Jetico firewall tops in "leaktest"?

[JavaJones]

I was surprised to not see much discussion of this test site or Jetico as a firewall, though I know some people here use it. According to this website Jetico passes the greatest number of their "leak tests". Interesting results. Even more so because Jetico is free! Anyone here user Jetico and have some thoughts?

http://www.firewalll...tester.com/tests.php

- Oshyan

[mouser]

interesting.. might be worth another look.

Jetico firewall link: http://www.jetico.com/jpfirewall.htm
Version 2 beta came out in august (last release before then was 1 year ago - yikes).

[AdIyhc]

I used Jetico before. So many pop ups!! It's good but usability is nil.
Not for the faint hearted. Sometimes the pop ups will crash the pc. So it's best to install Jetico first and then one by one your other apps.

But that's version 1. Version 2 may be much better since it will be shareware.

[JavaJones]

Ah, I hadn't heard about v2 becoming shareware. I imagine it is so secure because it doesn't let *anything* through without notifying the user. So, very secure, but a pain in the butt. Outpost also scored well however, and additionally on another test on the site that Jetico *didn't* score very well on. So Outpost may be the best of both worlds, once they work out the 4.x issues. Presumably 4.x will perform better on the "leaktests" too since it has functionality specifically built for doing so (according to that page).

- Oshyan

[AdIyhc]

Don't forget about comodo. Huge fanbase and I think it has good results too.

Off Topic: Is leaktest that important? Or will stealth do just fine? Was following the firewall trend and bought LooknStop but now I just use all-in-one programs.

[Carol Haynes]

If you are serious about security then Leaktest (IMHO) is of paramount importance.

Actually there is little point in running a firewall claiming to block unauthorised outbound traffic that doesn't pass leaktest because most of the possible 'leak solutions' are so trivial that anyone who wants to could use them to get info off your machine without you knowing - or even with you knowing it but by then it is too late.

One of the most trivial leak test breakers is loading an information loaded URL into your default browser - but hide the open window from view. The browser tries to open the URL thus passing the information it contains to the host website.

Trouble is leaktest is failed because you have trusted programs ofn your system that you let connect to the internet (such as your browser). Once you start trying to stop these leaks (like Outpost is now doing in its buggy version 4) you have users facing huge numbers of decisions everytime any application tries to access the internet, or call another program that access the internet etc.

[AdIyhc]

Ah then it's clear to me. I will just use my internet suite firewall. No need to worry about these tests.

[JavaJones]

Comodo's results on this test were not very impressive on the version they tested: 35.2% for Comodo compared to 85.2% for Jetico and 74% for Outpost and Look N Stop. Version tested was 1.1.005 though. They should be doing a new test soon, including Outpost 4 and hopefully Jetico 2 beta.

A good firewall should catch one program calling another, and that should be an infrequent enough thing as to not be *too* bothersome to the end user. If it's happening a lot for people, perhaps they have too much crappy software on their system.

- Oshyan

[mouser]

i think it's really important to consider a critical fact in these tests:
they tend to be done with "out of the box" (default) settings in the firewalls.

this is extremely important, because it means that the tests tend to be a measure not of the firewalls potential ability to block things, but it's performance with default settings, which can be hugely different, depending on how the firewall is configured out of the box.

for example, some firewall makers try to avoid bothering the avg user with popups, so by default they allow stuff that an advanced user would change.  other firewalls by default are overly paranoid, meaning tons of pop-ups, where an advanced user might adjust those settings.

so i take these scores with a grain of salt..

[tinjaw]

I feel strongly enough about it as well that I feel compelled to +1 mouser's remarks. Additionally, as we have discussed in other threads on this forum, one score/review does not fit all. You need to take into consideration things like your skillset (do you understand TCP vs UDP? Do you know what a stateful packet inspection is? Do you prefer a default accept policy or a default deny policy? etc.) Will you be using this on a laptop as the primary means of defense of on a desktop already behind a firewall/router? etc. Another extremely important thing to consider with security software is how well is it maintained. For example, the last release of Jetico was back in Feb 2004 (IIANM). Are you protecting a file server? A web server? A gaming rig? All these things will effect what choice you should make.

[JavaJones]

True enough mouser, but it's a difficult thing to really take fairly into account. Because there are two major possibilities with home users - the people most important to protect (even if one of us here gets a virus we at least know how to deal with it and will resolve it much quicker than if the average person gets one - damage control is a big part of what's important here, not just prevention). Either a home user will just use the defaults - in which case it's extremely important to know what those defaults are - or they will simply not use the product at all (akin to just saying "yes" to let everything through). Determining a tolerance threshold for the average person might help in the consideration, but it's all still a bit fuzzy.

These things are really vital to consider because I for one am more interested in what to recommend to others rather than what to use myself - that to me is most important because those people aren't as capable of making informed decisions on their own. So putting this info in perspective - that perspective specifically - is important for me at least.

- Oshyan