main
Report a problem

Kaspersky: Vista Firewall Not Enough Alone

Sagittarius   on 27 December 2007 - 21:30 · 37 comments & 33578 views

Advertisement (Why?)
Kaspersky Lab, a leading developer of secure content management solutions, has released a new analytical article on using leak tests to evaluate firewall effectiveness by Nikolay Grebennikov, deputy director of the Department of Innovative Technologies. According to Grebennikov, due to the increase in the number of malicious programs, the additional security provided by a firewall is increasingly pertinent since firewalls block undesirable network traffic. He states that even the latest operating systems, such as Windows Vista, cannot block all types of leaks on their own (although, from Windows XP SP2 onwards, Windows has included a firewall. Firewall functionality was significantly expanded in Windows Vista).

According to the results of testing conducted in March 2007 by Guillaume Kaddouch (http://www.firewallleaktester.com/articles/vista_and_leaktests.html), Windows Vista Ultimate 64-bit using default settings blocked only 9 leak tests (the leak tests blocked are shown in green in the results table). The new operating system is clearly better protected than previous versions thanks to numerous improvements, including UAC, IE protected mode, Service hardening and Kernel Patch Protection (Vista x64). However, even Windows Vista requires third-party protection programs to provide the necessary level of protection from leaks.

Thanks for the tip, EL1TE!

View: Article on VirusList

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Unknown
User name: Sagittarius
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 37 additional comments
(3 replies) #1 +warwagon on 27 Dec 2007 - 21:43
as a firewall maker, what are they gonna say? WOW Vista's firewall is the best ever!
#1.1 thingsforjason on 27 Dec 2007 - 23:22
Agreed...Kaspersky isn't going to release an article that says: "Nah, you don't really need our product!"
#1.2 ThaCrip on 28 Dec 2007 - 00:05
Quote - (thingsforjason said @ #1.1)
Agreed...Kaspersky isn't going to release an article that says: "Nah, you don't really need our product!"


exactly! ... so in other words you cant trust there opinion since it's obviously going to be biased since they want you to buy there product. lol
#1.3 Shiranui on 28 Dec 2007 - 00:51
Quote - (ThaCrip said @ #1.2)
exactly! ... so in other words you cant trust there opinion since it's obviously going to be biased since they want you to buy there product. lol


There. Their. They're. What's the difference....
(5 replies) #2 Dynames00 on 27 Dec 2007 - 21:49
see if microsoft did bundle a firewall that is along the same lines as a "good" software firewall, these security companies will come out and scream monopoly.

when that happens, security isn't on the minds of those companies, money is. and when money is #1, the consumer will suffer. Example: look what symantec did to PatchGuard

Last edited by Dynames00 on 27 Dec 2007 - 21:49
#2.1 HawkMan on 28 Dec 2007 - 00:41
the only real advantage third party firewalls has is easy of configurability, and the ability to monitor your network traffic. of course this depends on the firewall in question as well.
#2.2 vetmarkjensen on 28 Dec 2007 - 02:53
Quote - (Dynames00 said @ #2)
... and when money is #1, the consumer will suffer.
...
So, you state that when making money is priority #1, the consumer suffers. You do realize that Microsoft is a company. And, as a company, has making money as the #1 priority (else there would be no investors). And so is Apple. And Coca-cola. And Toyota. And Nabisco.

Consumers suffering all over, at the feet of the corporate masters.
#2.3 Foub on 28 Dec 2007 - 13:43
Quote - (markjensen said @ #2.2)
Quote - (Dynames00 said @ #2)
... and when money is #1, the consumer will suffer.
...
So, you state that when making money is priority #1, the consumer suffers. You do realize that Microsoft is a company. And, as a company, has making money as the #1 priority (else there would be no investors). And so is Apple. And Coca-cola. And Toyota. And Nabisco.

Consumers suffering all over, at the feet of the corporate masters.


Actually, I don't see it being the number 1 priority that is the problem. The true problem is when it is the ONLY priority. That is why you are getting lead in your children's toys and toxic chemicals, and worse in your food now, and too many of your manufacturing jobs being outsourced to places that don't practice human rights. Too many Enron-type corporations around. Having lots of cheap consumer cr*p is not a good thing in the long run. You end up paying far more in other ways for it.

Last edited by Foub on 28 Dec 2007 - 13:48
#2.4 +Dakkaroth on 28 Dec 2007 - 16:56
Quote - (Foub said @ #2.3)
Quote - (markjensen said @ #2.2)
Quote - (Dynames00 said @ #2)
... and when money is #1, the consumer will suffer.
...
So, you state that when making money is priority #1, the consumer suffers. You do realize that Microsoft is a company. And, as a company, has making money as the #1 priority (else there would be no investors). And so is Apple. And Coca-cola. And Toyota. And Nabisco.

Consumers suffering all over, at the feet of the corporate masters.


Actually, I don't see it being the number 1 priority that is the problem. The true problem is when it is the ONLY priority. That is why you are getting lead in your children's toys and toxic chemicals, and worse in your food now, and too many of your manufacturing jobs being outsourced to places that don't practice human rights. Too many Enron-type corporations around. Having lots of cheap consumer cr*p is not a good thing in the long run. You end up paying far more in other ways for it.


I'll have to agree with you on that one. Good post.
#2.5 Foub on 28 Dec 2007 - 19:11
Quote - (Dakkaroth said @ #2.4)
I'll have to agree with you on that one. Good post.


There is absolutely nothing wrong with making an honest profit.....
#3 Express on 27 Dec 2007 - 21:58
I am more than happy with Vista's firewall. I have enabled the outgoing firewall on my machine.
Vista's firewall is for a power user like me and can be extended by third party applications.

These test were conducted with default settings which are pretty lenient so as to not break applications.
I have customized the settings per my usage and I am pretty happy with it. Vista passed all the leaktests when I first started experimenting with Vista's firewall several months ago.
I use the netsh command to control all the settings although the GUI is very easy to use.

I used to use Kerio with XP but I have no use for it anymore after moving to Vista. I had experimented with IPSec rules in XP but its not flexible as the control that Vista provides.
Vista also lets me control QOS settings per application so I can limit bandwidth usage without resorting to third-party apps.

Last edited by Express on 27 Dec 2007 - 22:02
(1 reply) #4 Foub on 27 Dec 2007 - 22:31
Wasn't there a recent report that said that the free firewall programs were better than the paid ones, or was that anti-virus programs?

Vista's firewall was one of the only few good things about it that I liked.
#4.1 toadeater on 28 Dec 2007 - 06:09
Quote - (Foub said @ #4)
Wasn't there a recent report that said that the free firewall programs were better than the paid ones, or was that anti-virus programs?


Well, as a PC firewall, Comodo 3.0 is the best firewall I have ever used, and it's free.

For antivirus, you can do about as well as Kaspersky and NOD by using a combination of Avira Antivir and AVG antispyware, which are both free. You can also add on Avast, AVG antivirus, and Bitdefender for free, just make sure to disable them from running the background or your PC will grind to a halt.

I leave only Comodo running in the background, and do only on-demand scans of new files.

Last edited by toadeater on 28 Dec 2007 - 06:09
(2 replies) #5 xan K on 27 Dec 2007 - 22:32
with Comodo, all my firewall needs are satisfied.
#5.1 Shiranui on 28 Dec 2007 - 00:53
One more vote for Comodo. v3 is excellent.
#5.2 BilliShere on 28 Dec 2007 - 02:07
the defense+ thingy really needs some tuning
#6 BluDrgn on 27 Dec 2007 - 22:45
These companies want to explain the importance of using protective software but what I ran into was there was not anything that is compatible with x64 Vista and just recently have programs become available (with limited support as most sites state). Also when I have tried running different types of programs performance slows way down - I may not have settings set right or something - I am a knowlegable user but not to the level of a "power" user - I have tried to look up information as to configure settings for such programs but without much luck -
(4 replies) #7 Croquant on 27 Dec 2007 - 22:48
Bah, hardware firewalls are better anyways.
#7.1 Malbojia on 28 Dec 2007 - 00:33
Amen Croquant. Amen!
#7.2 HawkMan on 28 Dec 2007 - 00:44
except there you have the issue that a port is open or.. not.

software firewalls does give you a lot more control in not only opening the port, but also sayig thatonly this app has access to it. and it's about a few hundred time more convenient and easy to use instead of filing with a HW firewall.
#7.3 RAID 0 on 28 Dec 2007 - 03:47
I use both hardware and software firewalls.
#7.4 fivehorizons on 28 Dec 2007 - 14:40
I agree, hardware firewalls are the way to go. As long as you keep your computers updated, you shouldn't have any problems even if you have some ports open.
#8 +Octol on 28 Dec 2007 - 00:52
Symantec just sent me their Endpoint Protection 11.0 to replace SAV 10.2 that I have on five machines. The main difference that I can see is that Endpoint Protection has an included software firewall that actually works quite well and is easy to configure.

I've always depended on hardware firewalls for incoming traffic, but it's nice to know I can depend on a software firewall for outgoing traffic at the same time.
#9 ThePitt on 28 Dec 2007 - 02:31
despite that Im going to sound obvious but someday m$ will release "that" version and all this companies will need to close... But probably that wont never happend, because security, even in the virtual world is a good business and no one want to be out.
#10 cork1958 on 28 Dec 2007 - 02:56
Vista AND it's firewall both suck!!
Computer I'm on right now, just had Vista blown off it. Runs SO MUCH better now.

While we're on the subject of Kaspersky, just installed Kaspersky Personal Pro AV and Kaspersky Anti Hacker. Along with router, I'm not worried about ANYTHING!! Should be no reason to have to pi** around with netsh to secure your system with a good software firewall installed. What joe blow user do you think knows anything about that?
#11 lfLASHl on 28 Dec 2007 - 03:28
just install and trying out Comodo. must, very nice, would love to see something, that looks and works like sygate.
#12 este on 28 Dec 2007 - 04:38
one word:

duh?
(1 reply) #13 +HappyAndyK on 28 Dec 2007 - 08:55
Vista's fw is just great ! Unforunately, its easy to configue, only with a 3rd party app !
#13.1 yakumo on 31 Dec 2007 - 15:47
whats wrong with the firewall MMC snap in?
add it to any mmc, or just run it directly with 'Windows Firewall with Advanced Security' in administrative tools on the start bar.
#14 tsupersonic on 28 Dec 2007 - 15:19
If you have a router (aka hardware firewall), Vista firewall is just great for everyday use. I'd only recommend a software firewall if you didn't have a hardware firewall.
#15 +Dakkaroth on 28 Dec 2007 - 17:01
Wow, over all the comments and hearing how great Comodo is, I decided to check it out for myself. CNet seems to agree as well with a 5 star editor rating, and 4 star user rating.

Thanks for the info guys.
(1 reply) #16 schwit on 28 Dec 2007 - 18:52
I love this statement "although, from Windows XP SP2 onwards, Windows has included a firewall."

Can anybody seriously call the THING that comes with XP SP2 a firewall. How limited can a product be and still be called a firewall?
#16.1 PermaSt0ne on 28 Dec 2007 - 23:09
because it filters internet traffic......



and of course Vista's firewall isn't going to be top notch. if it was any better than it is right now it would confuse the hell out of all the average users and just create massive problems

to gain something, you must loose something. better security = less usability. microsoft found a good "sweet spot" right in the middle and ran with it.
(2 replies) #17 WDGC on 29 Dec 2007 - 01:01
Quote from article:
-----------------------
although, from Windows XP SP2 onwards, Windows has included a firewall.
---------------------

XP has always had a firewall!
#17.1 +Dakkaroth on 29 Dec 2007 - 04:28
Please sir, do enlighten me.
#17.2 raskren on 29 Dec 2007 - 15:09
It wasn't ON by default until SP2.

There was MASSIVE amounts of administrator whining before SP2's release. Claims that the firewall would break the web and destroy internal corporate networks and applications didn't quite pan out...did they?
#18 ramymamlouk on 30 Dec 2007 - 10:53
Regardless of anything mentioned about the effectiveness of software/hardware firewalls, my only problem is that this article is dated March 14th 2007.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1387) © 2000 - 2008 Neowin.net