Tracking Firewall Updates
Dec. 7, 2000 LeakTest pre-release introduced to the PC industry
Gibson Research releases the preliminary, pre-release version of LeakTest allowing users to independently verify and extend Steve Gibson's firewall vulnerability findings.
Dec. 7, 2000 Symantec to immediately update NIS product line
Symantec is reportedly informing curious PC industry reporters that they will immediately update their installed base of Norton Internet Security products in response to the vulnerabilities revealed by LeakTest. Symantec's "Live Update" system will be used to provide these updates to their users.
Dec. 7, 2000 Beta of Tiny Personal Firewall
Unconfirmed reports from posters in our LeakTest discussion newsgroup have revealed that the current beta release of Tiny Software's Tiny Personal Firewall incorporates an MD5 cryptographic signature which, as with all versions of ZoneAlarm, does prevent the sort of Malware Masquerade exposed by LeakTest.
The bad news is that this program fingerprinting feature appears to be turned OFF by default (we hope this will change) and that the program also includes a file called "knownapp.txt" which duplicates the function and extreme vulnerability of Norton's application database. (We hope THAT will change too!)
Dec. 7, 2000 Sygate to respond soon
A Sygate engineer has indicated that at least some of the troubling behavior exhibited by their firewall is the result of a mis-configured parameters (.ini) file and that, consequently, we'll have some of improvements from Sygate very soon.
Dec. 9, 2000 Symantec's Official Statement:
"Symantec Corporation takes the security of our products seriously, and will address the issues raised by Steve Gibson's analysis of Norton Internet Security and Norton Personal Firewall. The Research and Development organization immediately began working on these issues when we became aware of them on December 6th, and will release a LiveUpdate to correct the software currently in the field." -- Brendon Woirhaye, Senior SQA Engineering Manager, Symantec Corporation
Dec. 22, 2000 Sygate's first patch released:
Sygate has released a patch (build 475) of the Sygate Personal Firewall v2.1 which will initially block rather than permit unknown applications. This addresses the significant concern of their firewall permitting applications to communicate until explicitly denied. Note that because this was a stop-gap measure which their existing architecture doesn't fully support the first blocked then permitted application may need to be restarted after receiving connection permission.
April 18, 2001 McAfee Personal Firewall Updated to v2.15:
The recently released version 2.15 of the McAfee Personal Firewall passes all LeakTest version 1.0 tests. Be sure to update to v2.15 if you use the McAfee firewall!
April 18, 2001 Sygate Personal Firewall Updated to v4.0:
The recently released version 4.0 of Sygate's Personal Firewall passes all LeakTest version 1.0 tests. It is a very nice firewall and is completely free for personal use. Be sure to update to v4.0 if you use any earlier version of Sygate's firewall.