Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firewall Testing


  • Please log in to reply
4 replies to this topic

#1 amadaemon

amadaemon

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland U K
  • Local time:12:48 AM

Posted 21 August 2008 - 05:34 AM

Due to a bad experience when posting this on another site all I will say is what I've done without giving names.
I'm running XP pro and being just past the 'Dummy' stage, I have been experimenting with Free Trials of Firewalls.
To test the one I'm using at present I ran the first 2 tests with it ON ( Windows F/W OFF )
Then with it OFF and Windows F/W ON
My last test was done without any Firewall enabled.
In every test my true IP address was not displayed but more importantly EVERY test gave the same result.
I would be interested in what firewall you recommend and where you tested it.
My current Firewall + Test site used can be had on request.
Amadaemon

BC AdBot (Login to Remove)

 


#2 lucent

lucent

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 21 August 2008 - 09:32 AM

It's a bit hard to say without disclosing how your firewall was tested.... Going on the assumption that your firewall is working because it doesn't show up on a firewall testing site doesn't really mean a lot. Are you running through a proxy server by the way?
I haven't been here in a looong time, but I can tell you that there is no chance of anyone flaming you or abusing you because of your choice of software or testing site. We really need more details to help you out, we are a friendly mob here and rarely bite unless truly provoked :thumbsup: just kidding. So let us know what you have and how you tested it as it will make it a lot easier to help with your question.
As for what firewall I use, that's a tricky one as I work in the security field and tend to roll out my own firewalls (linux and bsd based). I have recommended and implemented a few personal (as opposed to enterprise) windows based firewalls lately but my favourite (stand-alone and not part of a security suite) is
Comodo Personal Firewall. This in my opinion is an awesome product and beats some/most of the commercial firewalls that are about the place. What's more is it is free :flowers:, but if you want you can purchase an upgrade to the pro plus pack. Although I doubt that you would need too unless you are filesharing or have some other good reason to be worried.
Really it all comes down to user preference, no doubt other people will have different recommendations and they will right as well, but when it comes down to it, it's what you feel comfortable with. For instance I like to know exactly what is happening, why it's happening and where it's going to (or coming from).
As to how I test them, I conduct my own scans an audit them myself... someone else here might have to help you with that one.
Hope this helps.
Cheers, Lucent.
Posted Image
Special thanks to efizzer for the signature

#3 amadaemon

amadaemon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland U K
  • Local time:12:48 AM

Posted 21 August 2008 - 01:20 PM

:thumbsup: :flowers: Thankfully I have a BIG mouth as I have just put my foot in it again.
When testing Agnitum Outpost Security Suite 2009 using Shieldsup at https://www.grc.com/x/ne.dll?bh0bkyd2
I thought my test results were wrong. My IP address data from IPCONFIG did not match what was shown on the web site, I have now found out the IP address was as in my Router (Netgear)
All I have to do now is find out how to test my firewall with Router F/W disabled.
Amadaemon

#4 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:48 AM

Posted 21 August 2008 - 01:51 PM

I agree with lucent Comodo is great, I too test a great many free firewalls to see how well they work inbound and outbound. If you are using a router that should have a hardware firewall inside which should add to your protection level as you will in essence have a hardware firewall and a software firewall.
Regards,

Alan.

#5 lucent

lucent

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 21 August 2008 - 11:07 PM

Amadaemon,
Lol, don't be too hard on yourself buddy it's a fairly common mistake to make. I take you mean you were expecting address similar to 10.0.0.* or 192.168.2.* etc. As you seem to have noticed this is your internal network IP as opposed to your external IP address.
You don't need to turn off your router firewall, nor should you by the way. If you want to audit your pc's firewall you are best off doing it from another computer on your local network. However, you really don't need to test it, if you study up on what all of the features of your chosen firewall are and what they do you should be fine. To test a firewall you really need to know a fair bit about networking and TCP/IP and all of the other protocols for anything to make sense. For example how does the computer respond to netbios datagrams? Does it send a syn/ack or rst packet or does it drop the packet silently? If this makes no sense to you then you probably don't want to worry about doing an audit yourself. The firewall GUI is there so you don't have to deal with the technical stuff allowing you to enforce policies in a (somewhat) non-technical manner.
However if you cannot be dissuaded on this matter send me a PM and I can offer some links for some testing software, but as stated before you must have a fair knowledge of the network stack and network protocols to make a reasonable and valid judgement of the results. As these applications are built for network/system administrators it is generally taken for granted that the end user has sufficient knowledge to both perform and review the results.
Oh and by the way, if you are looking into a security suite package, in my opinion you can't go past Kaspersky Internet Security. It's not free and has a subscription based price point. I think it's the dog's bollo.... well to put it nicely, I think it is the bee's knees :thumbsup:
Again, don't be afraid to ask questions here as we will help out as much as we can.
Cheers, Lucent.

Edited by lucent, 21 August 2008 - 11:15 PM.

Posted Image
Special thanks to efizzer for the signature




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users