Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    4 Star Lounger
    Join Date
    Mar 2001
    Location
    New Zealand
    Posts
    541
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I have just installed Norton Internet Security 2010 which is supposed to have a 2-way firewall. I have just logged on to Gibson Research Center and tried their Firewall Leak Test which showed fail, firewall pemetrated, with this comment "LeakTest was not prevented from connecting to the Gibson Research web server. You either have no firewall, you have deliberately allowed LeakTest to connect outbound, or (if neither of those), LeakTest has just slipped past your firewall's outbound "protection", if any.

    Does this mean the Norton firewall is sub-standard? A phone call to Symantec resulted in them saying if the main window of their product said "Secure" then all was working correctly.

  2. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Does this mean the Norton firewall is sub-standard?
    No not necessarily, you would do well to look over the firewalls faq sheet and fine tune the advanced properties accordingly.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  3. #3
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,162
    Thanks
    47
    Thanked 976 Times in 906 Posts
    Leaktest attempts to connect to the GRC web site from your PC. Norton should warn you that a program is attempting to access the internet and ask if you want to allow this. This behaviour in Norton should be configurable via the options.

    cheers, Paul

  4. #4
    Star Lounger
    Join Date
    Dec 2009
    Location
    Finland
    Posts
    56
    Thanks
    1
    Thanked 1 Time in 1 Post
    So how secure is Win7 firewall? Not very, since it didn't ask anything and let Leaktest bypass just like that. Better start looking elsewhere in security issues.

  5. #5
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,568
    Thanks
    5
    Thanked 1,056 Times in 925 Posts
    Quote Originally Posted by ripley View Post
    So how secure is Win7 firewall? Not very, since it didn't ask anything and let Leaktest bypass just like that. Better start looking elsewhere in security issues.
    The OP asked about Norton Internet Security not Win7. Your post makes no senses in that context.

    Joe
    Joe

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by philkiwi View Post
    Does this mean the Norton firewall is sub-standard?
    The average user is, understandably, annoyed by having to answer multiple prompts for permission -- remember the Vista UAC prompts? Therefore, I believe most software firewalls now are configured to launch in a quiet "learning" mode by default. If you prefer a more paranoid mode, you will need to set that for yourself.

  7. #7
    2 Star Lounger
    Join Date
    Feb 2010
    Location
    U.K.
    Posts
    113
    Thanks
    0
    Thanked 19 Times in 14 Posts
    Quote Originally Posted by philkiwi View Post
    Does this mean the Norton firewall is sub-standard? A phone call to Symantec resulted in them saying if the main window of their product said "Secure" then all was working correctly.
    The Symantec response proves they are selling rubbish.

    It is possible that something is wrongly configured and the leak-test failure is not due to a Norton Fault.
    Wait a bit - I looked out the window and saw a pig flying past.

    The essential fact is that the Gibson code was not prevented from "phoning home",
    so any malware on your machine would also be able to phone its home and disclose all you private stuff.

    I can understand that a Firewall could make a mistake and let something out.
    I can understand that it would not REALISE it had let something out and therefore continue with the pretence that it is "Secure".
    I CANNOT understand a Norton agent SAYING that a leak-test failure should be disregarded and that their Firewall is working correctly.
    Perhaps by "working correctly" the agent actually MEANT "we never managed to fix this - it is working NORMALLY".

    Whatever the reason for this leak-test failure, that failure indicates malware can phone home,
    and it was grossly incompetent of Norton to tell you that all was well.

    Alan

  8. #8
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by Alan98 View Post
    The essential fact is that the Gibson code was not prevented from "phoning home", so any malware on your machine would also be able to phone its home and disclose all you private stuff.
    No, I believe you have missed something here. The fact that a program not recognized as malware was able to use the network connection does not prove that "any malware" would be able to use the network connection. Comprehensive security suites should remove malware and spyware either on access (real-time scanner) or during scheduled or manual scans. It is true that there may be a gap between the time of infection and updated detection, so those who engage in risky downloading behaviors should configure their firewalls for maximum protection.

  9. #9
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,162
    Thanks
    47
    Thanked 976 Times in 906 Posts
    It's the age old "how secure do you make it without annoying the user" question. I always err on the "annoy the user" side.

    cheers, Paul

  10. #10
    New Lounger
    Join Date
    Dec 2009
    Location
    Burien, WA
    Posts
    22
    Thanks
    6
    Thanked 1 Time in 1 Post
    My firewall passed that test with flying colors, so I would suggest you dump Norton and get a better system. I'm using Vipre from SunBelt Software and someone will have to come up with a really fantastic produce for me to change.
    A former Soggy Sysop from Seattle!
    If it isn't broken by now, give me 5 more minutes!

  11. #11
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Just because a firewall passes a "leak test" does not mean it is good. It means that the vendor knew the parameters of that specific test, and specifically tuned their product to pass that test. The problem is, these "leak tests" do not reflect real-world environments. It's like creating custom "malware" which does not exist in the field, and then tuning your predictive heuristics to block or remove that particular piece of lab-created artificial code. Again, if vendors pay the "research lab", they can get a preview of the specs for the upcoming tests, and tune their products to pass those tests. Matousec has done this with Outpost, and they were totally discredited on that basis. So these tests must be taken with a very large grain of salt, especially if the testing lab is a for-profit company.


    Comodo has complained for years about the lack of objectivity of Matousec, even though their firewall consistently passes the tests with flying colors. Gibson Research is much more trustworthy than Matousec, but I still believe that some vendors were tipped off before the tests, and made specific changes to their products in order to gain higher scores. Call me paranoid, but I do believe that a company can be bought off -- even Gibson.

    Norton as a complete suite has passed all INDEPENDENT lab tests with flying colors. There is also nothing wrong with the Windows 7 or Vista firewall -- both versions will keep you safe enough for almost any legitimate purpose on the Internet, when combined with adequate antivirus (Microsoft Security Essentials) and antispyware (Super Antispyware) scanners and perhaps some web shields, or a safer browser (like Firefox or Chrome).

    How safe do you need to be? What do you do on line which puts you at greater risk? Can you control or reduce these risks? Are you a careful web surfer, or do you click on anything which flashes at you? If a security alert pops up, do you always click "allow"? And isn't that the same as if the alert never came up, and the security program did nothing to protect you? Ninety-nine plus percent of the time, the problem with on line safety lies between the keyboard and the chair -- i.e., the End User.

    I am currently running 64-bit Windows 7 Home Premium with MSE and the out-of-the-box Windows 7 firewall. Nothing else active. I browse with Chrome with only a few privacy Extensions (including a nice one which blocks Google Analytics). I patch as advised. And I maintain a good, clean Acronis backup of the System and Windows partitions on an external drive which never connects to the Internet. Am I safe? Safe enough. Am I going to worry that I could be safer? No, I have better things to do with my time.

    Norton is perfectly fine security software -- in fact, it is overkill, and that is why I do not use it. One of the first things I did on this laptop was to remove the pre-installed Norton Internet Security Trial Subscription software. But if you like Norton, keep it. It will serve you well, even without raising it to "paranoid" security levels.
    -- Bob Primak --

  12. #12
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,162
    Thanks
    47
    Thanked 976 Times in 906 Posts
    Norton as a complete suite has passed all INDEPENDENT lab tests with flying colors.
    Citation please Bob, not that we don't trust you. ;-))

    cheers, Paul

  13. #13
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by P T View Post
    Citation please Bob, not that we don't trust you. ;-))

    cheers, Paul
    AV Comparatives, AV-Test.org, and Dennis Technology. Citation. (OK, it is a Symantec Press Release, but they have links to all their citations). And I also read somewhere else (PC Magazine?) that NIS 2010 passed West Coast Labs tests with very good marks.

    I knew someone would call me out on this one.
    -- Bob Primak --

  14. #14
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,162
    Thanks
    47
    Thanked 976 Times in 906 Posts
    These reports are possibly not reliable.
    AV-Test.org, and Dennis Technology are both private companies that were commissioned by Symantec to perform the tests.
    AV Comparatives claims to be a non profit organisation that publishes a report every 3 months. The Symantec product is rated Advanced, many other products were rated Advanced+.

    Make up your own mind.

    cheers, Paul

  15. #15
    5 Star Lounger Vincenzo's Avatar
    Join Date
    Mar 2004
    Posts
    653
    Thanks
    93
    Thanked 14 Times in 13 Posts
    Here is a link to page 2 of a discussion on this exact issue. The reason I linked to page 2 is because Message #15 has links to two PCMagazine reviews that address the Norton Firewall.

    http://community.norton.com/t5/Norto...highlight/true

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •