I see alot of people asking whats the best firewall or antivirus for my system. Truth is there is no best. It all depends on your system and your needs.
Some people know about these sites some do not. Ive compiled a list of some of the best, unbiased research in the way of antivirus and antimalware software.
Matousec
This site tests firewalls. It does alot more than just your regular TCP and UDP connections. It also tests a firewall in its HIPs protection.
They have since renamed their research to the Proactive Security Challenge. Here is a link to the results:
http://www.matousec.com/projects/pr...nge/results.php
This is the set of tools that they use for testing. If your security setup isnt on the test feel free to get a rating yourself.
http://www.matousec.com/projects/se...-testing-suite/
Virus Bulletin
This site basically tests antivirus softwares and either gives them a VB100 award or fails the software. It compiles recent results so you can see the timeline of a software based on if it passed or not. To see the results of the latest AV comparatives you need to register for a free account. This site also malware and other security related articles as well.
http://www.virusbtn.com/index
ICSA Labs
This site basically runs some tests and certifies or denies security programs. It rates antispam, antispyware, IPSEC, antivirus, and various other networking softwares. All it really tells you is if a software has become certified, the operating system used for certification, and what level of certification it received.
Unfortunately nothing comes close to the AV Comparatives site in the way of Anti-Malware program testings and this is as close as it gets.
http://www.icsalabs.com/
AV Comparatives
This is probably the most significant resource here. While we all are worried to some extent about what the firewall lets in and out, we are all more concerned about our AVs detection rate and wheather or not its deleting something that we need.
On this site you will find independent comparatives of Anti-Virus software. All products listed in our comparatives are already a selection of some very good anti-virus products.
Basically this site takes a huge collection of malware, keyloggers, trojans, and rootkits and tests each of the AV softwares in detection rates and the amount of false positives they identify. They also do performance testing on AVs to figure out scan speed and various other things.
http://www.av-comparatives.org/
I hope this helps when you are looking for a new firewall or AV to use.
Dennis Technology Labs
This test aims to compare the effectiveness of the most recent releases of popular anti-virus software. The list of
products includes a selection of commercial and free programs.
A total of 10 products were exposed to genuine internet threats that real customers could have encountered during
the test period. Crucially, this exposure was carried out in a realistic way, reflecting a customer’s experience as closely
as possible. For example, each test system visited genuinely infected websites and downloaded files exactly as an
average user would
The results of this test must be downloaded and read with a .pdf viewer.
http://community.norton.com/norton/...rt-consumer.pdf
Jotti
Jotti's malware scan is a free online service that enables you to scan suspicious files with several anti-virus programs. Scanners used are Linux versions; detection differences with Windows versions of the same scanners may occur due to implementation differences. There is a 15MB limit per file. Keep in mind that no security solution offers 100% protection, not even when it uses several anti-virus engines (for example, this scan service).
Basically if your suspicious of a small file, keygen, crack, what ever. You can upload here and get multiple results from a bunch of different scanners. The issue that I have found with these types of net services are they may be out of date. They dont state what definition they are using to scan with.
http://virusscan.jotti.org/en
VirusTotal
VirusTotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines.
Specs:
* Free, independent service
* Use of multiple antivirus engines
* Real-time automatic updates of virus signatures
* Detailed results from each antivirus engine
* Real time global statistics
Basically the same thing as Jotti, but probably a bit more popular.
With Virustotal and as with Jotti, just because multiple scans and databases have determined that a file is clean doesnt mean that its harmless. Its very possible that its a 0-day malware and hasnt been detected yet.
Conclusion
In conjunction with the above research I've narrowed it down to an almost perfect setup for Windows. GData Antivirus real time, Comodo Firewall Free/Pro real time, Malwarebytes Antimalware Pro as an on demand scanner, and I use Spyware Blaster to plug browser holes. It basically acts as the Immunize function that Spybot Search and Destroy had.
And now before people decide to jump down my throat about running multiple antivirus software. There is a difference between on demand and real time. On demand means they are installed, but do not start with the system and do not ever run unless you update or run a scan that you start. Real time means they do start with the system and auto update and scan files in real time. Its ok to have more than 1 AV installed as long as ONLY 1 is running in real time.
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
