F-Secure 2014 Internet Security Beta Test Firewall

Rusli

Hi All,

 

This is the right time to feedback to F-Secure if you really don't like the default Windows Firewall being use in F-Secure 2014.

 

As what being release for F-Secure 2013 Internet Security.

 

http://www.f-secure.com/en/web/labs_global/internet-security-2014-beta

 

Victorhcardoso

I've been using F-Secure Internet Security 2014 Beta.

I've just used Shields Up page to test F-Secure firewall, but F-Secure failed on this test, why?

 

Here is the address: https://www.grc.com/x/ne.dll?bh0bkyd2

 

Thanks for your attention.

Victorhcardoso

Hello,

I use this address to test F-Secure IS firewall:

 

Here is the address: https://www.grc.com/x/ne.dll?bh0bkyd2

 

That is called Shields up test.

 

But not all the ports were stealthed at the end of the test.

 

What do you suggest?

 

Thanks in advance!

Rusli

Can you go to Control Panel, Windows Firewall and go to Turn off and Turn on Firewall settings.

 

Check the box on Block  Incoming for both Private and Public Network Settings.

 

Make sure that your Firewall is enable! (Select Turn on Firewall!)

 

After you have done so, restart your computer.

 

And try the with GRC again.

 

 

Rusli

Hi

 

I am suggesting to F-Secure to discontinue using Windows own Default Firewall.

 

It is not secure.

 

Not unless F-Secure thoroughly doing firewall leak testing.

 

Because Windows own default firewall always fail the test in firewall leaktesting!

 

Windows own firewall is very vulnerable!

 

Victorhcardoso

I've just repeated the test on Shields Up site.

 

Not there are only 2 ports which are not stealth: 0 and 1

 

Thanks a lot for your reply!

 

Regards,

 

Victor

Victorhcardoso

Rusli,

 

I fully agree with you!

 

Best regards,

 

Victor

Rusli

F-Secure,

 

Please take note, that port 0 and 1 are open.

 

Why????

Rusli

F-Secure,

 

Here is the link for Firewall leak testing.

 

 

 

Comodo HIPS and Firewall leak testing.

 

http://personalfirewall.comodo.com/cltinfo.html

 

GRC leak test

 

https://www.grc.com/lt/leaktest.htm

 

Matousec leak test

http://www.matousec.com/downloads/

 

 

It need to pass all these tests.

 

www.pcflank.com

Victorhcardoso

Rusli,

 

I've just perfomed some tests avalilable at PCFlank.

 

Here are some of the results for F-Secure Internet Security 2014 Beta:

 

Stealth test, Trojans test, Advanced Port Scanner and Exploit Test: Stealthed in all of them.

 

So, I can say F-Secure Internet Security 2014 Beta was perfect in all of them.

 

Best regards,  Victor

 

 

Victorhcardoso

Rusli,

 

On the Leak test at https://www.grc.com/lt/leaktest.htm  F-Secure Internet Security 2014  firewall unfortunately Failed.

 

Best regards,

 

Victor

Rusli

Hi Victor,

 

Does the F-Secure Internet Security 2014 beta Deep Guard detect the GRC Leaktest????

 

If Deep Guard did detect the GRC Leaktest. 

 

It need to block it.

 

In order to get a pass result.

 

If you allow it of course it will failed the test.

Rusli

Good to hear it!

 

At least it pass some of the test at PCFlank.

 

 

Rusli

Hi Victor,

 

May I know what Windows OS are you using to do the beta testing???

 

Windows Xp or Windows 7? Or Windows 8. Or Windows 8.1 Preview???

Victorhcardoso

Rusli,

 

I'd like to say that when I ran the file LeakTest.exe from https://www.grc.com/lt/leaktest.htm Deepeguard didn't emit any kind of alert and the result of this test was  failure.
Since I am a F-Secure Internet Security 2014 Beta tester I've already reported to support team this failure of Deepguard.

Best regards,

Victor

Victorhcardoso

Rusli,

 

I'm running F-Secure Internet Security Beta on a Windows 7 64 bits system.

 

Best regards,

 

Victor

Simon

I've just done a Shields Up! test, and a Leak Test, using a Belkin 7800N router and Windows XP.

 

The Shields Up! test passed, fully strealthed, and the Leak Test produced the Deepguard screen, at which point I selected to Block the application (which I think is right).  The application failed to connect, so I assume that means Deepguard is working correctly.

Victorhcardoso

I made the both tests here on my computer: Shields Up: Stealthed all the ports  (Great!) and the leak test I think Deepguard blocked it (Great!)

It seems to me last version did a great job having fixed some important issuesobserved on previous version.

 

Thanks a lot!

Rusli

Hi Simon, 

 

Good to hear that.

 

Did you try Comodo Firewall leaktest yet???

 

http://personalfirewall.comodo.com/cltinfo.html

 

All these things need to be tested and feedback to  F-Secure.

 

 

Rusli

Hi Victor,

 

It's good to hear that. 

 

But you need to test an extra mile with comodo firewall leaktesting.

 

http://personalfirewall.comodo.com/cltinfo.html

 

And do a feedback to F-Secure.

 

All these things need to be tested heavily!

 

I'm not so sure if F-Secure did testings with Matousec's Security Software Testing Suite 64???

 

Because that is the most important thing to pass the firewall testing!

 

Without that there is no protection at all!

 

 

 

Rusli

There are a couple things to note.

 

F-Secures own DNS.

 

Does it slow down your internet surfing???

 

This is also another issues need to bring up to F-Secure attention.

 

Because many users having this problem.

 

Memory resources. Does it take up too many memory resources??? 

 

Heuristic testing. This is the most common thing to do testing.

 

Many times it need to be fine tune!

 

Do a test with Eicars?

 

http://www.eicar.org/86-0-Intended-use.html

 

I come across many times that it failed to detect any malicious attempts.

 

Remote Desktop, Remote Assistant Attacks vulnerability is the most common attacks to all OS platform.

 

There are many attacks to these things!

 

I remember Sophos did mention of these attacks.

 

http://nakedsecurity.sophos.com/2012/09/07/microsoft-rdp-remote-desktop-protocol-or-routine-darkside-probe/

 

I have made this matter known years ago so I do not know if F-Secure take note of these things!

 

Deepguard need to check both activities in incoming and outgoing rules!

 

This under the category of PUAs!

 

I hope F-Secure did not botch up these security issues.

 

Go google search  malware domain list and test for all malware detections.

 

That is important too!

 

That can only tell if F-Secure pass everything!

 

F-Secure need to send to WestCoastLabs for certification also!

 

http://www.westcoastlabs.com/checkmark/

 

Check the VB100 Rap detections.

 

http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Oct12-Apr13-12.jpg

 

Av-test for F-Secure 2013 result test.

 

http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1%5Breport_no%5D=130510

 

Av-Comparative test for F-Secure 2013.

 

http://chart.av-comparatives.org/chart1.php

 

F-Secure 2013 firewall test. (Very bad!)

 

http://www.matousec.com/projects/proactive-security-challenge-64/results.php

 

Simon

---

@Rusli wrote:

Hi Simon, 

 

Good to hear that.

 

Did you try Comodo Firewall leaktest yet???

 

http://personalfirewall.comodo.com/cltinfo.html

 

All these things need to be tested and feedback to  F-Secure.

 

 

---

I downloaded that file, but Deepguard blocked it.  If I disallow it through Deepguard, the tests will not run, but if I allow it, doesn't that defeat the object?  Not sure how to proceed with that one...

Simon

I've just tested with Eicar, and it blocked the Eicar.com file immediately, but failed to block the Eicar.com.txt file when downloading, which, incidentally, Windows Defender did block.  I know FS will say WD should be removed, but I've always run them side by side, and never had a problem, and indeed, FS doesn't detect it as 'conflicting software' during the installation.  The fact that WD caught the Eicar.com.txt file when FSIS didn't, confirms to me that a single layer of protection isn't always adequate.

 

The Eicar.com.txt file was blocked by FSIS when manually scanned, as were the two zipped files, but neither of the zipped files were blocked during download either.

 

http://www.eicar.org/85-0-Download.html

Victorhcardoso

Hello,

I performed Comodo Leak Test and the F-Secure Internet Security 2014 Beta presented vulnerabilities, what it means it failed on the test.

On the other hand I did the same test in another machine whrere it is installed Online Armor Firewall. The results was 340/340 which means it blocked everything - perfect result.

 

Best regards,

 

Victor

Simon

So, excuse the ignorance, but to run the Comodo test, should it be allowed in Deepguard?

Victorhcardoso

Simon,

 

The first alert you can allow, but just the first one - this allows test starts.

 

Best regards,

 

Victor

 

ps: I've already reported to F-secure (Beta Program)

Simon

Sorry, this just isn't working for me. I allow the first alert, then it starts testing and a second alert pops up. If I allow that, the test continues, and the 'score' is 220/340, but it is then not producing a log file. Well, it is, but a blank one, which isn't much use.

I'm also getting very irritated at having to log in again here every time I want to make a post. Is there no permanent login cookie on this forum?

Victorhcardoso

Simon,

 

Sorry for the problems you are having to deal with.

It seems to me there is no cookie and every time we have to log in order to post here.

 

Best regards,

 

Victor

Simon

Hey, not your fault, Victor.    Having been running two forums myself for the best part of ten years though, it's not generally good practice to make it a hassle for members to post, and on the forums I operate, this would certainly be seen as detrimental to forum traffic and member access.  Given that this isn't the busiest forum in the world, I would have thought that making it easier to post would be a no-brainer.

 

Anyway, back to the matter in hand, I do wonder, if allowing the Comodo application through Deepguard, actually produces vulnerabilities that would otherwise have been blocked anyway?  It may not be blocking each individual test, but blocking the whole application is stopping the activation of the tests as a whole - is this not full protection?

Victorhcardoso

Simon,

Comodo Leak Test is a safe file and can be run without any risk. So in order to start testing F-Secure Internet Security 2014 Beta when I got the first alert (F-Secure didn't reconized the file) I agreed. After the end of this test I could see F-Secure IS 2014 Beta didn't block many of the similulated risk situations proposed by Comodo Leak Test. I did the same test with Online Armor Firewall and was perfect. Well, I've already reported this to F-Secure Beta program technical support.

By the way I did another test with both firewalls - Online Armor and F-Secure IS 2014 Beta.

Shields Up test.

Results:

Online Armor - not stealthed all the ports (8 just closed)

F-Secure IS 2014 Beta - stealthed all the ports (perfect)

 

Best regards,  Victor

Simon

I'm going to have to give up with this Comodo test.  For some reason, DeepGuard keeps popping up upon launching, and during the test, even though I allow the application each time, and the tests won't complete.  I wonder if this is a bug in itself, DeepGuard not 'remembering' to allow an application?  I seem to recall, there used to be a tick box for it to remember the answer given (Allow / Deny), but this doesn't seem to be there now.

 

I did the Shields Up! tests the other day, and FSIS passed all with flying colours.  Are there any other firewall tests I can do, instead of the Comodo one?