MntOlympus

[Phant0m``]

Hey

Well here is a description of this small comparative firewall analysis, unlike many comparative firewall analyses that exists and usually revolves around Application-filtering based software firewalls this is just the opposite, this is between Rule-based software firewalls.

This does not mean this information to be irrelevant for those of you using Application-filtering based software firewalls, in fact just the opposite; just this doesn’t revolving around Application-filtering layer specifically and its detections and prevention capabilities for leaks demonstrated by numerous leaktests.

What you see here basically demonstrates packet-filtering systems strengths and weaknesses, and gives us an idea to what to be looking for in software firewalls and what features to be asking for from the software firewall developers.

I’m in hopes that this may be seen by software firewall developers and realize their products faults or impressiveness, and if its faults, I hope they may learn by this and try to improve, and if its impressiveness, I hope they may be motivated to continue doing additional enhancements on their firewall products.

If you are a developer of a firewall product listed here or not, and you have some questions regarding some of the listings on the chart, please don’t hesitate to contact me.

And if you are a firewall supporter and you have any concerns regarding why your software firewall is lacking of abilities for security, you should contact the developer of the product and address these questions.

This small comparative firewall analysis will be maintained frequently, and improved on, so please be sure to continuously visit here the official location to keep up-to-date.

[mozar]

Very interesting comparative analysis , Phant0m , congrats .

But I would disagree about the " Easy rules creation " item score . I've used LnS for two years and I tried CHX one time . In my opinion , 8Signs has best and friendly rules' editor I've ever used .

For instance , remember that at the time LnS release , most users couldn't create a single rule without your help at the late BECKY's Forum .

And regarding CHX rules creation , well ....

Regards ,

mozar

[Phant0m``]

Thanks Mozar

You are right,
However I personally found all the firewalls to be very easy to create rules for, the problem is though if you don’t have bit of knowledge to network it can be very confusing even with Look ‘n’ Stop, there are many factors to be considered here when doing that there one ‘Easy Rule creations’.

I think I’ll knock it off the list until I give it some proper thoughts, and get some proper feedback from different users of all the recent firewall versions…

Any disagreements?

[mozar]

" Any disagreements? "

Of course not .

And I think that it is important to see a FW Comparative like yours , considering the packet-filtering design and not discussing application's filtering strenghts or even its existence - that's why we use AVs , ATs and * , isn't it ? :)

[Phant0m``]

I like basic TDI filtering, and I think we all should be using one.
Look ‘n’ Stop implemented TDI filtering very uniquely and that’s great, and it can even go beyond normal TDI filtering level right down to sandbox filtering like level without system or Internet performance suffering any and capture a lot of stuff that is demonstrated by various leaktests available out there…

And I want to be perfectly honest here, with Application-filtering technology on my system the only ways I ever have seen it benefit me thus far is controlling the windows own privacy issues (like various pre-installed Windows components phoning home..), and restricting third-party client applications connections down to a tee.

But have I ever encountered ‘In-the-wild’ type of malicious activities on my system which the Application-filtering technology I use ever stopped or less detected on my system? Definitely not, and don’t think it is because I lack in habits such like the ones that a person would have to be most ‘acceptable’ to threats, I surf all about on underground sites and all over, I download and Install, and I do the most p2p you couldn’t even imagine, I done IRC’n throughout my earlier years, and I accept e-mails and run attachments (and by the way, did I mention I use Internet Explorer and Outlook Express?). And you know what had benefited me? A good packet-filtering system, more ways than one!

Developers of many firewalls are loosing perspective on things, but I can’t blame them, implementing a feature such as application-filtering technology with bells and whistles draws a lot of attention to (as users always like to be interacting in some way, and application-filtering technology offers this more ways than one), and with all this hype with newer technology are bringing needs / wants, and focuses to improvements upon this technology are much more shown, and of course this is what’s bringing in the money.

As long as things like this continues, you will continue to see packet-filtering capabilities degrade even further (if that’s even possible now?), just take Look ‘n’ Stop up there in the comparative analysis chart, see just an idea how thrown off this product is when they implement application-filtering technology?

What you see in the comparative analysis chart for some of the things I listed, lot there can help secure our open pass-ways that you have available in through your firewalls, can help keep your system and Internet performance high and smoothly, take a great deal more powerful massive packet sends to make you time-out on servers you are connected to, shield our system from vulnerabilities and weaknesses like on the TCP/IP stack…

It’s not like we have IDS implemented into these firewalls, so it is very important that critical or very possible threats are taken care of by the developer, for various reasons really. And I believe it is just as crucial for people having an understand what they see, then a mere block message saying TCP packet dropped on 2:30AM, it is important we keep it close to informational as possible even if it is something a user can type in Google and search on even further…

Regarding the IDS implementation, I’m not asking for a full blown IDS works, but I do believe the developer of packet-filters should add basic detection and controls for some of the common malformed, Invalid, and unsolicited traffic packets that we see on a day – to – day bases…

I do have a great deal to say regarding packet-filtering systems, but I feel as if i'm knocking on wood!