Labs

Kaspersky Anti-Hacker has undergone some subtle changes since we saw version 1.5 last year. The most important one is that this version works properly with Windows XP's Service Pack 2. Aside from that and a few updates, though, there's no difference.

Anti-Hacker passed our tests with flying colours and was relatively simple to set up alongside IIS. We simply added a rule to allow all incoming packets on port 80, which is the default for web servers and is labelled as such in the software. A simpler way is to open the Active Network Applications window. Expand the Internet Information Services (inetinfo.exe)

Interestingly, the port scan listed the HTTP, SMTP and FTP ports as being open and allowed us to attempt a connection, although it disconnected the connections to FTP and SMTP each time. Most firewalls don't allow the connection to get this far.

The firewall includes application control, which works well and doesn't ask difficult questions. You can choose what kind of access applications have, too, which is good. An attacker blocking feature is available, which will slow down anyone who tries to get information about your system. This can be disabled, and we'd recommend you do this when testing your defences using sites such as www.grc.com or a port scanner. Otherwise they won't be able to connect to and scan your system.

Keeping the firewall running after the first year is expensive. F-Secure and Trend Micro get away with asking around £20 because they include anti-virus and other utilities. Kaspersky charges twice as much as ISS and Symantec, both of which produce excellent firewalls.