Trend Micro Internet Security Pro v2

Written by Anonymous on 12:14 AM

Firewall Toughening Up

Trend Pro's firewall comes preconfigured with four distinct profiles for different situations. I used the strict "Direct internet connection" profile for firewall testing since that test system indeed has a direct connection. Profiles are available for wireless, home, and office networks as well. Each profile activates its own complete set of firewall configuration settings, and Trend Pro can automatically change profiles when you connect to a different network.

I attacked the firewall using port-scan tests and other Web-based attacks. It passed every test and put all the system's ports in Stealth mode. The attacking programs couldn't see a thing.

A personal firewall should also make sure that no program misuses the Internet or network connection. Some firewalls put the user in charge, asking whether each program should be allowed access the first time it tries to connect. Trend Pro's firewall is smarter than that. Like Kaspersky, Panda, and Norton it automatically eliminates known bad programs and grants access to known good programs. It relies on its behavioral monitoring to handle unknown programs. If they try anything sneaky they'll get smacked down.

So does the behavioral protection work? I tried running a dozen leak tests, programs that demonstrate techniques malware programs use to evade old-style program control. I disabled the real-time protection, leaving just behavioral blocking. Trend Pro blocked 10 of the 12, a good result. Norton and Panda don't try to block these because they're just demonstrations with no actual malicious payload. That's a reasonable stance, but I like the fact that I can see Trend succeeding with these tests.

Trend Pro's multilayer protection was also effective when I attacked the test system using exploits generated by the Core Impact penetration tool. These attacks try to gain control of the protected system by exploiting vulnerabilities in the operating system, browser, or applications. Some attacks failed because the system wasn't vulnerable; Trend Pro blocked the rest in one way or another. The utility's battle with one exploit did slow the system to a crawl, but a reboot fixed that. It doesn't identify the exploit by name the way Norton does, but it gets the job done.

I always try to break a suite's protection using techniques that malware could manage programmatically. Last year's Trend Pro suite didn't do so well—I killed it off by tweaking the Registry and by turning off its essential services. This year's suite is much tougher. When I tried to change a Registry value to disable the firewall it not only prevented the change, it reported an attack. Likewise it reported my attempts to kill its process using Task Manager as an attack. And its essential services are configured so they can't be stopped by me or by malware. I did manage to kill it off by setting each service's start-up type to Disabled and crashing the computer, but that's a pretty far-fetched attack. Trend Pro is toughening up!

By Pcmag

No Comment comment | Posted in »  

Related Posts



  1. 0 comments: Responses to “ Trend Micro Internet Security Pro v2 ”

Post a Comment

Subscribe to: Post Comments (Atom)

Our Hot News

MLL Telecom, which specialises in building and operating broadband wireless networks, today unveiled a new Customer Management Centre (CMC) dedicated to network management, increasing network visibility and proactively identifying and resolving incidents on each customer’s network. Read More..

Want to subscribe?

Subscribe in a reader Or, subscribe via email:
Enter your email here:
Find entries :