F-Secure Internet Security (Release version) Trial Review.

Senior Advisor

F-Secure Internet Security (Release version) Trial Review.

Hi All,

 

I downloaded the trial version of F-Secure Internet Security 2014. This is what I found.

 

Eicar's Virus Samples Tests.

-------------------------------------

 

First stop, I do a detecting tests of Eicar's Virus samples files.

 

The only thing that I encounter while testing the Eicar's Virus sample is under the "Download area using the secure, SSL enabled protocol https".

 

There are two files which F-Secure Internet Security 2014 did not detect. Namely eicar_com.zip and eicarcom2.zip. (via the above section of Eicar's  Download area using the secure, SSL enabled protocol https links"

 

It failed to block while downloading the files. So this is the bugs that need to be fixed!!!

 

Even though I turn on the Heuristics. It's still did not detect the files while downloading.

 

F-Secure need to fine tune it's Heuristics detections. 

 

Firewall Leaktesting

---------------------------

 

Next, I do a run down tests of Firewall leaktesting via PcFlank and GRC leaktest.

 

Both passed the test,Deep Guard detect this two test.

 

However, the only thing that Deep Guard did not detect and failed the test is Comodo Firewall leaktesting.

 

F-Secure Internet Security again failed this tests.

 

http://download.comodo.com/securitytests/CLT.zip

 

I do not recommend to use Windows Built In Firewall. It's not secure!

 

I am suggesting F-Secure to use it's own firewall.

 

Malware links.

------------------

 

Finally I do a Malware URLs links from Malware Domain Lists. It detects mostly of it. So this is a good.

 

 

Internet  Banking

-----------------------

Forget to include this one, while I go to online banking sites, a F-Secure Internet Banking drop down menu automatically detected the URL.

 

Sorry, I did not own any credit cards to do online banking. So I can't test it fully. Well at least the F-Secure Internet Banking drop down menu did comes up.

 

I did not own a handphone. To test on F-Secure Mobile Security!

 

 

Quote: "I nicked name my ice cool cat as Kimi Raggynen" My cat armed with Ubuntu Linux to do Kung Fu hacking!

 

Can't hardly wait for tomorrow F1 Night Race??? Who can win??? Kimi Raikkonen??? Vettel??? Jenson Button???

 

 

16 REPLIES 16
Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

Rusli

 

thanks for the testing.

 

But if this is a TRIAL version then this thread does not belong in the beta section. 

Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

Yeah... this is a release trial version. Not a beta version.

 

F-Secure need to do some tweaking!

 

The firewall is not good enough to toughen up the security protection level.

 

This is a bad choice after all.

 

I still believe it is vulnerable.

 

I'm more worried on the firewall leaktesting. It did not pass the test on Comodo Firewall leaktesting.

 

If you do pen testing, I'm sure it can get thru the Windows firewall easily!

 

The layer of protection is still not there!

 

 

I haven't test it on Windows 8.1 preview.

 

But the build number is different from the Windows 8.1 RTM. (Actually it's already out but not official on 17 or 18 October)

 

I'm not sure if microsoft release a Windows 8.1 Enterprise Evaluation version. Currently it's only a preview.

 

I'm not sure whether my CPU support to run on it. It's require certain CPU capability on 64 bit version.

 

The computer that I'm running on is way too outdated!

 

 

Superuser

Re: F-Secure Internet Security (Release version) Trial Review.

Regarding the Eicar tests, I had the same results as Rusli, and was also concerned, especially as Windows Defender blocked the two downloads that FS failed to.  I raised this with the beta team, and received the following response:

 

"We don't intentionally scan files that can not harm your computer. When you rename the eicar.com.txt file to executable (eicar.com), it will be immediately blocked and you will not be able to execute it. The same with zipped files, when you extract the offending file, it will be blocked at that point."

Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

Simon,

 

Same here. I did have the same problem as you. However I have submitted the issues known to F-Secure Beta Team.

 

It caught by Windows Defender.

 

But I did a redo teston by disabling the Windows Defender service.

 

 

But still it cannot detect anything from Eicar's SSL HTTPS file eicar_com.zip and eicarcom2.zip files.

 

F-Secure suppose to detect and block from downloading those files!

 

So I believe this is a real bug!!

 

 

So what I did was to download the files that I mentioned.

 

https://secure.eicar.org/eicar_com.zip

 

https://secure.eicar.org/eicarcom2.zip

 

 

 

But when you do a full scan it detected those files.

 

F-Secure need to fine tune the Download block of these files.

 

The Heuristic need to fine tune.( I did turn the heuristic option!!!)

 

 

I have informed the F-Secure Analysis Team. By submitting the two files. And including the Comodo Firewall leak testing.

 

Deep Guard Failed on detecting Comodo Firewall Leak Testing.

 

F-Secure need to detect those rootkits vulnerabilities. It cannot detect any testing done on Comodo Firewall Leak Testings!

 

 

I hope F-Secure Finland read this messages!

 

As you would already know, I can't email F-Secure Beta Team directly.

 

As the channel have directed to F-Secure beta sites!

 

 

So, I already let the matter known to them.

 

I hoping they get the message and do something to it.

 

 

Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

Seriously, my opinon, F-Secure need it's own firewall !!!

Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

If you are a person who worries over any possible outbound leaks on your PC, then leak tests may be relevant.

 

Many people, including myself, however, view leak tests such as the Comodo one as worthless, attempting to test HIPS against scenarios that have no real bearing to real world malware. Even if malware did use some of the techniques in the Comodo LT/other leak tests, any good anti-executable would stop the malware before it launched.

 

F-Secure have given their reasons why they have dropped their inhouse firewall and gone for the present one, using the basic Windows firewall for basic functionality. 

 

If users are still concerned about possible outbound connections, just use a "Windows Firewall control program"; and there is a lot of them about now;  http://www.binisoft.org/wfc.php

 

Capture 2.GIFCapture.GIF

Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

I did try to install a third party firewall on top of F-Secure Internet Security 2014.

 

Such as Privatefirewall.

 

And come to find out that F-Secure only supports natively Windows Integrated Firewall.

 

So there is no way of you to change other firewall software to run.

 

So, if you intend to use F-Secure Internet Security 2014 and wanted to use other firewall like Comodo on top of F-Secure IS2014.

 

It's not possible!!

 

It will disable the Windows Integrated Firewall!!

 

I've done that. And it not advisable to use other third party firewall program with F-Secure Internet Security 2014.

 

 

 

Blackcat, can the firewall which you mention can run along side with F-Secure Internet Security 2014???

 

Under Matousec reports, F-Secure built in windows firewall failed many tests.

 

http://www.matousec.com/projects/proactive-security-challenge-64/reports/PSC64%20report%20-%20F-Secu...

 

Go to the link above and see the review that Matousec done testing with F-Secure Firewall.

 

Don't be surprise of many failures!!!

 

Okay, look at the ranking of firewalls results from matousec.

 

http://www.matousec.com/projects/proactive-security-challenge-64/results.php

Superuser

Re: F-Secure Internet Security (Release version) Trial Review.

Surely though, if you were to install a third party firewall, you would disable the Windows Firewall, and the third party one would run independantly from F-Secure, as you would turn the F-Secure firewall setting to Off.

With respect, I can't help but feel that you may be overly concerned about the lack of an integrated firewall in FS, and I do agree with Bleckcat's comments above.

What I would like to see, though, is more user interaction with DeepGuard and the Application Control. It really needs an option for the user to be able to add or deny permissions for themselves. To be honest, the Windows Firewall is not the easiest to adds or remove permissions from manually.
Senior Advisor

Re: F-Secure Internet Security (Release version) Trial Review.

@Rusli

 

Windows Fire Control is not a firewall; 

 

"Windows Firewall Control is a nifty little application which extends the functionality of the Windows Firewall and provides quick access to the most frequent options of Windows Firewall. It runs in the system tray and allows user to control the native firewall easily without having to waste time by navigating to the specific part of the firewall. This is the best tool to manage the native firewall from Windows 8, Windows 7, Windows Vista and Windows Server 2008. Windows Firewall Control offers four filtering modes which can be switched with just a mouse click: "

 

It probably will not help in the leak tests but it will block any outbound connections which do not match a rule. I have tried it for a short while with F-Secure and although there did not appear to be any incompatibilities it was not a long term test.

 

 

Capture.GIF

 

 

Capture 2 .GIF

 

 

I know of Matousec's tests and I consider them as worthless as Comodo's for the reasons I gave above.

 

Windows Firewall is good enough for the majority of users if they are behind a router and it is an even better choice with Advanced security settings. 

 

Capture 3 .GIF

 

 

 

But if you want to dig deeper into the settings then you will find one of the Windows Firewall Control programs offer an easier-to-use interface; these include Sphinx Firewall Control, and the one above, BiniSoft Firewall Control.

 

Outbound protection is overated in my opinion;  Data/Information flows out from incoming connections and in from outgoing ones. Therefore you mostly only have to worry about incoming connection attempts since they are the ones that can be used to steal your data. The only way personal data for example can be stolen is by keyloggers and possible interception of wireless signals and the like but in these cases firewalls offer no protection.  

 

Overall, IMHO, the Windows Firewall with F-Secure IS 2014 and a NAT router should be sufficient at least 99% of the time.