Kaspersky: Vista Firewall Not Enough Alone

Kaspersky Lab, a leading developer of secure content management solutions, has released a new analytical article on using leak tests to evaluate firewall effectiveness by Nikolay Grebennikov, deputy director of the Department of Innovative Technologies. According to Grebennikov, due to the increase in the number of malicious programs, the additional security provided by a firewall is increasingly pertinent since firewalls block undesirable network traffic. He states that even the latest operating systems, such as Windows Vista, cannot block all types of leaks on their own (although, from Windows XP SP2 onwards, Windows has included a firewall. Firewall functionality was significantly expanded in Windows Vista).

According to the results of testing conducted in March 2007 by Guillaume Kaddouch (http://www.firewallleaktester.com/articles/vista_and_leaktests.html), Windows Vista Ultimate 64-bit using default settings blocked only 9 leak tests (the leak tests blocked are shown in green in the results table). The new operating system is clearly better protected than previous versions thanks to numerous improvements, including UAC, IE protected mode, Service hardening and Kernel Patch Protection (Vista x64). However, even Windows Vista requires third-party protection programs to provide the necessary level of protection from leaks.

Thanks for the tip, EL1TE!

View: Article on VirusList

Report a problem with article
Previous Story

WTO Awards Caribbean Country Right to Ignore US Copyright

Next Story

Microsoft .NET Framework 2.0 Service Pack 1 (x86)

36 Comments

Commenting is disabled on this article.

Regardless of anything mentioned about the effectiveness of software/hardware firewalls, my only problem is that this article is dated March 14th 2007.

Quote from article:
-----------------------
although, from Windows XP SP2 onwards, Windows has included a firewall.
---------------------

XP has always had a firewall!

It wasn't ON by default until SP2.

There was MASSIVE amounts of administrator whining before SP2's release. Claims that the firewall would break the web and destroy internal corporate networks and applications didn't quite pan out...did they?

I love this statement "although, from Windows XP SP2 onwards, Windows has included a firewall."

Can anybody seriously call the THING that comes with XP SP2 a firewall. How limited can a product be and still be called a firewall?

because it filters internet traffic......

and of course Vista's firewall isn't going to be top notch. if it was any better than it is right now it would confuse the hell out of all the average users and just create massive problems

to gain something, you must loose something. better security = less usability. microsoft found a good "sweet spot" right in the middle and ran with it.

Wow, over all the comments and hearing how great Comodo is, I decided to check it out for myself. CNet seems to agree as well with a 5 star editor rating, and 4 star user rating.

Thanks for the info guys.

If you have a router (aka hardware firewall), Vista firewall is just great for everyday use. I'd only recommend a software firewall if you didn't have a hardware firewall.

whats wrong with the firewall MMC snap in?
add it to any mmc, or just run it directly with 'Windows Firewall with Advanced Security' in administrative tools on the start bar.

Vista AND it's firewall both suck!!
Computer I'm on right now, just had Vista blown off it. Runs SO MUCH better now.

While we're on the subject of Kaspersky, just installed Kaspersky Personal Pro AV and Kaspersky Anti Hacker. Along with router, I'm not worried about ANYTHING!! Should be no reason to have to pi** around with netsh to secure your system with a good software firewall installed. What joe blow user do you think knows anything about that?

despite that Im going to sound obvious but someday m$ will release "that" version and all this companies will need to close... But probably that wont never happend, because security, even in the virtual world is a good business and no one want to be out.

Symantec just sent me their Endpoint Protection 11.0 to replace SAV 10.2 that I have on five machines. The main difference that I can see is that Endpoint Protection has an included software firewall that actually works quite well and is easy to configure.

I've always depended on hardware firewalls for incoming traffic, but it's nice to know I can depend on a software firewall for outgoing traffic at the same time.

These companies want to explain the importance of using protective software but what I ran into was there was not anything that is compatible with x64 Vista and just recently have programs become available (with limited support as most sites state). Also when I have tried running different types of programs performance slows way down - I may not have settings set right or something - I am a knowlegable user but not to the level of a "power" user - I have tried to look up information as to configure settings for such programs but without much luck -

Wasn't there a recent report that said that the free firewall programs were better than the paid ones, or was that anti-virus programs?

Vista's firewall was one of the only few good things about it that I liked.

Foub said,
Wasn't there a recent report that said that the free firewall programs were better than the paid ones, or was that anti-virus programs?

Well, as a PC firewall, Comodo 3.0 is the best firewall I have ever used, and it's free.

For antivirus, you can do about as well as Kaspersky and NOD by using a combination of Avira Antivir and AVG antispyware, which are both free. You can also add on Avast, AVG antivirus, and Bitdefender for free, just make sure to disable them from running the background or your PC will grind to a halt.

I leave only Comodo running in the background, and do only on-demand scans of new files.

I am more than happy with Vista's firewall. I have enabled the outgoing firewall on my machine.
Vista's firewall is for a power user like me and can be extended by third party applications.

These test were conducted with default settings which are pretty lenient so as to not break applications.
I have customized the settings per my usage and I am pretty happy with it. Vista passed all the leaktests when I first started experimenting with Vista's firewall several months ago.
I use the netsh command to control all the settings although the GUI is very easy to use.

I used to use Kerio with XP but I have no use for it anymore after moving to Vista. I had experimented with IPSec rules in XP but its not flexible as the control that Vista provides.
Vista also lets me control QOS settings per application so I can limit bandwidth usage without resorting to third-party apps.

see if microsoft did bundle a firewall that is along the same lines as a "good" software firewall, these security companies will come out and scream monopoly.

when that happens, security isn't on the minds of those companies, money is. and when money is #1, the consumer will suffer. Example: look what symantec did to PatchGuard

the only real advantage third party firewalls has is easy of configurability, and the ability to monitor your network traffic. of course this depends on the firewall in question as well.

Dynames00 said,
... and when money is #1, the consumer will suffer.
...
So, you state that when making money is priority #1, the consumer suffers. You do realize that Microsoft is a company. And, as a company, has making money as the #1 priority (else there would be no investors). And so is Apple. And Coca-cola. And Toyota. And Nabisco.

Consumers suffering all over, at the feet of the corporate masters. :P

markjensen said,
So, you state that when making money is priority #1, the consumer suffers. You do realize that Microsoft is a company. And, as a company, has making money as the #1 priority (else there would be no investors). And so is Apple. And Coca-cola. And Toyota. And Nabisco.

Consumers suffering all over, at the feet of the corporate masters. :P

Actually, I don't see it being the number 1 priority that is the problem. The true problem is when it is the ONLY priority. That is why you are getting lead in your children's toys and toxic chemicals, and worse in your food now, and too many of your manufacturing jobs being outsourced to places that don't practice human rights. Too many Enron-type corporations around. Having lots of cheap consumer cr*p is not a good thing in the long run. You end up paying far more in other ways for it.

Foub said,

Actually, I don't see it being the number 1 priority that is the problem. The true problem is when it is the ONLY priority. That is why you are getting lead in your children's toys and toxic chemicals, and worse in your food now, and too many of your manufacturing jobs being outsourced to places that don't practice human rights. Too many Enron-type corporations around. Having lots of cheap consumer cr*p is not a good thing in the long run. You end up paying far more in other ways for it.

I'll have to agree with you on that one. Good post.

Dakkaroth said,
I'll have to agree with you on that one. Good post. ;)

There is absolutely nothing wrong with making an honest profit.....

thingsforjason said,
Agreed...Kaspersky isn't going to release an article that says: "Nah, you don't really need our product!" :confused:

exactly! ... so in other words you cant trust there opinion since it's obviously going to be biased since they want you to buy there product. lol

ThaCrip said,
exactly! ... so in other words you cant trust there opinion since it's obviously going to be biased since they want you to buy there product. lol

There. Their. They're. What's the difference.... :suspicious: