F-Secure 2014 Internet Security Beta Test Firewall

2

Comments

  • Victorhcardoso
    Victorhcardoso Posts: 18 Observer

    Simon,

    You can test your F-Secure Internet Security 2014 Beta using also this site:

     

    http://www.pcflank.com/

     

    Best regards,

     

    Victor

  • Simon
    Simon Posts: 2,667 Superuser
    Yes, thanks Victor. Done most of those and FSIS passed with flying colours!
  • Rusli
    Rusli Posts: 1,012 Influencer

    Simon,

     

    Do me a favour, just submit the reports to F-secure.

     

    Regardless what results you get while Beta Testing the F-Secure Internet Security 2014 with Comodo Leaktest.

     

    So that they know what to do.

     

  • Rusli
    Rusli Posts: 1,012 Influencer

    Well... 

     

    At least I already give you all the steps and tricks to do BETA TESTING  the F-Secure 2014 Internet Security.

     

    You can google search and do the Malware Domain List.

     

    And test their software protection.

     

    See if this antivirus software detects every thing.

     

     

  • Rusli
    Rusli Posts: 1,012 Influencer

    Well,

     

    You've got BETA TEST the browsers. See if they crashes. Or having Compatibility issues.

     

    You've got to test Google Chrome, Mozilla Firefox, IE and Opera.

     

    Be sure that testing all browsers must be using the latest up to date version.

     

     

    Did anyone here BETA TESTING with Windows 8.1 Preview????

  • Simon
    Simon Posts: 2,667 Superuser

    I have indeed submitted the reports to the Beta team, and have had a response, in relation to the Comodo test:

    "How reviewers do these tests is that if the product prompts, they always click "Deny". So to have comparable results, that's what you should do for the DeepGuard prompts."

    So, that seems to suggest that one should indeed Deny the Comodo app with DeepGuard.

  • viktik
    viktik Posts: 62 Active Engager

    can we trust windows inbuilt firewall. does microsoft update there in built firewall. Also configuring it is not that easy.

    It would be better if F-secure provide there own firewall.

  • Simon
    Simon Posts: 2,667 Superuser
    It has been argued to me that since the advent of broadband, and modern routers, a software firewall is less essential than before, as the router itself contains a firewall. Personally, I've always preferred to have both, but certainly the Windows Firewall in XP isn't brilliant, as it only monitors incoming connections. I guess that's where DeepGuard comes in. Not sure if later versions of Windows have a better firewall.
  • viktik
    viktik Posts: 62 Active Engager

    F secure must bring up there own firewall together with an intrusion detection prevention system.

  • Simon
    Simon Posts: 2,667 Superuser
    I'm pretty sure DeepGuard has some sort of intrusion prevention, but I could be wrong. What it certainly needs is an option to manually disallow chosen programs, in order to give the user the option of some control.
  • Rusli
    Rusli Posts: 1,012 Influencer

    Simon,

     

    Did you try to disable the firewall router???

     

    And test the F-Secure firewall from www.grc.com and www.pcflank.com

     

    See if they pass the test.

  • Rusli
    Rusli Posts: 1,012 Influencer

    I am strongly suggesting to F-Secure to discontinue the Windows Firewall.

     

    It is not secure.

     

    I am suggesting to F-Secure to make use of their own firewall with Intrution Detection.

     

    Because it defeat the purpose of using own Windows Firewall and rely on Deep Guard.

     

    Users who are still using Windows XP, still did not get a full protections!

     

    F-Secure Beta testers please inform and feedback F-Secure if you really dislike using Windows default firewall when sending reports.

     

    Advance users must do Pen-Testing with F-Secure Internet Security. 

     

    According to Sophos.

     

    Remote Desktop attacks are very common form of attacks.

     

    I'm not so sure if Deep Guard can detect those attacks!

     

    See:-

     

    http://about-threats.trendmicro.com/us/webattack/114/The+Importance+of+MS12020+Remote+Desktop+Sessions+at+Risk

     

    That goes the same to the Mac OS X platform.

     

    F-secure please take note of these attacks!!!

     

    Once the payload is in. That's it. We doomed!

     

    Deep Guard must be able to detect such attacks from Incoming and Outgoing firewall rules!

     

  • Simon
    Simon Posts: 2,667 Superuser
    Rusli,

    I haven't tried to disable the router firewall (not sure what that would achieve), but mine passed both the Shields Up and PC Flank tests.

    I too am concerned about the ability of the Windows XP firewall, so will support your comments via feedback to the beta team.
  • Blackcat
    Blackcat Posts: 503 Influencer

    Since most modern routers have a firewall, when carrying out these firewall/leak tests you are looking at the results of BOTH the hardware (router) and software (F-Secure) firewall acting together.

     

    Therefore you need to disable the hardware firewall before testing the one in F-Secure.

     

    The problem here is that most home users who do come across the GRC test/other tests and use a router in addition to any software firewall will believe all green means everything is well, when in fact their software is not working as well as it should be. 

     

     

  • Simon
    Simon Posts: 2,667 Superuser

    OK, I've disabled my router firewall (the only way to do this on a Billion 7800N is to create a rule allowing all connections), and performed the Shields Up! and PC Flank tests.  Again, it passed on all levels.  the only way I can get the Shields Up! test to fail is to allow ping through my router.  Even then, all the common ports are still stealthed, and it just fails on the ping test.

     

    Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .
    image
    image
    image
    Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
    image
    image
    image
    Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

  • Rusli
    Rusli Posts: 1,012 Influencer

    Simon,

     

    Check to see, whether your Windows Firewall settings are set correctly.

     

    Go to Control panel, Firewall,  then go to Change Notification Settings.

     

    Make sure to check both  Block all incoming connections,including those in the list of allowed apps and Notify me when Windows Firewall block new apps  on BOTH Private Network Settings and Public Network Settings.

     

    And try again. 

     

    See if you get the same results. 

     

    Then feedback to F-Secure Beta team.

  • Rusli
    Rusli Posts: 1,012 Influencer

    Blackcat,

     

    Correct!!!

  • Rusli
    Rusli Posts: 1,012 Influencer

    Hi All,

     

    Have  anyone tested the F-Secure IS2014 with Windows 8.1 Preview???

     

    Download the Windows 8.1 iso preview here.(Preview means BETA VERSION, Use at your on risk! )

     

    http://windows.microsoft.com/en-sg/windows-8/preview-iso

     

    Before installing Windows 8.1 Preview.  (Only a fresh install, not applicable for upgrades!)

     

    Make sure you have all your Data Back up. And Make sure you have an Original Windows Disc when you first purchase your computer. Some computer vendor require you to do Recovery Disk. (like HP, Acer, etc)

     

    Download all the drivers that needed before installing Windows 8.1.

     

    There are number of cases that the Windows 8.1 preview version are not stable!

     

    Use a spare hard disk.

     

    Do not use your main daily work harddisk to install Windows 8.1.

     

     

     

     

  • Simon
    Simon Posts: 2,667 Superuser

    @Rusli wrote:

    Simon,

     

    Check to see, whether your Windows Firewall settings are set correctly.

     

    Go to Control panel, Firewall,  then go to Change Notification Settings.

     

    Make sure to check both  Block all incoming connections,including those in the list of allowed apps and Notify me when Windows Firewall block new apps  on BOTH Private Network Settings and Public Network Settings.

     

    And try again. 

     

    See if you get the same results. 

     

    Then feedback to F-Secure Beta team.


     

    I don't think I have the 'Change Notification Settings' option - this is Windows XP Firewall.   I have a list of 'Exceptions', which are all programs I know and use.  I have just removed the exception for one of them, and the program still works, so I don't know what that proves, as it's a 'good' program anyway.  Sorry if I'm being dumb, but I'm not sure what you want me to try to prove.  I thought I'd already determined that my Firewall is working correctly, with it passing both the Shields Up and PC Flank tests as 'Stealthed'.  

     

    Can I also just add that although I'm testing a beta, this is my main machine, so I am not inclined to take too many risks, just to try to make F-Secure fail, when it appears to be working as it should.  Smiley Happy

  • Rusli
    Rusli Posts: 1,012 Influencer

    Simon,

     

    You are using Windows XP.

     

    You've got to inform F-Secure that If I were to use your product, F-Secure Internet Security 2014 , that my computer is not adequate to have a highest level of protection by using a integrated Windows Firewall.

     

    I keep emphasising these to F-Secure. To make use of their own Firewall instead of ready made Windows own Integrated Firewall.

     

    Many Customers or Users did not like the idea of using Windows Firewall.

     

    The level of protection using a Windows Firewall is zero!

     

    I have tested myself and I still have someone remotely control my computer.

     

    F-Secure started using these since the Mac Antivirus!

     

    I suggesting to F-Secure to discontinue using Windows Firewall!!!

     

    It is not secure!

     

    Having to rely on DeepGuard is not enough.

     

     

     

    Well the reason as to why I try to explain it to you to disable the router firewall is to check to see how risky is using a Windows Firewall. 

     

    Regardless which Windows OS you are using.

     

    I do not know whether F-Secure get this!

     

     

     

  • Simon
    Simon Posts: 2,667 Superuser

    I will feedback to F-Secure, but I can't really state that my firewall is insecure, as it's actually passed all of the tests I've thrown at it!  I have a feeling, though, that they won't want to develop further support for Windows XP Firewall, as XP itself will be coming to the end of its life next year.  That said, thousands of computers will still be running it for years to come.

     

    Would a stand alone firewall, such as Comodo, work alongside F-Secure on Windows XP?  I think this has been asked before, and it's generally not recommended to have two firewalls running side by side.

     

    One thing that does bother me about the Windows XP Firewall is that even with the box ticked to notify of new connections, I have never been asked to permit an incoming connection, yet 'Exclusions' have appeared that I haven't myself actioned, to my knowledge.  That said, all of the Exclusions are programs I know, and would have permitted anyway, but where have the exclusions come from?

  • Simon
    Simon Posts: 2,667 Superuser
    Actually, I've just realised, would it have been FSIS that added the Exceptions to the Windows Firewall? If so, sorry for the stupid question! It still would have been nice to have been informed, though. All it needs is a little pop up notification.
  • Van még mit erősíteni a tűzfalon...

     

    comodo-F-secure test.png

     

    http://img822.imageshack.us/img822/9384/wfg.png

     

    Az eredmény egyenlőre gyenge...

  • Rusli
    Rusli Posts: 1,012 Influencer

    jollyjoker,

     

    please feedback this issues and make the matter known to F-Secure. At F-Secure beta site.

     

    F-Secure Beta Team, please take note of the issues!

     

    I have informed you guys via the survey form. 

     

    So I am not sure whether you take note of the problem with using Windows default firewall.

     

    Like I said F-Secure, the Windows Firewall is not secure!!!

  • Rusli
    Rusli Posts: 1,012 Influencer

    Jollyjoker,

     

    As of today, (now) F-Secure's Deep Guard  have detected and block Comodo Firewall Leaktesting.

     

    You still can choose either option to allow or to block.

     

    Please do a test again to confirm this.

     

    Thank you.

  • Rusli
    Rusli Posts: 1,012 Influencer

    Hi All,

     

    I have submitted the report both to F-Secure SAS Team and the F-Secure Beta Test Team on this Issues.

     

    Here is the reply from the F-Secure SAS Team,

     

    Hello,

    Sorry for the delay in replying this inquiry.

    Kindly be noted that Matousec does not test with real malware.
    We focus on detecting malware that is seen in the wild. You can refer to our excellent protection score in both AV Test and AV Comparatives tests.

    We have analyzed the Matousec test results.
    Detecting those Matousec tricks & techniques that are also used by real malware have been added to DeepGuard roadmap.

    Should you have further concerns, please do not hesitate to email us again.

    Best regards,
    --------
    F-Secure Security Labs              http://www.f-secure.com/weblog/
    F-Secure Corporation                http://www.f-secure.com/

  • Rusli
    Rusli Posts: 1,012 Influencer

    This is an awkward test that I find weird with F-Secure Deep Guard. 

     

    And I found to be really horrible.

     

    Inorder to pass the GRC leaktest.

    --------------------------------------------

     

    if you wanted to PASS the test with GRC Leak testing, this is steps which you need to do.

     

    https://www.grc.com/lt/leaktest.htm

     

    1.  Run grcleaktest.

     

    2. Deep Guard detect and prompt.

     

    3. I trust the application. Let it continue.

     

    4. The go to F-Secure Tools, Select Application permission, click details to block or click the applciation select to deny.

     

    5. Go to GRCLeaktest and select test for leaktest.

     

    6. And you will get the  "Unable to connect".

     

    Then GRCLeaktest will pass the test.

     

    As for the Comodo Firewall leaktest. I will not get a perfect score of 340/340!!!

     

    If I do a first test I get a score of 190/340. That is bad!!!

     

    I find Deep Guard very weird.

     

    if you want better results than this.

     

    Again, you have to do the awkward test like the followings:-

     

    1. Run clt.exe file.

     

    2. Deep Guard detect to block it. And CLT program launches.

     

    3. Select Exit. for the CLT program. (Don't click the test  button, just exit)

     

    4. Go to F-Secure tools, Application permission. Select Allow clt program from block. click close.

     

    5.run clt.exe again.

     

    6. Goto F-Secure tools, Applications permission, Select Block or Denyt this time under the clt.exe file. click close.

     

    7. Click on Test for the clt.exe file.

     

    8. Then you will see that the Deep Guard prompts again to block. Click close.

     

    9. Then will see the score 260/340.

     

    So that is the Awkward Tests that you have to do.

     

     

     

    As for the actual test is in this manner.

     

    1. Run GRCleaktest program.

     

    2.  Deep Guard detects it.

     

    3. click ok to block.

     

    4. GRCleaktest launches.

     

    5. Application Block prompts from Deep Guard. Click close.

     

    6. Select test for leaks from GRCleaktest, it will not run anything! Connecting.... and it will stuck there forever. And failed the GRCleak test.

     

     

    As for the Comodo Firewall leaktest.

     

    1. Run CLT.

     

    2. Deep Guard detects. Click ok to block.

     

    3. CLT program launches.

     

    4. Select test button.

     

    5. CLT program will be block. And will run the program.

     

     

     

    The next one, this is a bug that I found with GRCLeaktest.

     

    Okay go to the F-Secure Status settings, Deep Guard options and click all the tab options. Yeah Including the "Use the compatibility mode (lower security).

     

    And you know what GRCleaktest failed the test. And firewall leaktest is penetrated!!!

     

    That is a bug... Deep Guard did not detect when the program runs!!! 

  • Simon
    Simon Posts: 2,667 Superuser
    This is why we so very much need some manual options in DeepGuard, so that the user can have some control over which programs are allowed or blocked. It would also be much better if DeepGuard listed ALL programs that it had allowed or blocked, which, again, would give the user far more control.
  • Rusli
    Rusli Posts: 1,012 Influencer

    Simon,

     

    Windows Firewall really sucks!!

     

    Big time!

     

    I wonder why F-Secure still using Windows Firewall.

     

    That goes the  same to the F-Secure Mac Antivirus.

     

    F-Secure still want to use Integrated Firewall.

     

    Where is the protections???

  • Rusli
    Rusli Posts: 1,012 Influencer

    Did any one of you here beta testers, do the steps that I mentioned above???

     

    Did any one of you here  get the same similar results???

     

    {Please, please feedback to F-Secure.  This is terrible} Base on my findings.

This discussion has been closed.