64x Vista firewalls..?

[snadge]

which firewalls work on vista 64bit>?

im testing some using leaktests and comodo failed 60% of tests

 

[Thao]

This thread will prove useful.

 

[Chappy]

which firewalls work on vista 64bit>?

im testing some using leaktests and comodo failed 60% of tests

That's unusual and would prompt me to think that you don't have Comodo setup properly or are using the Leak tests in the wrong way.
Matousec Firewall Testing has the most comprehensive testing suite to check firewalls (intrusion, leak, performance, etc) and Comodo is the highest ranked Free firewall at 95% (10+).
Many leak tests are also easily subverted simply by another program's network rules too so you have to be careful when using Leak tests without following a strict ruleset. I have tested Comodo myself in it's default state and found that it caught every attempt to circumvent the system and all leak attempts were stopped and the user prompted for action. I used to decompile and analyze unknown malware for AV and AntiMalware companies so I know how to configure the tests properly, I also know that many users don't use them properly (leak tests) too and get skewed results because of that.

I suggest you pop into the Comodo User Forums and chat with some of the folks there about the problems you're having with Comodo. They'll help you find out what you're doing wrong to get these failures on simple leak tests.

 

[snadge]

I never got comodo set up wrong at all - default settings like most users have it..
I used 10 of the 26 tests from Firewall Leak Tester and it failed 6 of them

its probably those tests running in 64-bit Vista thats the problem but some did get past when the firewall said it blocked it... I tested Webroot aswell and got about the same result..?

according to http://www.firewallleaktester.com/tests.php
comodo is 2nd worst firewall u can have and Jetico , Kaspersky & Outpost are the best - its outdated by about 2 years by the looks of it

 

[joel406]

That survey is 2 years old. Kaspersky has pretty much fallen way down that list. And while Jetico is a good firewall, it will drive you nukin futs.

Comodo is the only way to go really. That or Vistas firewall, which is really quit good.

 

[mastoark]

Yea Comodo right now is the best firewall for 64 bit right now, hopefully Online armor and Outpost will have something out for 64 bit soon....

 

[Chappy]

Hi snadge

Try Matousec for your firewall info. They have the most comprehensive testing suite used and update it constantly. The results page may change your opinion on some products.
And that info you linked is far too old to be useful, many product updates have occurred since then and these results are no longer valid. The Comodo version tested there was 1.1.00 which is WAYYYY old, as we are at version 3.5.54375.427 right now, and those test results were for W2K and XP....terribly outdated info.
Also they incorrectly worked simply with Leak tests and that's only a small portion of what a good firewall should do.

 

[mike-cow]

I've said it before, and it's worth iterating... The matousec site is charging the companies to run full tests on software. It means that they do NOT run the same battery of tests on everything. That makes the information unreliable and biased, as they benefit from tweaking the results to make paying "customers" look better...

 

[mastoark]

While this company does make money varius ways the outcome of these tests are real and accurate.... Some firewalls have more built in features than others and will do better than other firewalls with less built in features,, they explain this on the website, maybe in different words than mine but they are explained



Here is a quote from their site on the paid version that the do for the vendor, that the vendor must pay for.....

"Every vendor has a right to request a paid Firewall Challenge testing, in which case its product will be tested in all levels regardless the results on each of the level"


I dont think they are perfect but imo one of the best firewall test sites out there atm... They treat every firewall the same regardless of their features that could be the only negative thing i can think of them, but is that really negative?

Take any one of their high rated Firewalls and try them, I dont think anyone would be dissapointed...... personally i did not make my decision based on Matousec site for using a firewall, I read security forums like castecops and wilders and kinda got a idea what the majority of people there recomended and where liking and made my decision based on that.....


I will have to disagree about the info being unreliable and biased, regardless if a vendor pays or recieves the data for free the results are not unreliable.....

I dont think this site is the Holly Grail, but they are very informative to anyone wanting info on Firewalls

 

[snadge]

all compare sites are like that nowadays and its wrong really - for e.g. shopping for cheap car insurance with an online go-compare didnt have the cheapest company on their database which was CHURCHILL -

 

[dsiban]

I've been looking for a software firewall as easy to use as Sygate was on WinXP. Let me say first, I'm behind a router NAT firewall so I'm not really concerned about incoming attacks. What I was looking for was a firewall that would let me control outbound connections. I tried Comodo for about 6 months and finally got fed up with it. They've gotten to be like Norton, a big ol' suite of programs that I really don't need, and it just slows down my PC.

What I found was VistaFirewallControl, yeah seems to be all one word, but I really like it. It basically gives you control of outbound connections using the in built Vista firewall. It isn't the Vista firewall but it uses Vista components of that firewall. Look at their website, it explains it.

For example if I decide Steam doesn't need to connect to the Internet for awhile, I just right-click on the tray icon and choose Steam "disable all." The program does pop-ups like Sygate when new programs are trying to connect and you decide which connect. The first time your browser tries to connect (even IE) it asks if it should connect.

Vista does have a decent firewall shipped with it, but I probably wouldn't use VistaFireWallControl if I was directly connected to a modem. But for outbound program control, it looks excellent.

 

[Chappy]

I've said it before, and it's worth iterating... The matousec site is charging the companies to run full tests on software. It means that they do NOT run the same battery of tests on everything. That makes the information unreliable and biased, as they benefit from tweaking the results to make paying "customers" look better...

Hi Mike

While I understand your concerns regarding the charges for a products testing, I don't think you have fully read why there are charges for some testing. It's pointed out on their site in the "Methodology & Rules" section in detail. This kind of involved testing does not come easily and therefore is also not cheap, if we wanted free and cheap testing facilities, we get cheap results too.

As it's stated in this section:

Every vendor has a right for its product to be tested in Firewall Challenge for free two times in six months period and this right is valid only for stable and publicly available versions of the products. If a vendor offers more than one product it still has a right of only two free tests per six months. Moreover, next free testing of a product will be performed no sooner than one month after the last free testing. This rule should prevent vendors from using Firewall Challenge testing as a free beta testing service. The exception from this rule is for vendors that offer two versions of the same product, from which one is available free of charge and the other one is a commercial version with some extra functionality and these version are likely to have different results in Firewall Challenge. The second and the last exception from this rule is for vendors that offer a product with an antivirus engine and mark any of the tests of Security Software Testing Suite as a virus, an infected code, an unwanted or malicious application, or offend any part of the suite directly using pattern recognitions or any other form of blacklisting. We have experienced such a behaviour in the past in case of leak-tests, this approach deceives the users of such antivirus engines and make the testing more difficult for us. The vendors who offend the testing suite have no right for free testing at all but can still request a paid testing.

There are specific reasons that there is a charge for testing after the free testing rules have been reached, and they are valid reasons. They can't do all this work just to satisfy another company's whims or act in place of that company's own testing procedures, and this is why there is a charge at some point.
It's NOT a case of "Paid Sponsorship" by any vendor, which I am completely against because too many times the testing facility incorrectly swayed to the sponsor's product simply to keep the cheques coming. This is a charge to keep vendors from misusing the test facility in place of having their own personal product test lab.
I see no reason to think it would sway the testing results in any manner, in fact I think the way it's implemented helps keep the vendors honest.

 

[SIW2]

Hi ,

I use Vista Firewall Control. Seems to do a good job, light on resources, easy to configure. I'm using the free version.

Vista Firewall Control : Sphinx Software

Curiously, my startup time is 5 -6 seconds quicker with it installed. The Welcome screen and Desktop loading is faster.

SIW2

 

[mike-cow]

I see no reason to think it would sway the testing results in any manner, in fact I think the way it's implemented helps keep the vendors honest.

Most software companies will not pay for a test where they don't *know* they will get a good result. So it's in the testers interest to make sure tested paying companies products get a decent result, or they won't pay for more tests...

I'm not talking about honesty among vendors, I'm talking about trusting the testing... As long as the testing company gains money directly from the companies behind the testing products, the results will be untrustworthy. The money *has to* come from unaffiliated sources that don't directly benefit from any particular result.

Would you trust a test of some new medication that was paid for by the manufacturing company?

 

[Chappy]

Hi Mike

Again tho, all vendors are entitled to FREE testing within certain time limits. The only charges come if a company tries to get the testing done too many times in a short period of time. As stated, this is to keep Matousec from becoming a free alternative to the vendor's own testing, so it's not a case of the vendors being charged for initial testing and therefore that point is invalid.

Using your analogy, if the testing for the meds is first carried out for free but the results are bad, then the company makes a tweak and without doing their own in-house tests, they just ship it out for the other lab to do. The outside lab is being used in place of the product's own in-house testing facility and I can see the company not wanting to waste their resources doing this, so yes..a charge for this would easily be warranted in that case.

The initial tests are free, twice in 6 months actually, so that would also cover a product update in the free test rule. And this also means that after 6 months have passed, the vendor is eligible for free testing AGAIN..up to twice in six months. I totally get this reasoning and in fact I find it More than fair to the vendors.

 

[mike-cow]

Chappy, Let's just say that we don't agree and get on with our lives.

 

[JayClericus]

went with the vista inbuilt firewall, no loss of fps on fast games like I used to get

 

[mike-cow]

went with the vista inbuilt firewall, no loss of fps on fast games like I used to get

As long as you are aware that it's only barely better than no firewall at all, that's just fine.

 

[dsiban]

Vista's firewall with a 64 bit version of Vista is a decently secure machine. Add a good AV program like NOD32, you're pretty well locked down.

 

[mike-cow]

Vista's firewall with a 64 bit version of Vista is a decently secure machine. Add a good AV program like NOD32, you're pretty well locked down.

Running Vista 32 or 64bit won't make any difference at all security wise though. And imho there's no such thing as decent security, it's either good or bad.