F-Secure 2014 Internet Security Beta Test Firewall

Rusli
Rusli Posts: 1,012 Influencer

Hi All,

 

This is the right time to feedback to F-Secure if you really don't like the default Windows Firewall being use in F-Secure 2014.

 

As what being release for F-Secure 2013 Internet Security.

 

http://www.f-secure.com/en/web/labs_global/internet-security-2014-beta

 

«13

Comments

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    I've been using F-Secure Internet Security 2014 Beta.

    I've just used Shields Up page to test F-Secure firewall, but F-Secure failed on this test, why?

     

    Here is the address: https://www.grc.com/x/ne.dll?bh0bkyd2

     

    Thanks for your attention.

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Hello,

    I use this address to test F-Secure IS firewall:

     

    Here is the address: https://www.grc.com/x/ne.dll?bh0bkyd2

     

    That is called Shields up test.

     

    But not all the ports were stealthed at the end of the test.

     

    What do you suggest?

     

    Thanks in advance!

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Rusli,

     

    I fully agree with you!

     

    Best regards,

     

    Victor

  • Rusli
    Rusli Posts: 1,012 Influencer

    F-Secure,

     

    Please take note, that port 0 and 1 are open.

     

    Why????

  • Rusli
    Rusli Posts: 1,012 Influencer

    F-Secure,

     

    Here is the link for Firewall leak testing.

     

     

     

    Comodo HIPS and Firewall leak testing.

     

    http://personalfirewall.comodo.com/cltinfo.html

     

    GRC leak test

     

    https://www.grc.com/lt/leaktest.htm

     

    Matousec leak test

    http://www.matousec.com/downloads/

     

     

    It need to pass all these tests.

     

    www.pcflank.com

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Rusli,

     

    I've just perfomed some tests avalilable at PCFlank.

     

    Here are some of the results for F-Secure Internet Security 2014 Beta:

     

    Stealth test, Trojans test, Advanced Port Scanner and Exploit Test: Stealthed in all of them.

     

    So, I can say F-Secure Internet Security 2014 Beta was perfect in all of them.

     

    Best regards,  Victor

     

     

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Rusli,

     

    On the Leak test at https://www.grc.com/lt/leaktest.htm  F-Secure Internet Security 2014  firewall unfortunately Failed.

     

    Best regards,

     

    Victor

  • Rusli
    Rusli Posts: 1,012 Influencer

    Hi Victor,

     

    Does the F-Secure Internet Security 2014 beta Deep Guard detect the GRC Leaktest????

     

    If Deep Guard did detect the GRC Leaktest. 

     

    It need to block it.

     

    In order to get a pass result.

     

    If you allow it of course it will failed the test.

  • Rusli
    Rusli Posts: 1,012 Influencer

    Good to hear it!

     

    At least it pass some of the test at PCFlank.

     

     

  • Rusli
    Rusli Posts: 1,012 Influencer

    Hi Victor,

     

    May I know what Windows OS are you using to do the beta testing???

     

    Windows Xp or Windows 7? Or Windows 8. Or Windows 8.1 Preview???

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Rusli,

     

    I'd like to say that when I ran the file LeakTest.exe from https://www.grc.com/lt/leaktest.htm Deepeguard didn't emit any kind of alert and the result of this test was  failure.
    Since I am a F-Secure Internet Security 2014 Beta tester I've already reported to support team this failure of Deepguard.


    Best regards,

    Victor

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Rusli,

     

    I'm running F-Secure Internet Security Beta on a Windows 7 64 bits system.

     

    Best regards,

     

    Victor

  • Simon
    Simon Posts: 2,667 Superuser

    I've just done a Shields Up! test, and a Leak Test, using a Belkin 7800N router and Windows XP.

     

    The Shields Up! test passed, fully strealthed, and the Leak Test produced the Deepguard screen, at which point I selected to Block the application (which I think is right).  The application failed to connect, so I assume that means Deepguard is working correctly.

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    I made the both tests here on my computer: Shields Up: Stealthed all the ports  (Great!) and the leak test I think Deepguard blocked it (Great!)

    It seems to me last version did a great job having fixed some important issuesobserved on previous version.

     

    Thanks a lot!

  • Rusli
    Rusli Posts: 1,012 Influencer

    Hi Simon, 

     

    Good to hear that.

     

    Did you try Comodo Firewall leaktest yet???

     

    http://personalfirewall.comodo.com/cltinfo.html

     

    All these things need to be tested and feedback to  F-Secure.

     

     

  • Rusli
    Rusli Posts: 1,012 Influencer

    Hi Victor,

     

    It's good to hear that. 

     

    But you need to test an extra mile with comodo firewall leaktesting.

     

    http://personalfirewall.comodo.com/cltinfo.html

     

    And do a feedback to F-Secure.

     

    All these things need to be tested heavily!

     

    I'm not so sure if F-Secure did testings with Matousec's Security Software Testing Suite 64???

     

    Because that is the most important thing to pass the firewall testing!

     

    Without that there is no protection at all!

     

     

     

  • Rusli
    Rusli Posts: 1,012 Influencer

    There are a couple things to note.

     

    F-Secures own DNS.

     

    Does it slow down your internet surfing???

     

    This is also another issues need to bring up to F-Secure attention.

     

    Because many users having this problem.

     

    Memory resources. Does it take up too many memory resources??? 

     

    Heuristic testing. This is the most common thing to do testing.

     

    Many times it need to be fine tune!

     

    Do a test with Eicars?

     

    http://www.eicar.org/86-0-Intended-use.html

     

    I come across many times that it failed to detect any malicious attempts.

     

    Remote Desktop, Remote Assistant Attacks vulnerability is the most common attacks to all OS platform.

     

    There are many attacks to these things!

     

    I remember Sophos did mention of these attacks.

     

    http://nakedsecurity.sophos.com/2012/09/07/microsoft-rdp-remote-desktop-protocol-or-routine-darkside-probe/

     

    I have made this matter known years ago so I do not know if F-Secure take note of these things!

     

    Deepguard need to check both activities in incoming and outgoing rules!

     

    This under the category of PUAs!

     

    I hope F-Secure did not botch up these security issues.

     

    Go google search  malware domain list and test for all malware detections.

     

    That is important too!

     

    That can only tell if F-Secure pass everything!

     

    F-Secure need to send to WestCoastLabs for certification also!

     

    http://www.westcoastlabs.com/checkmark/

     

    Check the VB100 Rap detections.

     

    http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Oct12-Apr13-12.jpg

     

    Av-test for F-Secure 2013 result test.

     

    http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1%5Breport_no%5D=130510

     

    Av-Comparative test for F-Secure 2013.

     

    http://chart.av-comparatives.org/chart1.php

     

    F-Secure 2013 firewall test. (Very bad!)

     

    http://www.matousec.com/projects/proactive-security-challenge-64/results.php

     

  • Simon
    Simon Posts: 2,667 Superuser

    @Rusli wrote:

    Hi Simon, 

     

    Good to hear that.

     

    Did you try Comodo Firewall leaktest yet???

     

    http://personalfirewall.comodo.com/cltinfo.html

     

    All these things need to be tested and feedback to  F-Secure.

     

     


    I downloaded that file, but Deepguard blocked it.  If I disallow it through Deepguard, the tests will not run, but if I allow it, doesn't that defeat the object?  Not sure how to proceed with that one...

  • Simon
    Simon Posts: 2,667 Superuser

    I've just tested with Eicar, and it blocked the Eicar.com file immediately, but failed to block the Eicar.com.txt file when downloading, which, incidentally, Windows Defender did block.  I know FS will say WD should be removed, but I've always run them side by side, and never had a problem, and indeed, FS doesn't detect it as 'conflicting software' during the installation.  The fact that WD caught the Eicar.com.txt file when FSIS didn't, confirms to me that a single layer of protection isn't always adequate.

     

    The Eicar.com.txt file was blocked by FSIS when manually scanned, as were the two zipped files, but neither of the zipped files were blocked during download either.

     

    http://www.eicar.org/85-0-Download.html

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Hello,

    I performed Comodo Leak Test and the F-Secure Internet Security 2014 Beta presented vulnerabilities, what it means it failed on the test.

    On the other hand I did the same test in another machine whrere it is installed Online Armor Firewall. The results was 340/340 which means it blocked everything - perfect result.

     

    Best regards,

     

    Victor

  • Simon
    Simon Posts: 2,667 Superuser
    So, excuse the ignorance, but to run the Comodo test, should it be allowed in Deepguard?
  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Simon,

     

    The first alert you can allow, but just the first one - this allows test starts.

     

    Best regards,

     

    Victor

     

    ps: I've already reported to F-secure (Beta Program)

  • Simon
    Simon Posts: 2,667 Superuser
    Sorry, this just isn't working for me. I allow the first alert, then it starts testing and a second alert pops up. If I allow that, the test continues, and the 'score' is 220/340, but it is then not producing a log file. Well, it is, but a blank one, which isn't much use.

    I'm also getting very irritated at having to log in again here every time I want to make a post. Is there no permanent login cookie on this forum?
  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Simon,

     

    Sorry for the problems you are having to deal with.

    It seems to me there is no cookie and every time we have to log in order to post here.

     

    Best regards,

     

    Victor

  • Simon
    Simon Posts: 2,667 Superuser

    Hey, not your fault, Victor.  Smiley Wink  Having been running two forums myself for the best part of ten years though, it's not generally good practice to make it a hassle for members to post, and on the forums I operate, this would certainly be seen as detrimental to forum traffic and member access.  Given that this isn't the busiest forum in the world, I would have thought that making it easier to post would be a no-brainer.

     

    Anyway, back to the matter in hand, I do wonder, if allowing the Comodo application through Deepguard, actually produces vulnerabilities that would otherwise have been blocked anyway?  It may not be blocking each individual test, but blocking the whole application is stopping the activation of the tests as a whole - is this not full protection?

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Simon,

    Comodo Leak Test is a safe file and can be run without any risk. So in order to start testing F-Secure Internet Security 2014 Beta when I got the first alert (F-Secure didn't reconized the file) I agreed. After the end of this test I could see F-Secure IS 2014 Beta didn't block many of the similulated risk situations proposed by Comodo Leak Test. I did the same test with Online Armor Firewall and was perfect. Well, I've already reported this to F-Secure Beta program technical support.

    By the way I did another test with both firewalls - Online Armor and F-Secure IS 2014 Beta.

    Shields Up test.

    Results:

    Online Armor - not stealthed all the ports (8 just closed)

    F-Secure IS 2014 Beta - stealthed all the ports (perfect)

     

    Best regards,  Victor

  • Simon
    Simon Posts: 2,667 Superuser

    I'm going to have to give up with this Comodo test.  For some reason, DeepGuard keeps popping up upon launching, and during the test, even though I allow the application each time, and the tests won't complete.  I wonder if this is a bug in itself, DeepGuard not 'remembering' to allow an application?  I seem to recall, there used to be a tick box for it to remember the answer given (Allow / Deny), but this doesn't seem to be there now.

     

    I did the Shields Up! tests the other day, and FSIS passed all with flying colours.  Are there any other firewall tests I can do, instead of the Comodo one?

This discussion has been closed.