BitDefender's FireWall in the Security Suite isn't Keeping YOU safe - here's why...

earnolmartin
earnolmartin
in Malware talk

BitDefender, I have tested your firewall with the GRC's Firewall Leak Test available here:


http://www.grc.com/lt/leaktest.htm


When LeakTest.exe tried to connect, it was denied, meaning that BitDefender's firerwall had


blocked the test, which is good. However, I gave a program called Trillian rights to


connect and act as a server. I renamed the original Trillian.exe to Trillian-orig.exe. I


then renamed LeakTest.exe to Trillian.exe and ran it. Unfortunately, it was given full


permission, showing that the firewall could not block GRC's leak test. This is bad because


if a virus were to rename an exe program that is given full access to the internet, it would


be allowed. If each program were assigned a "Cryptographic Signature" by your firewall,


this would fix the issue. If that file tries to connect, this signature is then regenerated


and compared before any program of that name is again allowed access. This completely


prevents this simple form of trusted program impersonation, but NO OTHER FIREWALLS OFFER


THIS CAPABILITY EXCEPT ZoneAlarm. Therefore, I strongly insist that your firewall is


upgraded to meet all of GRC's standards as a firewall. I also request as a feature request


that your firewall show how many intrusions have been blocked. Until this firewall is


updated and improved, I don't think I'll use it.


Users of BitDefender's Internet Security Suite 10:


From this test, you are not safe when using BitDefender's firewall!!

Comments

  • vladx
    vladx
    edited June 2007

    Hi Eric


    You also posted this in the Feature request area wich is more appropriate so i'll close this one.

This discussion has been closed.

All Time Leaders

Categories

Defenders of the month