TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

Senior Advisor

TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

This is a TP95 - F-Secure Internet Security Technology Preview release 95. Or version 95.

 

For those who don't know this is infact a beta version of F-Secure Internet Security.

 

So don't get confuse over a release version which I beta testing previously.

 

This is what I found out ...

 

Methods of Beta Testing.

--------------------------------

 

Eicar test files

-------------------

 

What file being block and what file did not block. Let see...

 

 

Mostly this files are being block with F-Secure TP95.

 

Download area using the standard protocol http

http://www.eicar.org/download/eicar.com 

http://www.eicar.org/download/eicar.com.txt

http://www.eicar.org/download/eicar_com.zip

http://www.eicar.org/download/eicarcom2.zip

 

Under Eicar SSL only one file is being block which is eicar.com. If you are using IE10. And if you are using Mozilla Firefox browser eicar.com and eicar.txt are block.

 

Download area using the secure, SSL enabled protocol https

https://secure.eicar.org/eicar.com

https://secure.eicar.org/eicar.com.txt

https://secure.eicar.org/eicar_com.zip

https://secure.eicar.org/eicarcom2.zip

 

Only two of Eicar SSL files are not successfully block. There is no F-Secure Notification Indicator to block these files being block. Namely https://secure.eicar.org/eicar_com.zip and https://secure.eicar.org/eicarcom2.zip

 

Software Bug, these two files are not fully block and there is no F-Secure Notification Indicator.

 

CleanUpTool

------------------

Cleanup Tool seems to work out of the box. It is infact an F-Secure Online Scanner.

 

http://www.f-secure.com/en/web/home_global/online-scanner

 

 

Firewall LeakTesting

---------------------------

Currently downloading and testing two files. One from GRC Leaktesting and the other is Comodo Firewall leaktest.

 

Both Files are block when run.

 

GRC leaktesting and Comodo Firewall are block when Deep Guard detects the two files.

 

 

If you choose to allow and trust those programs.

 

GRC leaktesting and Comodo Firewall both failed to block when allow or trust the program to run.

 

GRC leaktesting failed. Indicate Firewall Penetrated! (When allow or trust the program)

 

Comodo Firewall leaktesting failed. Indicate a 190/340 score. (When allow or trust the program)

 

 

 

Now this is the interesting part. You have to turn on one option from Deep Guard settings.

 

Now go to Status Settings, Check or tick the "Use the compatibility mode (lower security)"

 

However GRCLeaktest passed the test when this option is turn on from Deep Guard.

 

GRC leaktest says "Unable to Connect". Which is pass the test.

 

Now let's do the Comodo Firewall Leaktest. The score that I get is 290/340. With the same Deep Guard "Use the compatibility mode (lower security) turn on.

 

What failed to detect under Comodo Firewall Leaktest.

 

Rootkit Installation:ChangeDrvPath (vulnerable)

Invasion: RawDisk (vulnerable)

Injection: SetWinEventHook (vulnerable)

Injection: SetWindowsHookEx (vulnerable)

Hijacking: StartUpProgram (vulnerable)

 

F-Secure TP95 Failed the Comodo Firewall leaktesting.

 

What I did not do a test at this time. The Matousec Firewall Leaktest. However I have file a report on this matter to F-Secure Beta Team. I hope they look into the matter.

 

Verdict:- I still find that using Windows Integrated Firewall is not a option to secure your computer.

 

Malware Domain List

----------------------------

Check all the known malware domain list. Seem to detect most of it.

 

 

Online Banking

--------------------

Test most of banking site, just to see if the F-Secure Online Banking Notification is working.

 

I do a run down test and select online banking. All the local banks that I can think off detected by F-SEcure Online Banking Protection.

 

** Please do take note, I did not own a credit or debit card to test the site for online banking **

 

Help Option

----------------

Working! Via Online Internet Connection.

 

Safe Search

-----------------

Seems to be working.

 

SafeProfile

---------------

Seems to be working.

 

 

 

 

 

 

5 REPLIES 5
Senior Advisor

Re: TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

Please take note, IE 10 cannot detect these 3 Eicar SSL files:-

 

https://secure.eicar.org/eicar.com.txt

https://secure.eicar.org/eicar_com.zip

https://secure.eicar.org/eicarcom2.zip

 

No F-Secure notification to block thse files from downloading.

 

If do a Manual scan, all of these files are detected.

 

Senior Advisor

Re: TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

The big problem that I see with the ONLINE SCANNER/Cleanup Tool is that it will automatically clean/delete malware; there is no ASK. 

 

So if the malware is a false positive and it detects a "harmless" system file then there are problems. 

 

I am not running the beta; does the Cleanup Tool have a quarantine/log-file now?

 

 

Senior Advisor

Re: TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

Blackcat,

 

I don't think there is a quarantine for online security. Usually is detect and delete.

 

Maybe I'm wrong. Because this is TP95 version.

 

 

Superuser

Re: TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

The Cleanup Tool is indeed simply a link to download the Online Scenner.  There is still no indication that the application will ask before deleting in TP95.

 

Untitled-1.png

Senior Advisor

Re: TP95 - F-Secure Internet Security Technology Preview release 95 review. (BETA)

Detecting Eicar files seems to vary with IE 10, Google Chrome and Mozilla.

 

Especially with the HTTPS/SSL Eicar files.

 

F-Secure tend to fumble with these files!