Has anyone run these firewall leak tests?

Has anyone run these firewall leak tests?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Has anyone run these firewall leak tests? news 01-22-2006
Posted by news on January 22, 2006, 6:58 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I found this site:

http://www.firewallleaktester.com/

and downloaded all the test programs.

Some observations:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. McAfee would not save copycat.exe, saying it contained a trojan
(Generic.f), and file opr03r00.exe was deleted.

2. A McAfee virus scan reported that the following are "Potentially
Unwanted Programs" (PUPs):

Demo-Leak Test (firehole.exe)
Demo-Leaktest 12 (leaktest1.2.exe)
Outbound (outbound.exe)
Demo-Leak Test (tooleaky.exe)
Yalta, yalta.vxd (yalta.zip)

3. AdAware SE reported Spyware PC Audit as a critical program, with a
TAC reading of 10 (whatever that is).

4. Spybot S&D and CWShredder reported nothing unusual.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Is it safe to run these? (Running XP Home with both the SPs and all the
updates).

--
Ian

Posted by MAP on January 22, 2006, 8:14 am
If you were  Registered and logged in, you could reply and use other advanced thread options
news wrote:
> I found this site:
>
> http://www.firewallleaktester.com/
>
> and downloaded all the test programs.
>
> Some observations:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1. McAfee would not save copycat.exe, saying it contained a trojan
> (Generic.f), and file opr03r00.exe was deleted.
>
> 2. A McAfee virus scan reported that the following are "Potentially
> Unwanted Programs" (PUPs):
>
> Demo-Leak Test (firehole.exe)
> Demo-Leaktest 12 (leaktest1.2.exe)
> Outbound (outbound.exe)
> Demo-Leak Test (tooleaky.exe)
> Yalta, yalta.vxd (yalta.zip)
>
> 3. AdAware SE reported Spyware PC Audit as a critical program, with a
> TAC reading of 10 (whatever that is).
>
> 4. Spybot S&D and CWShredder reported nothing unusual.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Is it safe to run these? (Running XP Home with both the SPs and all
> the updates).

I've never been to www.firewallleaktester.com.

You can go here to run a firewall test (shields up)
http://www.grc.com/default.htm

Below the shields up test you will see a "leak test" (downloadable
application) this will show up as a trojan but it is not.(maybe the same
holds true for what you downloaded?).

--
Mike Pawlak



Posted by Scherbina Vladimir on January 22, 2006, 8:58 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I donwloaded leaktest1.2.exe and firehole.exe.

Leaktest1.2.exe is packed with UPX, so McAfee's heuristics might treat
unpacking code as some unwanted stuff.
The same with firehole.exe, as I see it extracts dll from resoruces (that
already seems very strange for any AV), load it using LoadLibrary and then
using GetProcAddress takes pointers to functions - heuristic might treat it
as potentially unwanted software.

--
Vladimir

>I found this site:
>
> http://www.firewallleaktester.com/
>
> and downloaded all the test programs.
>
> Some observations:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1. McAfee would not save copycat.exe, saying it contained a trojan
> (Generic.f), and file opr03r00.exe was deleted.
>
> 2. A McAfee virus scan reported that the following are "Potentially
> Unwanted Programs" (PUPs):
>
> Demo-Leak Test (firehole.exe)
> Demo-Leaktest 12 (leaktest1.2.exe)
> Outbound (outbound.exe)
> Demo-Leak Test (tooleaky.exe)
> Yalta, yalta.vxd (yalta.zip)
>
> 3. AdAware SE reported Spyware PC Audit as a critical program, with a
> TAC reading of 10 (whatever that is).
>
> 4. Spybot S&D and CWShredder reported nothing unusual.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Is it safe to run these? (Running XP Home with both the SPs and all the
> updates).
>
> --
> Ian



Posted by Gunilla on January 22, 2006, 11:56 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Can the Firehole.exe be the same one as from Robin Keir's site here?
http://www.keir.net/firehole.html

Cheers,

Gunilla.

>I found this site:
>
> http://www.firewallleaktester.com/
>
> and downloaded all the test programs.
>
> Some observations:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1. McAfee would not save copycat.exe, saying it contained a trojan
> (Generic.f), and file opr03r00.exe was deleted.
>
> 2. A McAfee virus scan reported that the following are "Potentially
> Unwanted Programs" (PUPs):
>
> Demo-Leak Test (firehole.exe)
> Demo-Leaktest 12 (leaktest1.2.exe)
> Outbound (outbound.exe)
> Demo-Leak Test (tooleaky.exe)
> Yalta, yalta.vxd (yalta.zip)
>
> 3. AdAware SE reported Spyware PC Audit as a critical program, with
> a
> TAC reading of 10 (whatever that is).
>
> 4. Spybot S&D and CWShredder reported nothing unusual.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Is it safe to run these? (Running XP Home with both the SPs and all
> the
> updates).
>
> --
> Ian



Posted by Steven L Umbach on January 22, 2006, 12:37 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Personally if my antivirus program reported programs as a trojan or
questionable I would not run them and delete them unless the computer is a
"test box" where you are trying things out and if bad things happen it is
not big deal because I can reboot and all changes are lost or I can
reinstall from an image quickly. I went to the link and think that the value
of the proposed test is very minimal and would not worry about it. What you
want to make sure is that your firewall is stopping inbound traffic that was
not in response to network traffic initiated by your computer known by you
or not. Popular sites such as http://scan.sygatetech.com/ can do a good job
of such. --- Steve


>I found this site:
>
> http://www.firewallleaktester.com/
>
> and downloaded all the test programs.
>
> Some observations:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1. McAfee would not save copycat.exe, saying it contained a trojan
> (Generic.f), and file opr03r00.exe was deleted.
>
> 2. A McAfee virus scan reported that the following are "Potentially
> Unwanted Programs" (PUPs):
>
> Demo-Leak Test (firehole.exe)
> Demo-Leaktest 12 (leaktest1.2.exe)
> Outbound (outbound.exe)
> Demo-Leak Test (tooleaky.exe)
> Yalta, yalta.vxd (yalta.zip)
>
> 3. AdAware SE reported Spyware PC Audit as a critical program, with a
> TAC reading of 10 (whatever that is).
>
> 4. Spybot S&D and CWShredder reported nothing unusual.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Is it safe to run these? (Running XP Home with both the SPs and all the
> updates).
>
> --
> Ian



Similar ThreadsPosted
PROBLEM WITH FIREWALL AND IIS December 23, 2005, 3:01 pm
i can't enable the firewall May 10, 2006, 8:53 am
XP's Firewall August 22, 2006, 6:30 pm
Need for firewall when machines are behind a NAT router ? December 1, 2005, 1:40 am
CA EZAntivirus / Firewall Abandon NT March 13, 2006, 11:48 am
firewall disabled by a virus July 20, 2007, 9:53 am
Firewall Software Recommendations? February 11, 2008, 9:19 am
Windows Firewall automatically disabled August 23, 2005, 12:30 am
Windows 98 (not SE) Antivirus & Firewall recommendation January 3, 2006, 10:00 pm
Re: Zonelabs Latest Free Firewall September 25, 2007, 11:52 pm

The site map in XML format XML site map

Contact Us | Privacy Policy