 |
 Norman Personal Firewall - part II
Disturbing revelations
The operation of the firewall raised so many questions, that to tell you everything I need to report each step I took.
After all the configuring and when the program was supposed to be working, I still couldn't access a web site with any of my browsers. The situation lasted almost 20 seconds when I heard a click inside my PC case and saw the blue "screen of death". I rebooted my computer and the same thing happened. I disabled and closed NPF and when IE attempted to access a web site, the system hung. I cursed like a sailor.
Even a dimwit would have removed an application that caused so much chaos and that's exactly what I did. I was very relieved to see that all the system glitches disappeared.
After uninstalling Norman Personal Firewall, I checked its website for information concerning the malfunction and discovered that the company released an update of the program, version 1.42, that was supposed to be "perfectly" compatible with WinXp SP2, and was recognized by the newly-included Microsoft Windows Security Center.
I downloaded the new version and hoped the problems would not reappear. Fortunately, they did not; at least for a short while.
The main window started and looked like this:
It was nicely organized, everything clear and precise. The icon design was slightly disappointing, but we're testing a firewall, not a desktop graphics application. I was more interested in seeing the program work and if it protected a user's PC.
The problems I had with system freezes vanished. The program was behaving itself and I began to like it.
Here's what I found during my experience with the program:
Positives:
- The program lets you view the code of an ActiveX script in the rules creation window.
- It has an accurate and well-designed rules-creation algorithm.
- The firewall is recognized by Windows SP2 Security Center.
- Simple interface, robust performance, and low system requirements
Negatives:
- The program failed a simple "TCP PING" test, which is part of the Stealth Test suite on our site.
- A major disappointment for me was the absence of an active connections window, so you can only guess which programs are using what ports to where. No option is given to terminate an active connection or to run an application.
- The program is a configuration-only tool, rather than an information tool, implying that after it has been given the necessary configurations, it doesn't inform the user of its current online status.
- The firewall has no predefined rules for any major app.
- The popup blocker is disabled by default and no question was asked during the initial configuration whether it should be enabled.
As various programs were trying to access certain ports and feed data using different network protocols, NPF caught their intentions and asked me to specify the rules that would govern the access rights for these programs, and it gave appropriate hints about what should be permitted. I liked what it was doing and it obeyed my orders. Everything went smoothly before I decided to subject the program to some
leak tests to see how much data was getting through to a possible hacker. I downloaded the basic and pioneering leak tests and, not surprisingly, the program passed it. I then decided to modify the rules for this test to allow incoming and outgoing data communication and the firewall failed the test, which meant that the program really worked, and that the rules were reacting to later modifications. I reverted the settings and again disabled both directions of data flow for the program, but it failed the test again (it allowed the leak test to perform an outbound transmission). Remember, this is after I changed the rules back. This is a major weakness of Norman.
Continue to Part III
Back to Part I
|
|
