February 28th, 2003, 08:18 PM
Thunderstore releases Personal Firewall.
Thunderstore/Kaspersky is a Moscow-based company specialized in Anti Virus, Encryption, VPN and Security Services since 1998. Recently they released Anti-Hack 1.0, their first personal firewall.
PC Magazine Belgium has a deal with them and offered its subscribers a free one-year version of the Thunderstore Security Suite (Kaspersky Anti Virus, the Kaspersky Anti-Hacker personal firewall, the X-Tra Safe encryption utility and S-Mail email encryption).
Kaspersky Anti Virus
Daily updates, over 64k virii in the database, email-monitor,... The controls are very basic and it isn't as customizable as Norton, but at least it's faster than Norton.
The Universal boot system sounds like a nice innovation:
Kaspersky Anti-Hack 1.0
Kaspersky™ Anti-Virus Business Optimal for Wintel workstations includes the Rescue Kit feature, a unique rescue system that allows you to restore your PC in case it has been seriously damaged from a virus attack and has lost the ability to boot-up. Rescue Kit creates a set of start-up diskettes based on the Linux kernel that contain a preinstalled copy of Kaspersky™ Anti-Virus for Linux. This set-up enables a "clean boot," and helps users restore disks running under any of the most popular file systems.
One word: wow. I've been using Outpost since the first beta, but this firewall convinced me to throw Outpost out of the umm... window.
It combines two techniques: analysis of internet-connected applications activity at the program-level and packet filtration at the lower packet-level.
At the program-level: you can simply give Internet Explorer overall access to the net, OR you can give it only access when it acts strictly according to its program-type (a webbrowser in this case). Progam-types include: Web browser, File transferring, Mail, News, Instant Messaging, Internet Rely (sic) Chat, Business Conferencing, Remote Management, Time synchronization. The rules are highly customizable: protocol, remote address, remote port, local port.
At the packet filtering-level: customizable rules for DNS, Windows session service, Windows datagram service, Kerberos authentication (UDP/TCP), Communication via LDAP SSL, Common Internet File System (UDP/TCP), Communication via DCOM (UDP/TCP), Communication to BOOTP server. Again, those (preset) rules are highly customizable: protocol, packet type (incoming/outgoing), remote address, remote port, local address, local port.
Anti-Hack keeps extended logs at those two levels.
It gives a nice overview of open ports, applications on that port (with descripions... don't know what LSASS.EXE does? Kaspersky tells you, complete with manufacturer info, version number,...
Finally, it comes with a basic IDS, detecting some attacks as Ping of Death, Land, Syn/UDP/ICMP floods,...
X-Tra Safe encryption utitilty.
X-Tra Safe creates a virtual secure hard disk, appearing as an extra drive-letter. You can alter the size of the disk and set the encryption algorithm (Blowfish, DES, or Triple-DES). Safe pr0n for everyone!
Using S-Mail is as simple as dragging a file to the S-Mail window and clicking 'encrypt'... it supports up to 32-bit passwords and uses the Blowfish-algorithm. It turns the encrypted file into an exe-file which "can't be opened" without the correct password. All the recipient needs is the password.