Sign in / up

back to article Most security products not up to scratch

Only four per cent (one in 25) information security products pass muster when first tested under a widely-used industry kitemark scheme. Most products require two or more cycles of testing before achieving certification, according to security testing outfit ICSA Labs. ICSA Labs, which has tested anti-virus and firewall …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Version 1.0 Silver badge
    IT Angle

    Permit all

    Given that every consumer grade firewall that I've ever used has the generic "permit all" policy for the LAN ... it's hard to be very surprised about this.

    http://www.ranum.com/security/computer_security/editorials/dumb/index.html

    0 0
  2. KarlTh

    What am I missing?

    Firewalls let stuff through? How hard is it? Isn't it a simple case of "computer says no", unless there's an exploitable bug in the FW software itself.

    0 0
  3. CaptSmegHead

    More details

    so, which products should i be buying and which should i be avoiding?

    0 0
  4. Anonymous Coward
    Happy

    Too clever

    I use pf on my OpenBSD box. In case you don't know, this is "packet filter". It is very simple. It does a very good job - it keeps out everything I need it to, and keeps IN everything I don't want escaping. It never needs updating. It works.

    Your typical Windows firewall if full of whizzy graphics which don't actually do anything useful, and they are too clever for their own good. I don't know why they need "updating" every five minutes. Blocking a port will be the same today as it is tomorrow. Why would an "update" help. They are also mostly opaque - i am using zone alarm on my little laptop at home. I have no idea if it's doing anything useful or not. It seems to have a life of its own. All I would like to do is allow ports 80, 443, 83, and a few others outgoing, and block pretty much everything else incomming. I can't find how to specify this though. It seems to decide for itself what to block and allow.

    Typical Windows - opaque and nobody actually knows (properly) how it works.

    0 0
  5. Version 1.0 Silver badge
    Thumb Up

    RE: More details

    Your choice is either to accept the status quo, or roll your own - pfSense runs on almost any old box and can deliver virtually commercial grade security for about $40 if you simply buy their book - it's kinda firewalls for smart dummies.

    http://www.pfsense.org/

    0 0
  6. Anonymous Coward
    Anonymous Coward

    Does the cert really help?

    As mentioned above, vendors usually need to make tweaks or add features to pass ICSA certification. If you want a product that meets the test specification, you need to make the same changes to the default config. These changes used to be published in the ICSA lab notes, but they stopped publishing them about a year ago. So without knowing the settings used, the cert is pretty meaningless.

    0 0
This topic is closed for new posts.