TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

This is a TP95 - F-Secure Internet Security Technology Preview release 95. Or version 95.

 

For those who don't know this is infact a beta version of F-Secure Internet Security.

 

So don't get confuse over a release version which I beta testing previously.

 

This is what I found out ...

 

Methods of Beta Testing.

--------------------------------

 

Eicar test files

-------------------

 

What file being block and what file did not block. Let see...

 

 

Mostly this files are being block with F-Secure TP95.

 

Download area using the standard protocol http

http://www.eicar.org/download/eicar.com 

http://www.eicar.org/download/eicar.com.txt

http://www.eicar.org/download/eicar_com.zip

http://www.eicar.org/download/eicarcom2.zip

 

Under Eicar SSL only one file is being block which is eicar.com. If you are using IE10. And if you are using Mozilla Firefox browser eicar.com and eicar.txt are block.

 

Download area using the secure, SSL enabled protocol https

https://secure.eicar.org/eicar.com

https://secure.eicar.org/eicar.com.txt

https://secure.eicar.org/eicar_com.zip

https://secure.eicar.org/eicarcom2.zip

 

Only two of Eicar SSL files are not successfully block. There is no F-Secure Notification Indicator to block these files being block. Namely https://secure.eicar.org/eicar_com.zip and https://secure.eicar.org/eicarcom2.zip

 

Software Bug, these two files are not fully block and there is no F-Secure Notification Indicator.

 

CleanUpTool

------------------

Cleanup Tool seems to work out of the box. It is infact an F-Secure Online Scanner.

 

http://www.f-secure.com/en/web/home_global/online-scanner

 

 

Firewall LeakTesting

---------------------------

Currently downloading and testing two files. One from GRC Leaktesting and the other is Comodo Firewall leaktest.

 

Both Files are block when run.

 

GRC leaktesting and Comodo Firewall are block when Deep Guard detects the two files.

 

 

If you choose to allow and trust those programs.

 

GRC leaktesting and Comodo Firewall both failed to block when allow or trust the program to run.

 

GRC leaktesting failed. Indicate Firewall Penetrated! (When allow or trust the program)

 

Comodo Firewall leaktesting failed. Indicate a 190/340 score. (When allow or trust the program)

 

 

 

Now this is the interesting part. You have to turn on one option from Deep Guard settings.

 

Now go to Status Settings, Check or tick the "Use the compatibility mode (lower security)"

 

However GRCLeaktest passed the test when this option is turn on from Deep Guard.

 

GRC leaktest says "Unable to Connect". Which is pass the test.

 

Now let's do the Comodo Firewall Leaktest. The score that I get is 290/340. With the same Deep Guard "Use the compatibility mode (lower security) turn on.

 

What failed to detect under Comodo Firewall Leaktest.

 

Rootkit Installation:ChangeDrvPath (vulnerable)

Invasion: RawDisk (vulnerable)

Injection: SetWinEventHook (vulnerable)

Injection: SetWindowsHookEx (vulnerable)

Hijacking: StartUpProgram (vulnerable)

 

F-Secure TP95 Failed the Comodo Firewall leaktesting.

 

What I did not do a test at this time. The Matousec Firewall Leaktest. However I have file a report on this matter to F-Secure Beta Team. I hope they look into the matter.

 

Verdict:- I still find that using Windows Integrated Firewall is not a option to secure your computer.

 

Malware Domain List

----------------------------

Check all the known malware domain list. Seem to detect most of it.

 

 

Online Banking

--------------------

Test most of banking site, just to see if the F-Secure Online Banking Notification is working.

 

I do a run down test and select online banking. All the local banks that I can think off detected by F-SEcure Online Banking Protection.

 

** Please do take note, I did not own a credit or debit card to test the site for online banking **

 

Help Option

----------------

Working! Via Online Internet Connection.

 

Safe Search

-----------------

Seems to be working.

 

SafeProfile

---------------

Seems to be working.

 

 

 

 

 

 

Answers

  • RusliRusli Posts: 989

    Please take note, IE 10 cannot detect these 3 Eicar SSL files:-

     

    https://secure.eicar.org/eicar.com.txt

    https://secure.eicar.org/eicar_com.zip

    https://secure.eicar.org/eicarcom2.zip

     

    No F-Secure notification to block thse files from downloading.

     

    If do a Manual scan, all of these files are detected.

     

  • BlackcatBlackcat Posts: 511

    The big problem that I see with the ONLINE SCANNER/Cleanup Tool is that it will automatically clean/delete malware; there is no ASK. 

     

    So if the malware is a false positive and it detects a "harmless" system file then there are problems. 

     

    I am not running the beta; does the Cleanup Tool have a quarantine/log-file now?

     

     

  • RusliRusli Posts: 989

    Blackcat,

     

    I don't think there is a quarantine for online security. Usually is detect and delete.

     

    Maybe I'm wrong. Because this is TP95 version.

     

     

  • SimonSimon Posts: 2,574

    The Cleanup Tool is indeed simply a link to download the Online Scenner.  There is still no indication that the application will ask before deleting in TP95.

     

    Untitled-1.png

  • RusliRusli Posts: 989

    Detecting Eicar files seems to vary with IE 10, Google Chrome and Mozilla.

     

    Especially with the HTTPS/SSL Eicar files.

     

    F-Secure tend to fumble with these files!

     

     

This discussion has been closed.