Sign in to follow this  
Guest Tempus

3 questions about EIS v.9.x firewall

Recommended Posts

Guest Tempus

Hey Emsisoft.

 

  1. I have some questions regarding the  firewall in your new product Emsisoft Internet security. The first question I have is in connection with a Blog you wrote, about Botnets. The Blog article was " Internet Zombie Defense Training, or: How Not to Become a Bot ". In that blog I asked a question which I haven't received any feedback on. So I hope that it is okay to bring it up here. I asked about: Is Emsisoft Internet Security firewall so smart that is can recognize suspicious traffic/behavior that is passing the firewall. I ask because the firewall is the place where all traffic has to go through, and should be the first layer of protection intercepting suspicious data packets. You know Botnets is changing frequently in contrast to network protocols, so I am asking if the firewall can detect that as suspicious behaviour.( and ask the user for sending of information to Emsisoft's anti malware network.)
  2. The second question I have is: How can an user know if the firewall they are buying is doing its job regarding handling data traffic-ports-stealth and so on, effectively, regarding security-flexibility ( flexibility=without blocking everything). AC comparative did a firewall test but beside that, how can I know that I am not buying a firewall that is less effective than windows own. I ask because it seems like a more grey and obscured area for the consumer. You have different awards like Virus bulletin and Av comparative, but those awards is more about the detection done from signatures, behavior and Hips blockers, and the cloud. I really miss some sort of quality control regarding firewalls.
  3. The third question I have is: Does an user using Emsisoft Internet security firewall, receive a higher degree of anonymity compared to using windows firewall. I know, asking about anonymity on the net is a joke, but you can always try to limit the flow of information, or at least choose to whom you what the information goes to.(more or less).

Thanks for any feedback  =)

 

 

Share this post


Link to post
Share on other sites

I can answer no. 2 for you.   I have one notebook, that I can connecct out via Verizons broadband network, so there is no router involved, hence no firewall in the router.   I've tested EIS 9.0 agains GRC's port stealth test.  Passed 100%.

 

Pete

Share this post


Link to post
Share on other sites
Guest Tempus

I can answer no. 2 for you.   I have one notebook, that I can connecct out via Verizons broadband network, so there is no router involved, hence no firewall in the router.   I've tested EIS 9.0 agains GRC's port stealth test.  Passed 100%.

 

Pete

 

Thanks Pete that is truly nice to know. Let us see if they have something to say regarding the rest of my post, especially question no 1, which I am most curious about. =)

Share this post


Link to post
Share on other sites

Hello,

 

1. The EIS firewall is a application based firewall. The EIS firewall does not use statefull packet inspection. Suspicious or malicious behaviors will be detected by the EIS Behavior Blocker.

 

3. We do not collect any data to tracking the users activity that breaks the users privacy.

 

Also please take a look in our blog on: http://blog.emsisoft.com/2014/06/17/emsisoft-quite-possibly-the-most-privacy-conscious-anti-malware-around/

Share this post


Link to post
Share on other sites
Guest Tempus

Hello

 

Thanks Christian for taking the time to answer my post  . Your answer was more or less what I expected it to be. =) Btw. has Emsisoft tried to emulate different known botnet infections, to see if the behaviour blocker kicks in when needed. (There are some clever botnets installers e.g. with signed certificates which pretend to be Adobe Flash player)

Share this post


Link to post
Share on other sites

Hello,

 

we are running regularly tests with zero day malware to tune our behavior blocker rules. ;) We also know there are faked digital certificates in the wild. This faked or stolen certs are blacklisted in our database.

Share this post


Link to post
Share on other sites

I can answer no. 2 for you.   I have one notebook, that I can connecct out via Verizons broadband network, so there is no router involved, hence no firewall in the router.   I've tested EIS 9.0 agains GRC's port stealth test.  Passed 100%.

 

Pete

 

Ummm, your answer troubles me. When I run EMIS 9 on Shields-UP almost every port is shown as blocked. Only a handful are steathed. Is this because I have no group network and my setting is at "private network." Would there be any adverse results on the operation of my Windows PC or Internet Access if I changed the setting to public network? It was set at private network by default.

Share this post


Link to post
Share on other sites

I wouldn't do that.  Are you behind a router.  That will mess up results from Shields up.   They way I tested there was no router.

 

Nope. No router.

Share this post


Link to post
Share on other sites

Any official response to this?

 

While using EMIS on a "private network" should all ports be stealthed rather than blocked, not that it really makes much difference in practical terms.

Share this post


Link to post
Share on other sites

Umm....... I'm not on any network. I have one PC where I am. Is there some Windows setting I have wrong in 8.1 that has placed me on a private network that I can change so I am not on any network and be stealthed? Or by definition is a single PC on a private network? I know next to nothing about networks :-)

Share this post


Link to post
Share on other sites

A single PC connected directly to the Internet is essentially participating in a public network. Private networks mean you are part of a protected and trusted network environment like a small home network or a work network where you want to allow various network services like ping or file sharing to work. So if you are directly connected to the internet, without any kind of router in between, you really should set the internet connection to "Public" in both Windows as well as Emsisoft Internet Security.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.