Kaspersky Lab, a leading developer of secure content management solutions, has released a new analytical article on using leak tests to evaluate firewall effectiveness. The author is Nikolay Grebennikov, deputy director of the Department of Innovative Technologies.
The article describes the role played by firewalls in integrated information security systems. It also examines the principles and methods used in leak tests, one of the most objective types of firewall testing.
According to Nikolay Grebennikov, Due to the increase in the number of malicious programs, the additional security provided by a firewall is increasingly pertinent since firewalls block undesirable network traffic. This additional 'layer' of protection can block most types of malicious program that are not detected by the antivirus component of an integrated security system.
The only way of bypassing a firewall is by using leaks, i.e., specific technologies that enable applications to send data to recipients outside the network without the user’s knowledge. The quality of protection from leaks provided by a firewall is tested using so-called leak tests, i.e., small non-malicious programs that implement one or more leaks.
Nikolay Grebennikov describes existing leak technologies and the leak tests used to determine whether a firewall is able to block these leaks. Although Microsoft’s new operating system, Windows Vista, is better protected than previous Windows operating systems versions, third-party security programs should still be used to provide sufficient protection from leaks.
According to the author, in the future malicious programs will use new methods to circumvent protection built into Windows Vista and existing security systems. Due to this, the additional protection provided by firewalls will need to become even more reliable.
The article concludes that as malware writers will increasingly use leak technologies to bypass firewalls, leak tests are becoming a crucial method for testing the reliability of a computer’s protection.
The full version of the article is available on Viruslist.com.