote
"There is some issues with the PC Tools firewall with Windows 7"

@daris : Yes its true it was fine with windows xp, but when i install it in Win 7, it always blocks the incoming connection.....