Hi

i just finished a website : www.firewallleaktester.fr.st

This site references all available leaktest and describe each. In addition it allow you to download each leaktest to test your firewall.
At the bottom, there is a page with results between the most famous personal firewalls, it isn't full for now, but i rely on you to help me to add results :)

To discuss results or add information, there is a forum.

I hope it will be usefull and you will enjoy it ;)

Cheers,

Guillaume/gkweb.

Nicely done gkweb ;)

Your new site looks promising and we all wish you the best.
Now if we can only get the gang to make suggestions and
help in your venture

con

thanks you :)

i'm always working on it, there is so much to do about leaktest, i hope to improve it, we'll see :)

regards,

Guillaume/gkweb.

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=0#msg65153 date=1054993616]
Hi

i just finished a website : www.firewallleaktester.fr.st

This site references all available leaktest and describe each. In addition it allow you to download each leaktest to test your firewall.
At the bottom, there is a page with results between the most famous personal firewalls, it isn't full for now, but i rely on you to help me to add results :)

To discuss results or add information, there is a forum.

I hope it will be usefull and you will enjoy it ;)

Cheers,

Guillaume/gkweb.
" }-

Hello,

Nice job but most results are better when good FW settings.

SSM stand alone or in conjunction with any FW allows to pass all leaktests with flying colours.

Rgds,

-{ Quote: " quoting: controler link=board=23;threadid=10013;start=0#msg65173 date=1055001859]
Nicely done gkweb ;)

Your new site looks promising and we all wish you the best.
Now if we can only get the gang to make suggestions and
help in your venture

con
" }-

Yep, definately looks promising gkweb ;). But as Jack said, if you have SSM, you can defeat all leaktests ;D.

Regards, Jade.

yea, of course, but if SSM makes my PC hanging? (XP + SP1 + all last update)

Even if not, that's not the pb. My point of view is : to have SSM is a good point, but is it because you have a good guard that you install a useless leaked software with it?

not me :)

In addition, my mother has his own comp that i protected myself, and i'm not very sure that she would be able to deal with SSM alerts ;)
(the firewall installed has is config fixed, no more alert)

And as i already said to jack on another post, all results are with firewall at highest settings, and if i done this website it is to inform everyone (included me) on firewall quality, after that, some will like it, some won't, but in all case, it's usefull to know the protection degree that personal firewall offers, at least for me! ;)

It's not to tell you to do this or that, it's just information :) and you can use it to improve your security.

P.S : don't say this to anyone, but when i'm testing a firewall at highest settings and it leaks to a simple old leaktest, i laugh while one hour ! ;D it's the funny part of that ;)

regards,

gkweb.

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=0#msg65267 date=1055036450]
And as i already said to jack on another post, all results are with firewall at highest settings,
" }-

Hello Guillaume,

I cannot say for other FWs but for instance with strong settings, OPv2 passes Oops and I Get 9/10 on AWFT.

There is no problem at all with SSM and WinXP. If you encounter any glitch, feel free to contact Max.

Same applies to SSM as to any FW when properly configured no more useless alerts ;)

Regards,

9/10? if i could have at least one or two other persons that could confirm, i'll modify the results "5/10" on the site.
(me i can't test AWFT because i have pb of default browser on my comp)

About SSM, i'll give it a try again, last time when it crashed my comp while i had good download with emule, i was a bit angry ;)

I'll probably add SSM as an advice regarding firewall leak, but the website still focusing only on leaktest, only on software filtering.

Thanks for your opinion, feel free to add opinion like this in the future on my forum :)

Now.... max? where are you max? max! ^^

regards,

Guillaume/gkweb.

Nice job on the website.

-{ Quote: "I cannot say for other FWs but for instance with strong settings, OPv2 passes Oops and I Get 9/10 on AWFT." }-

That are news to me, too. When I tested Outpost2 vs. Leaktests not long ago, it got only a few points in AWFT and failed Oops (note: Oops only works on NT/2000/XP systems.)
_How_ did OP2 passed in your tests (which alarms, log entries,...)?


To SSM: can someone please redo the test with the _current_ copycat version (http://mc.webm.ru/)? For some reason, this version is _not_ blocked by SSM on my PC anymore... :o
Max?

BTW: Nice website, gkweb! :)

G'day :).

Look in your SSM folder and see if the .dll pictured is the same version as screenshot?

Regards, Jade.

Your site is well done, I will be recommending it.

@Bowserman

I use WinXP, so it is the 'mchooknt.dll', which counts. ;)
But I am pretty sure, I have got the most recent version. It is: 1.14.0.13

Could anyone try it (with WinXP), please? :)

thanks you ;)

about Outpost, if you could be agree, i would be able to put right results. For now, results shown are under XP at highest setting, and should be the right results.

Anyone else with results that can confirm 5/10 to AWFT or 9/10? and the failed or success with Oops ?

regards,

Guillaume/gkweb.

EDIT : SSM blocks copycat on my comp.

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=0#msg65442 date=1055086505]
thanks you ;)

about Outpost, if you could be agree, i would be able to put right results. For now, results shown are under XP at highest setting, and should be the right results.
" }-
Hello,

For AWFT to get 9/10 : you must set on paranoiac : then you just fail the first test (a bit strange, it's the simplest)

As for Oops, you must untick DNS rule in System and add a DNS rule with your ISP' DNSs for each partially allowed application and of course NO trusted application at all.

Rgds,

I have a little problem to execute leaktests which need a default web browser, it's a Windows XP technical support what i need, where can I expose my pb ?

(i don't have any default web browser, and even when IE ask if it should be and then i click OK, it doesn't change anything...)

if someone could help me :-\

thanks.

Guillaume/gkweb.

P.S : which operating system have you Jack ?

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=15#msg65475 date=1055096065]
I have a little problem to execute leaktests which need a default web browser, it's a Windows XP technical support what i need, where can I expose my pb ?

(i don't have any default web browser, and even when IE ask if it should be and then i click OK, it doesn't change anything...)

if someone could help me :-\

thanks.

Guillaume/gkweb.

P.S : which operating system have you Jack ?

" }-

Hello,

As you are French speaking, best support about WinXP is
news://msnews.microsoft.com/microsoft.public.fr.windowsxp

I am running WinXP Pro SP1 always up to date.

My default browser is Opera v7.11.
If you prefer IE as Default Browser :
IE\Outils\Options Internet\Programmes and tick "au démarrage, vérifier que IE etc..."

Rgds,

thanks for the newsgroup :)

About Outpost, we have same OS + update, so i'll retry tomorrow, may be i missed something ;)

regards,

Guillaume/gkweb.

EDIT : i posted a poll on my forum, if someone interested... it's before all for you ;)

EDIT PS : you should be able to post without signin and login, i know sometimes it's boring to register to multiple forum ;D

Hello,

OP Pro v2 stand alone : tooleaky passed

Rgds

Hey

Keep in mind not to base majority results with facts, many things plays a factor like the differ Microsoft Windows versions, and what’s currently running in the background and whether or not you using Internet Explorer or Opera or other-than when using Leaktests like TooLeaky.

Example;

Jack, is Internet Explorer you Default browser and was that currently running or not?
Or is Opera your Default browser and was that currently running or not?

Yes, there are a lot of variables. There is also the knowledge of getting the most out of your firewall.
I know David, has been able to pass all firewall leak tests with Outpost 2, with the exception of Thermite. Oops will pass if the component level is set to high. Others have posted similar results in a thread at the Outpost forum.
I think people need to understand that using some one elses evaluation of the ability to pass such things as leak tests is not necessarilly going to reflect the same results they may get on their machine. I got turned off on leak tests long ago when I found out that the premise was, "if you do this and don't do that, and download this program, install it and run it, and you have a certain browser open, your firewall will fail"
Just another situation that shows the first line of defense is the brain. If you use it, you have a good chance of being safe. ;D
As usual, just my 2 cents worth. Take it or leave it.

It's not so difficult i think.

results on the website are regarding the worst case for the firewall (his environnement under 2000/XP, browser opened, etc...) with his highest settings, i'm interesting to the limits of the firewall, not the case where for instance the browser is closed and leaktest passed successfuly ;)

It's the point of view of the website, so obviously, from me.

in "highest settings" i'm talking about highest parameters, and about OS 2000/XP which provides to firewall a better support for DLL detection.
At this point, some disagree are cleared ;)

I don't want of cases where we "help a little" the firewall.
We can't say to passed a leaktest if we for example aren't launch IE (if just this fact failed the leaktest), why? because leaktest are a trick shown with a specific aimed software, so if you close it, you are showing that you passed the specific test, not the trick which in theory could aim any other application, IE is often aimed by leaktest because most of people have it. So if the fact of close it help to passed the leak, it's not the good way for me. But if after all test the leaktest is still blocked, ok, the leaktest is passed.

@Jack

I didn't put Outpost to paranioac mode to test tooleaky, it's a miss from me, tomorrow i will do it and add your results if i can do it too (that will be the case), thx for your help.

@phantom

yes, you are talking about factors that can changes results, and so i just said what are my criteria, and you seems to say that i said, we don't want of factors that help firewall, we want strong results.

@root

about the knowledge of getting the most out of our firewall, the new poll on the website forum is about this, good point for you ;)

@all

At the end, yes few results are not so easy to point out, but some are. For instance Kerio 2.1.5 against thermite, try it if you want :)
All of that leads to real value of firewall, this why it is good to look at the truth.

regards,

Guillaume/gkweb.

P.S : root : -{ Quote: "Just another situation that shows the first line of defense is the brain. If you use it, you have a good chance of being safe" }-

quite right ! ;)

ok Jack, i didn't be able to wait more, i just tested and you are in right, outpost 2 well configured passes Toolleaky and Oops.

Thanks for your help ;)

regards,

Guillaume/gkweb.

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=15#msg65559 date=1055121974]
ok Jack, i didn't be able to wait more, i just tested and you are in right, outpost 2 well configured passes Toolleaky and Oops.

Thanks for your help ;)

regards,

Guillaume/gkweb.
" }-

That still doesn't tell us much....

Configured to paranoiac detection mode with Internet Explorer as a trusted application, global system DNS disabled and DNS allowed only for application, Outpost doesn't show an alert when Tooleaky try to lauch IE but finished on the same screenshot of Jack.
For Oops it shows an alert and we can block it.

But for AWFT, i done tests so much time... and it only does 5/10, no more.

regards,

Guillaume/gkweb.

Hey gkweb

Thanks that’s a start; could you verify that Internet Explorer is Default browser and that Internet Explorer was not running at the time of the TooLeaky tests?

IE is not my default browser but this doesn't matter because tooleaky launch directly C:\program files\internet explorer\iexplore.exe
(i can see it in taskmanager)

After, i tested with IE launched and IE closed, and in both case Tooleaky failed, so outpost passes tooleaky.

regards,

Guillaume/gkweb.

P.S : got to go to bed now, cya ;)

Thanks, your detailed informatics is very necessary under these conditions.

However I’m not surprised that with or without Internet Explorer running TooLeaky fails, however I’m interested in knowing if Opera being configured as Default browser and tested when running and not to see if Outpost will pass…

Question; does the newest Outpost contain DLL Module Filtering now or not?

Don't know if they call it filtering or what the technical name for it is but there are three options to choose from for monitoring dll changes, off, normal and high.

DLL Module filtering…

Those 3 settings are probably relating too;

#1. Application DLL Module filtering
#2. System DLL Module filtering
#3. System & Application DLL Module filtering

I could be very mistaking however… :P

I'm using Mcafee Personal firewall 4.5 and I failed almost every single test on that page. I failed leak, pc audit and everything else.

Does anyone know what to do? how do I configure this thing, the settings are on tight.

Should I just trash it and get outpost?

I failed Outbound too.

-{ Quote: " quoting: Phant0m`` link=board=23;threadid=10013;start=15#msg65549 date=1055116232]


Jack, is Internet Explorer you Default browser and was that currently running or not?
Or is Opera your Default browser and was that currently running or not?

" }-

Hello Phantom,

My default browser is an exotic one which has NO access to the W3 : it is as Explorer and some other applications among the blocked applications ;)

For test purposes, I change for IE and then Opera as default browser and open them before performing the tests.
I also ran the test with closed browsers

Regards,

JacK

WinXp Pro SP1 always up to date

-{ Quote: " quoting: root link=board=23;threadid=10013;start=15#msg65551 date=1055117264]
Yes, there are a lot of variables. There is also the knowledge of getting the most out of your firewall.
I know David, has been able to pass all firewall leak tests with Outpost 2, with the exception of Thermite. Oops will pass if the component level is set to high. Others have posted similar results in a thread at the Outpost forum.
I think people need to understand that using some one elses evaluation of the ability to pass such things as leak tests is not necessarilly going to reflect the same results they may get on their machine. I got turned off on leak tests long ago when I found out that the premise was, "if you do this and don't do that, and download this program, install it and run it, and you have a certain browser open, your firewall will fail"
Just another situation that shows the first line of defense is the brain. If you use it, you have a good chance of being safe. ;D
As usual, just my 2 cents worth. Take it or leave it.
" }-

Hi root,

Seems that OP v2 is not able to pass AWFT #1 :

From the beta test system :
2215 29/04/03 15:18:05 High Outpost 2.0.190.* 30/04/03 16:29:06 Failed test 1 AtelierWeb Firewall Tester assigned

Rgds,

Hi,

OP2 passes Tooleaky.
How? Guys, just take a look at the logs! ;)

Tooleaky starts a _hidden_ instance of IE to connect to a website. OP2 does not more than detect, that there is a _hidden_ browser window, and blocks its internet access. At least this is what the OP2 log is saying... :)
(This might only work, if IE is not a 'trusted' app - but why should we put it to trusted apps, when we can easily use a predefined IE-rule for it?)


-{ Quote: "Configured to paranoiac detection mode with Internet Explorer as a trusted application, global system DNS disabled and DNS allowed only for application [...] For Oops it shows an alert and we can block it." }-

Perhaps you missed the point of 'Oops': it works only under WinNT/2000/XP, because only in these OS the DNS queries are _normally_ not carried out by the apps themselves, but by 'svchost.exe' (DNS-client service.) That's why it is impossible to create DNS rule for specific apps (unless you disable 'DNS-client service', which is a good way to pass Oops, btw - but this not the achievement of your firewall...)!
Read this: http://www.hackbusters.net/oops.html


@Jack (or anyone else with SSM):
Do you have WinXP? If yes, could you please download the newest version of 'copycat' and try it out? I just want to know, if something is wrong with my PC or with SSM... ;)

someone point out to me this fact : it's because my DNS client services is disabled that OUtpost passes Oops (i didn't do it on purpose, but for optimization).
Knowing that, in normal condition with the service enabled, Outpost doesn't passes Oops.

And about AWFT, i don't know how people find 9/10 or 10/10, i done the tests a lot of time, explorer.exe not trusted, and i have only 5/10.

regards,

Guillaume/gkweb.

-{ Quote: " quoting: _anvil link=board=23;threadid=10013;start=30#msg65607 date=1055154145]
Hi,

Perhaps you missed the point of 'Oops': it works only under WinNT/2000/XP, because only in these OS the DNS queries are _normally_ not carried out by the apps themselves, but by 'svchost.exe' (DNS-client service.) That's why it is impossible to create DNS rule for specific apps (unless you disable 'DNS-client service', which is a good way to pass Oops, btw - but this not the achievement of your firewall...)!
Read this: http://www.hackbusters.net/oops.html


@Jack (or anyone else with SSM):
Do you have WinXP? If yes, could you please download the newest version of 'copycat' and try it out? I just want to know, if something is wrong with my PC or with SSM... ;)
" }-

Hullo,

Yes, no problem with SSM with copycat current v.
NB : Are you sure running the correct v of mchooknt.dll ?
I don't know whether on Max'site the modified dll comes with the distribution. I included in the mirror when Max modified it.

As for Oops, just untick the system rule for DNS in OP v2 and set a rule for each app.

You may also do the same for the loopback rule : untick in System rule and add a rule only for apps needing it like IE or OE for instance.

Rgds,

Hey gkweb

You see why I said what I said?

And do you see why it’s important to be detailed as possible when saying this passes this and that… ;)

-{ Quote: " quoting: JacK link=board=23;threadid=10013;start=30#msg65610 date=1055157457]
-{ Quote: " quoting: _anvil link=board=23;threadid=10013;start=30#msg65607 date=1055154145]
Hi,

Perhaps you missed the point of 'Oops': it works only under WinNT/2000/XP, because only in these OS the DNS queries are _normally_ not carried out by the apps themselves, but by 'svchost.exe' (DNS-client service.) That's why it is impossible to create DNS rule for specific apps (unless you disable 'DNS-client service', which is a good way to pass Oops, btw - but this not the achievement of your firewall...)!
Read this: http://www.hackbusters.net/oops.html


@Jack (or anyone else with SSM):
Do you have WinXP? If yes, could you please download the newest version of 'copycat' and try it out? I just want to know, if something is wrong with my PC or with SSM... ;)
" }-

Hullo,

Yes, no problem with SSM with copycat current v.
WinXP Pro SP1
NB : Are you sure running the correct v of mchooknt.dll ?
I don't know whether on Max'site the modified dll comes with the distribution. I included it in the mirror when Max modified it.

As for Oops, just untick the system rule for DNS in OP v2 and set a rule for each app.

You may also do the same for the loopback rule : untick in System rule and add a rule only for apps needing it like IE or OE for instance.

Rgds,
" }-

yea i understand ;)
good job phantom, it's only in this way that we can have the right results ^^

And Jack, i'm sorry, but i already done that you say, i unchecked DNS for the system, and create rules for just IE for instance, but, this works only when DNS client service is disabled, as soon as i start it, Oops go trought Outpost, that is the purpose that want to show Oops.

But don't worry, outpost 2 is still a beta ? so may be they will correct it.

-------
@Guest MAIN

results on the website will help you to find a good firewall, just wait a little to see more results (it takes times to have right one...).
--------

regards,

Guillaume/gkweb.

P.S : if someone can take a look to the poll POLL (http://jugesoftware.free.fr/phpBB-2.0.4/phpBB2/viewtopic.php?t=28) i can't post here it's about the website, and i don't want to be charge of using this forum as my forum nor doing cross post ;D

Hey Jack

You said Outpost passes Oops but I did not see anyone post saying only with user’s intervention, kind of makes this irrelevant. Yes so you say Outpost passes, with user intervention and this need to be told in details how so…

Each person when posting stating this and that passes this and that, they really should provide Details like Operating System they using and what’s currently running in the background and other details like whether or not they using Internet Explorer as Default browser or Opera or other-than, whether or not Internet Explorer or _?_ was running or not when these tests were performed…


And if user intervention was required to make this or that pass Leaktests it should be included in ppl’s posts explaining how so, otherwise everyone’s post stating this or that passes this or that is irrelevant…

@Jack

OP2:
Is the 'DNS client' service running on your PC? As said above: your way of passing Oops doesn't work, if this service is running (which is WinXP default. ::) )

Copycat & SSM:
I am sure I have the most recent version of the hooking-dll (tried both the current SSM version _and_ the dll, Max posted in the thread about GOD2.) Furthermore, someone in another forum confirmed that SSM doesn't block current 'Copycat' (54 kB.)
Does SSM really alert you with this 'NT_Open_Thread'-popup in your tests, which it did with older Copycat versions? Or does it only block the start of Copycat (which, of course, is not the way to pass the test.)

Thanks for the info, i will add the last version of copycat (mine = 52.5Ko, lastest = 53.5Ko on my comp)

:)

And about GOD2, is it a leaktest too? can i have a link pls ?

regards,

Guillaume/gkweb.

G'day Guillaume/gkweb :).
You can read some info on GOD2 in this thread:

http://www.wilderssecurity.com/showthread.php?t=9276;start=30

Start reading from where _anvil comes in.

Hope that helps mate ;). Jade.

thanks, very interesting, but it appears to be a trojan, not a leaktest, and it seems to hijack process like thermite does, so should i add it to the website ? (regardless the fact that i didn't find the link...).
If it doing it in a way that other leaktest don't use, i should add it, but if not, i'll only add it if it's a leaktest, i don't want people to trojan themself ;)

regards,

Guillaume/gkweb (as you want ^^).

Imho you shouln't use GOD2 for your website:
1) it is no leaktest,
2) though its methods to inject code or dll's in other processes might slightly differ from the leaktests (I don't know, if so), there is after all no big difference.
FWs with component control should be able to detect the new dlls, while other FWs will have their problems. Nothing really 'new.' :)

Glad you replied _anvil. I didn't know how to explain it!
I definately wouldn't put it on your website Guillaume - it certainly is no leaktest ;D ;D.

Regards, Jade.

thanks for your opinion ;)


Other thing, i'm forced to post here because i have no reply for now on my forum : is there someone interested for i add a second board to show results against leaktest with default settings ? it could be interesting to see which degree of protection could have an average user ?
(as you can see, it's a bit difficult sometimes to find highest settings ;) )

regards,

Guillaume.

-{ Quote: " quoting: _anvil link=board=23;threadid=10013;start=30#msg65619 date=1055160073]
@Jack

OP2:
Is the 'DNS client' service running on your PC? As said above: your way of passing Oops doesn't work, if this service is running (which is WinXP default. ::) )

Copycat & SSM:
I am sure I have the most recent version of the hooking-dll (tried both the current SSM version _and_ the dll, Max posted in the thread about GOD2.) Furthermore, someone in another forum confirmed that SSM doesn't block current 'Copycat' (54 kB.)
Does SSM really alert you with this 'NT_Open_Thread'-popup in your tests, which it did with older Copycat versions? Or does it only block the start of Copycat (which, of course, is not the way to pass the test.)
" }-

Hi,

I get 2 warnings, the first allows Explore.exe will run copycat etc... If allowed, I get the second : copycat want to gain control on a thread in Opera.exe which I block.

I don't run DNS client : no need for me. IF I run it no alert from OP v2.
If I don't run it but standard DNS system rule : leak otherwise as described, no leak.

Rgds,

> gkweb
You've got a nice page! I've been looking for some kind of "collection" of all known leaktests for a long time. It seems, that now I'm lucky to know, where this collection is :)

> _anvil
Thanks for heads up! There really was a bug. It is now fixed (I hope finally). You can get a hotfix at:
http://mc.webm.ru/mchooknt.dll

@RabbitOnTheMoon

Yes, it works now (again ;) ). Good job!

But still I'm interested, what you have changed in the recent Copycat- Versions. Obviously not only 'cosmetic' changes...
(btw: a positive side-effect of the new version is, that it isn't detected by AV scanners, yet - unlike the former version, which surely scared people away... ::) )

thanks you RabbitOnTheMoon :)

So if i understand correctly, you are the author of SSM and CopyCat ?

Me too i have the same question than _anvil, the last version is 1Ko greater, what is changed? ^^


And after, for everyone : Tiny Personal Firewall 4.5 has 0/10 on AWFT ??? is it possible ? i think my results are good but i want to check before showing such results on the website ;)

regards,

gkweb.

>gkweb
Yes, I am ;)

>_anvil
You are right. I disagree with Kaspersky and other AV's, which are treating copycat as a virus "Exploit.W32.Copycat". Actually it is not a virus nor exploit. So I have changed some instructions, which are totally harmless ("Move(g^, InjectInfo.URL[1], 64);") and in fact may present in peaceful programs (!). By now it was not detected by KAV :)
Regarding bug in SSM I can only say, that it have nothing to do with this cosmetic modification. It was rather more serious (SSM improperly handled arguments, passed to "NtOpenThread" function, which in it's turn, prevented it from determening the process which was about to be accessed)

happy to meet you ^^

just for information (in case i am in wrong) : is copycat doing process injection like thermite does ?

regards,

gkweb.

Appears todo Code injection but not through a DLL Injection but through the Application itself…

Quite right.
Thermite does a code injection via creating an additional thread within the target process. In general, you can notice (in task manager), that a thread count in this process has changed (increased by 1).
Copycat does the same without thread creation. It "hypnotizes" ("hijacks") existent thread asking it to do something (d/l specified file), so you just can't know if the thread was hijacked or not and thereby no firewall should notice anything wrong, unless it checks and asks you about each and every URL you are surfing.

It's easy to just prevent an applications from using the involved functions without checking the fact the application connects, but this is not the way a firewall should work. ;)

hmmm.... i see... thermite and copycat seems to be the best clever leaktest and the more difficult to block for firewall.

The difference between thermite and copycat is interesting too, but at least Look'n'Stop last version and last driver blocks Thermite, but copycat seems to not be blocked by all existings personal firewall, great job ;)

I'm very waiting for the first firewall that will block both Thermite and Copycat ;D

regards,

Guillaume.

Copycat is the extremely unique and cleverest, that’s my opinion…

Also just little note; Look ‘n’ Stop last 2 or so drivers contained thermite support. ;)

yea i know, i have last driver 8)

;)

regards,

Guillaume.

Hi

I did heard that black ice was not really a firewall because it doesn't detect trojan by network activity but by "fingerprint" like antivirus software does, so it should be able to defeat leaktest not by fighting them at network layer, but by identifying them directly...
I couldn't find anythone with to check this point, and to add results on the site !

Anyone with information about it ???

thanks.

gkweb.

A Software Firewall can be just Application with Packet filtering…

Application Filtering Layers in Software Firewalls which uses MD5 Checksum or something other-than is very well considered true Software Firewall… I believe what you possibly in reference too is IDS, Additional Layer to Software Firewalls. Sygate Personal Firewall uses IDS as an additional Layer to the currents (… Application Filtering Layer). ;)

I'm refering to the story about black ice that added detection of "steve gibson leaktest executable" instead of improve really there firewall...

Besides that, it seems to be hard to find someone using it :'(

regards,

gkweb.

P.S : you are not sleeping?? what time is it where you live ?

Now some people probably wouldn’t agree here but I don’t prefer IDS because it’s little too sensitivities, in other means buggy… It’s useful Feature to identify some “malicious” activity but like an Anti-Trojan System, it can become outdated very quickly if not maintained…

I rarely sleep bro… ;D

i see ;D

you too by mistakes you created a rule that block sleeping ? i think Look'n'Stop is too much powerfull... ;D

LOL

that i said is true : Black Ice is not a regular firewall with rules filtering and application filtering.

In fact, at setup BI scans all the comp to find all executable and to list them, by default they are all authorized, and all new application are foreign so blocked...
His policy is to list executable on the system, not to react to something on the network layer really...
So, if you have a folder with your leaktest, there are authorized...

Regarding this, and regarding the fact that the product isn't available in trial or in free version, this product being for enterprise only, i will remove it from the website which is talking about _personal_ firewall, not professional.

Hmm... 04h48 (morning) may be i should sleep a little, no ? ;)

regards,

gkweb.

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=60#msg65881 date=1055300061]Hmm... 04h48 (morning) may be i should sleep a little, no ? ;) " }-

Um, no! Who needs sleep anyways! ;)

I'd like to see how your testing intersects with sandbox technology. (Very similar to how BlackICE handles authentication of executables, so, too, do most sandboxes - at installation time, whatever is on the system is assumed to be secure - it warns you of new items though, from that point forward.)

Now, your post regarding Tiny Personal Firewall (here (http://www.wilderssecurity.com/showthread.php?t=10013;start=msg65672#msg65672)) is a little hard to believe. Tiny is an incredibly powerful application, though it is very complex, with a huge learning curve as far as configuration goes. 0/10 makes no sense to me. There must be more to it than that.

The most powerful tool on my system, by far and away is Tiny Trojan Trap, (which I use instead of TPF, because I use ZA+ as my firewall), the key component in the Tiny Personal Firewall.

After sleeping, i feel better now :)

About Tiny Personal Firewall, it surprise me too, but for now it is the most leaked firewall that i tested (failed famous Gibson LeakTest).
May be i'm in wrong, but the only leaktest that i was able to pass is Yalta.
Of course, i would really appreciate other results, so for whose who wants to test and give me there results :

http://www.tinysoftware.com/home/tiny2?s=2564890715093043147A1&la=EN&va=&pg=solo_download

I tried to setting it at best, may be i failed this which could explain this bad results.

regards,

gkweb.

A new results page is available with more detailed results, hope you will like it.

regards,

gkweb.

Looks nice. :)

But I just noticed, that according to your result page, Kerio 2.1.5 fails 'classical Yalta' (Win2000/XP) even with highest settings... :o
This is surely a little mistake, Kerio has no probs with Yalta. ;)

i remember that it was on dest IP "MyProviderDNS" and port "53"
where kerio didn't warn me.
I will do test again to check.

Besides that, happy you like it ;)

regards,

gkweb.

For “Default Settings” I noticed Look'n'Stop 2.04 is listed as “2/10” for AWFT results, I debate that specific reading, 2ndly I’m assuming you in reference to the Installation’s Default Application Filtering Layer driver and not the most recent release. I don’t see how Driver updating corresponds with settings levels, what I’m saying is there is no settings involved here, by default of updating the Driver no additional modifications to Look ‘n’ Stop’s Default settings it passes with flying colors.

Also on the main page I find myself not seeing the Menu entirely, much less seeing any type of existence of a lengthy menu beyond my screen size, using Internet Explorer v6 to view your web-site…

-{ Quote: "For “Default Settings” I noticed Look'n'Stop 2.04 is listed as “2/10” for AWFT results, I debate that specific reading, 2ndly I’m assuming you in reference to the Installation’s Default Application Filtering Layer driver and not the most recent release. I don’t see how Driver updating corresponds with settings levels, what I’m saying is there is no settings involved here, by default of updating the Driver no additional modifications to Look ‘n’ Stop’s Default settings it passes with flying colors.
" }-

I already think to this, but default settings corresponding to average user, and i don't think that average user will try to do much that just download official 2.04, this is why i write 2.04 in default settings, and 2.04p2 in Highest settings.
However, you are true that 2.04p2 whitout any modification to settings (default settings) will pass successfully AWFT and thermite, so i need more point of view here, because of course i would prefer to write results of 2.04p2 version, but i want to be fair and right on my results, so i need more point of view ;)

If most of people is thinking that "default settings" is already default settings even with go to forum, download last version, download last driver, then i will correct this.

I understand what you are saying, and i took a lot of time before choose, not easy i think.

Anyone else have idea?

About the main page, it was written for 1024x768 res, i know that not everyone has this resolution... may be should i rewrite it for 800x600.

regards,

gkweb.

-{ Quote: "i remember that it was on dest IP "MyProviderDNS" and port "53" where kerio didn't warn me." }-

That can only happen, if you use the default settings, because the default "allow DNS rule" applies to 'any application' (including Yalta...)

This glitch in Kerios default config has recently been reported as a security hole on major bug sites... although Kerio (as well as its default rules) is years old... ??? ;D

oh i see...

just to see it myself i will do the test ;D

And about look'n'stop, what is your point of view regarding default settings? should update be seen as not default settings ?

regards,

gkweb.

Gkweb

Is your site not based on accuracy much as possible? I don’t see how Component Updating corresponds with Settings levels… Maybe you should make another chart in Reference to “Default Components” “Updated Components”, and I’m not only in Reference to Look ‘n’ Stop but all the Software Firewalls…

lol, you are right phantom :)

i will change in a few minute this little mistake ;)

regards,

gkweb.

:)

I have another pb (help me Phant0m!!) i do receive so many different results about the same leaktest, i will become mad :o

I think i will add a third icon on the results page which will mean "too much different results for now, pls wait" ! in addition of the "?" which is not an icon and which means "no result yet".

What do you think about it ?

regards,

gkweb.

P.S : @Jack, someone said me 10/10 for Outpost : AWFT, so : 5/10? 9/10? 10/10 ???

Hey gkweb

The problem is that people are testing it under different circumstances; I wouldn’t go with that idea of yours it may be quite confusing. Best thing would be to get the results by yourself then you know what’s what, and if you don’t think you are suitable then find ones who are…

For Look ‘n’ Stop test results currently seems legit, however as for the other Software Firewalls I’m not sure…

For i can do all test myself i lack of two things :

first : need default web browser (can't define it on my comp by normal way... which prevent FireHole to launch)

second : buy AWFT

I will thinking about the second, but about the first no one never could help me (all standard way doesn't work).

This two things solved, i will be able to do all test myself...

regards,

gkweb.

For some unknown reason i can run AWFT all day long and the Number of executions left is always 10, an i'm not registered user either...

Hi Phant0m,

-{ Quote: " quoting: Phant0m`` link=board=23;threadid=10013;start=60#msg66150 date=1055423711]
For “Default Settings” I noticed Look'n'Stop 2.04 is listed as “2/10” for AWFT results, I debate that specific reading, 2ndly I’m assuming you in reference to the Installation’s Default Application Filtering Layer driver and not the most recent release. I don’t see how Driver updating corresponds with settings levels, what I’m saying is there is no settings involved here, by default of updating the Driver no additional modifications to Look ‘n’ Stop’s Default settings it passes with flying colors.
" }-

I think the idea behind "default settings" is just to test the firewall, as is, just after the user has installed it, just after having downloaded it from the official current location.
I think it's a good idea, because many users will use the Firewalls this way. I agree with gkweb that the current patch for Look 'n' Stop is not included in the standard version and even not available directly from our site, so not very easy to know and to install for most of the users.

So, no problem for me to wait for the version 2.05 of Look 'n' Stop to have a better score for the "default setting" case.

Perhaps the wording "default settings" needs to be changed in something like "out of the box".

Regards,

Frederic.

this time, i'm agree with Frederics... i'm feeling like a ball on ping-pong table ;D

Indeed, the term "out of the boxe" is better than "default settings" and this is that i really wanted to say with hard to explain it.

All firewall will have the same criteria, so it's not so bad for those who disagree, and is better i think regarding results, it's more realistic.

Thanks for your opinion Frederics.

I think to apply definitly this idea, with "out of the box" instead of "default settings". In addition, it is easier to test out of the box firewall than firewall unchanged settings but + update.

right ?

regards,

gkweb.

Hey Frederic

Yea I know the idea behind it; just it wasn’t designed fully upon Informational Accuracy, as I explained why so…

Whatever you label it, anything is better then “Default Settings”…

Regards,

Please... I need more results from Win 9x/Millenium...

if we can help me, thanks.

regards,

gkweb.

P.S : i tested ZA 4 and it has same results than 3.5

Hi gkweb. There is something here that is starting to bother me.
When professional testing of products is done, all products are tested on the same machine setup by people qualified to use the products being tested and all testing is done under the same conditions.
You seem to be gathering information from people from all over the web and these people are going to be biased towards their product of choice.
I think it is very important for you to stress on your site the fact that this is not an evaluation of products based on acceptable, standard testing methods. The results individuals get is going to be determined by many factors on their own machines and they should know this.
It would not be fair to any product for someone to go to your site, look at the results and see results that state xyz program fails 4 out of 9 leak tests.
What you are doing is fine and may provide some useful information to people visiting your site, but they need to know under what conditions your test results have been obtained.
I hope you understand my concern here and do not take this as criticising your work, but as a suggestion to give people adequate information with which they can make informed decisions.

I'm not sure to fully understand that you want to say, but if it is that you are afraid that i read results on my mail box and then i put it on the site without testing it myself or by trusted friends, i don't work like this, it's wrong. I do myself test under same comp, same condition, one firewall installed each time alone, out of the bow results are easy, highest settings takes me more time.

If it's about how to do leaktest, it's fully explain on the results page.

In addition, i don't think that "Win 2000/XP" + "highest settings" + "text at bottom about how to do leaktest" could have a lot different factors, this is why results are split, this is why there is an "out of the box" results.

At the end, i can't point out what is wrong, i takes many hours to find right results, and you say me that they are wrong, not reliable, badly tested or anything else whereas from start, the website was built regarding strong and good results.
If you are complaining because teh website can't really define the best firewall because it's only take care of outbound filtering, you are right and this is what i say on the welcome page...
In addition people can test itself his firewall with leaktests downloadable and can discuss about there results on the forum!

You don't like some results? you thinks they are wrong? ok, send me an email with you OS, firewall settings, all that can lead me to do it myself too (i only works like this by mail) and if it's indeed wrong i will correct it.

If finally i'm wrong and it's because you think that i can't do professional work, no need to add more.

gkweb.

P.S : i edited my post to remove the most flamming part...

Hey gkweb

Easy bro, root was only sharing his opinion that Software Firewall Outbound Leak-testing should be done on one specific Machine and/or by those who are qualified to-do these tests then relying on majority of people’s results sent to you via Board & E-mails…

Regards,

So, i supposed not to be qualified for ?

All required "professional" parameters are together, so again, i can't see what is wrong.
(the specific machine is mine...)

And sorry but, it would be a joke if a firewall can only be good on a specific machine and failed on all standard machine lol, it would have Score of 0.

There is a contradiction also, "whose who are" (supposed) "qualified for" are firewall vendors right ? and do you really think that results from firewall vendors are reliable ? if it would be true, all firewall would pass all leaktest.

=> there is NO tests that i didn't do myself, is it better speaked like that ?
(i bought AWFT...)

regards,

gkweb.

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=90#msg66740 date=1055607533]
So, i supposed not to be qualified for ?

All required "professional" parameters are together, so again, i can't see what is wrong.
(the specific machine is mine...)

And sorry but, it would be a joke if a firewall can only be good on a specific machine and failed on all standard machine lol, it would have Score of 0.

There is a contradiction also, "whose who are" (supposed) "qualified for" are firewall vendors right ? and do you really think that results from firewall vendors are reliable ? if it would be true, all firewall would pass all leaktest.

=> there is NO tests that i didn't do myself, is it better speaked like that ?
(i bought AWFT...)

regards,

gkweb.
" }-

Hello,

Take it easy 8) Nobody is criticizing you work or ability and your site is usefull.

As you see how AV/AT tests are discussed (and the serious one do have a strong protocol) it would be nice to give the basic data about your config, provider, connection, etc...

Just take in consideration there are a lot of config : for instance some use pagers , servers, etc... ; some providers needs a kind of keep alive,(some give already a stealth result by filtering on their servers or filter some ports (In and/or Out) like 139, 80, 25, etc... ),
some users run DHCP, etc...

It would be wise to perform all the tests by yourself, on all the OSs on your own PC. Other users might have different results with the same settings with another provider for instance.

I remember, one or two years ago a discussion ( maybe with Phantom ?) about a leaktest on a FW : He passes with flying colours and I failed with the same settings : in fact after consulting his ISP it was filtered by the provider.

Rgds,

ok well, i understand, i will write my spec on the site, meanwhile :

Windows XP PRO + SP1 + all last update
Network Card 3Com 3C905C-TX (100Mbps LAN)
Internet Explorer 6
|
Gateway Linux
ADSL 512/128 Wanadoo (france)
Alcatel Speedtouch USB Modem
|
Internet

regards,

gkweb.

You must be in Reference to the discussions on Becky’s Look ‘n’ Stop Forum the other year… People was encountering anomaly where they would Leak using my rule-set when being Scanned or Flooded using TCP Flag packets, of course I stated that my rule-set is using specific method used to provide Maximum Security level that the Software Firewall could offer. So Frederic and I spent time over E-mail and ICQ working out a solution within 4days period he released another Look ‘n’ Stop version which supported TCP Flag Controls that I could work with in my rule-set.

Throughout the period I mentioned Invalid TCP Flag combinations would be filtered by my ISP which would stealth me against these, other users leaked when doing such tests. Whether I used Extra rules like “TCP: NULL, FIN, XMAS..” didn’t make any difference…

Btw; I never needed to consult my ISP about anything, they don’t know the difference between TCP and UDP Protocols… ;)


-{ Quote: " quoting: JacK link=board=23;threadid=10013;start=90#msg66787 date=1055616813]
-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=90#msg66740 date=1055607533]
So, i supposed not to be qualified for ?

All required "professional" parameters are together, so again, i can't see what is wrong.
(the specific machine is mine...)

And sorry but, it would be a joke if a firewall can only be good on a specific machine and failed on all standard machine lol, it would have Score of 0.

There is a contradiction also, "whose who are" (supposed) "qualified for" are firewall vendors right ? and do you really think that results from firewall vendors are reliable ? if it would be true, all firewall would pass all leaktest.

=> there is NO tests that i didn't do myself, is it better speaked like that ?
(i bought AWFT...)

regards,

gkweb.
" }-

Hello,

Take it easy 8) Nobody is criticizing you work or ability and your site is usefull.

As you see how AV/AT tests are discussed (and the serious one do have a strong protocol) it would be nice to give the basic data about your config, provider, connection, etc...

Just take in consideration there are a lot of config : for instance some use pagers , servers, etc... ; some providers needs a kind of keep alive,(some give already a stealth result by filtering on their servers or filter some ports (In and/or Out) like 139, 80, 25, etc... ),
some users run DHCP, etc...

It would be wise to perform all the tests by yourself, on all the OSs on your own PC. Other users might have different results with the same settings with another provider for instance.

I remember, one or two years ago a discussion ( maybe with Phantom ?) about a leaktest on a FW : He passes with flying colours and I failed with the same settings : in fact after consulting his ISP it was filtered by the provider.

Rgds,
" }-

Adding System Informatics may throw people off, possibly give the wrong idea that there needs to be special conditions order for Application Filtering Layer to function properly... And I don’t believe gkweb favours special conditions in order for Application Filtering Layer to function properly…

Whether you use

AMD
128MB of RAM
Internet Explorer

OR

Pentium
320MB of Ram
Opera

And specific Services Enabled or not and what’s currently running in the Background, Software Firewalls Application Filtering Layer should be fully securing.

I don’t see anything wrong with what gkweb is already doing, he asks for public results and then he verifies it himself on his local Machine. Preferably his Machine with no major modifications from the Default Win state, like no Service tweaking…

Thanks to gkweb I’ve been reading “special” conditions where Software Firewall’s Application Filtering Layer may not be passing the tests, and if I have anything to-do with this I would like to keep this on the roll…

Now I verified the results for Look ‘n’ Stop v2.04p2 are legit under Windows 2K/XP, however gkweb awhile back under certain condition Look ‘n’ Stop would fail TooLeaky when Opera browser is configured as your Default browser…

I’m not sure whether or not Look ‘n’ Stop’s Application Filtering Layer is still defective in this area, could you test under Win9x& Win2k/XP using Opera as your Default browser whether or not this still applies? ;)

LOL we might need another chart for “certain conditions” where Application Filtering Layer fails… :D

-{ Quote: " quoting: gkweb link=board=23;threadid=10013;start=90#msg66802 date=1055620063]
ok well, i understand, i will write my spec on the site, meanwhile :

Windows XP PRO + SP1 + all last update
Network Card 3Com 3C905C-TX (100Mbps LAN)
Internet Explorer 6
|
Gateway Linux
ADSL 512/128 Wanadoo (france)
Alcatel Speedtouch USB Modem
|
Internet

regards,

gkweb.


" }-

Hi gkweb,

Just for my information :
You are running a Linux machine as gateway.
Why don't you use iptable and/or Freesco ?

Rgds,

@Jack
i do use it... but it can't provide me software filtering.

I have on it firewall (iptables), IDS (snort), proxy (squid), a good statistical tool (ntop), but all of that can't prevent trojan/spyware which phoning home from my own computer, i need local outbound filtering.

@Phant0m

phant0m said:
-{ Quote: "
Whether you use

AMD
128MB of RAM
Internet Explorer

OR

Pentium
320MB of Ram
Opera

And specific Services Enabled or not and what’s currently running in the Background, Software Firewalls Application Filtering Layer should be fully securing.
" }-

This is what i said when i said this :

gkweb said:
-{ Quote: "
And sorry but, it would be a joke if a firewall can only be good on a specific machine and failed on all standard machine lol, it would have Score of 0.
" }-

but it seems that few people wanted to know my specs, so at least it is written here ;)
maybe someone was afraid that i do my test on Win 95 with Winsock v1.0 ;D

and about Opera, if me i write a new program which when it is started makes failed few firewall on few leaktests, is the cause is my program or firewall? what must be improved/fixed, my code or firewall?? good thinking, don't forgot to sleep ;)

phant0m said:
-{ Quote: "
LOL we might need another chart for “certain conditions” where Application Filtering Layer fails… :D
" }-
you forget chart by provider, by modem brand ^^


regards,

gkweb.

I suggest you learn how to use Tiny 4.5 before you post test results. I use it along with Kerio and none of those exploits were successful. If you cinfigure tinys' sandbox properly they won't be able to run.

You must not comprehend the concept behind this; this is tests to see whether or not Software Firewall’s “Application Filtering” Layer’s Passes or Fails these Leak-tests and to see whether or not Sandbox like Software Passes or Fails these Leak-tests.

If I was going to use anything with Sandbox like capabilities I would be using SMC and not Tiny… ;)

Well I guess I don't need to comprehend what is being attempted since I have no problems preventing these exploits.

@GA

I am not very familiar with Tiny4.5. ::)

Can you please (try to) explain, _how_ it stops all these leaktests? Are there warnings, that the leaktests are doing something unwanted/dangerous? Or does it just preent them from being started? Or something completely different...? :)

You seems not to have understand the purpose of the website, if you are thinking that results are wrong, the way is to send me by mail your results, with all settings and steps, for i am able to do it myself too... and not to say me to learn how to setting it and nothing more.

But as it seems to make surprised more that only me, post your settings here, i will try your advices.

regards,

gkweb.

Has somebody tried Abtrusion Protector (http://www.abtrusion.com/) for leaktests and outbound protection. If I get a positive response I might try it behind my hardware firewall.
Bob

i will give it a try, and if it's a personal firewall i will test it, thanks for the link ;)

regards,

gkweb.

-{ Quote: " quoting: Bob link=board=23;threadid=10013;start=90#msg67588 date=1055884872]
Has somebody tried Abtrusion Protector (http://www.abtrusion.com/) for leaktests and outbound protection. If I get a positive response I might try it behind my hardware firewall.
Bob
" }-
Hello,

Yes, I do a few months ago and it passed the existing leaktests even PC Audit (I did not tried on Thermit and AWFT which did existed)
A bit tricky to install and you must configure the Free v to have the same settings as the default one with the shareware v.
See some threads about it on some forums here.

Rgds,

It's like SSM :)

it's not a personal firewall so i will not add it, but as SSM it's a kind of product that is a must to have.

regards,

gkweb.

Does anyone here know the difference between Application Filtering that’s provided in many Software Firewalls and Application Control provided in Sandbox like Featured Applications?

How is Application Control provided in Sandbox like Featured Applications relevant to Outbound Leak-tests which tests Application Filtering Layer in Software Firewalls?

Gkweb on your Outbound Leak-test site is it going to include now Sandbox like Featured Applications such as (… SSM, Tiny4.5, Abtrusion Protector)?

absolutly not !

And about tiny 4.5, the only thing tested on the site is his software filtering.

SSM and other will not be covered on the website, i just advise to use it to cover firewall leaks.

don't worry ;)

regards,

gkweb.

:)

:Dwow say hello to the new newb on the block impressive must be low water prodigy

sorry i don't understand that!

(i'm french ;) )

what does it mean ?

LOL

< removed > (by myself)

i was just wondering me if remove tiny from results chart wouldn't be better because of confusing between sandboxe capabilities and software filtering layer.

regards,

gkweb.

HI gkweb,

IMO, I think you should remove Tiny from the list or perhaps have a "note" link explaining the limitation of the test. I fully understand that you were wanting to test the firewall components and in that regard Tiny failed but Tiny realizes the limitation of taking a PF only approach and so has integrated their sandbox which (presumeably) would allow their firewall to pass the test.

Dan

i think i will give up...

if you go on other forum (like broadband) you will knwo why.

Hey gkweb!

Bro, don’t let people get to you…
And don’t give up on anything because of what others says or perhaps thinks…

People just don’t fully understand… >:(

Dear gkweb why on gods earth with one of such potential like yourself give up?

I Have been to your website and it is very good.

It is one of the best i have seen of its kind in my humble opinion.

Also the fact that you are not affiliated with any fire wall company makes your web site have more credibility then most all others.

I and i feel many others have been enjoying many of your posts and clean cut and clear information and feed back.

As i am not aloud to talk ill of any one or other Bord's i cant explain openly publicly why you should listen to those people that would have you feel so bad that you would give up.

So i will pm you privately and tell you of my personal experience with such foes and why not to take it so bad.

I second OpenSource,

you are doing a great job. Sure nothing is perfect but you are open to suggestions has you told many times.

So don't let people think what you try to do has no sens. It has for sure.

Not only it show a good view of actual firewall but with open discussion here for example, it may improve how to use it. I thing nothing is ok right of the box but discussion we may have about that can make the difference by providing How-To's configure these firewall.

Regards,
Sisko

Hi gkweb,

Don't let them get you down. Even if your site isn't perfect, you're doing a great job. But it's hard to please everyone.
I have learned a lot just from reading this thread and I think I'm not the only one.

Keep it up,

Pieter

Thanks for your support... i really appreciate it.

the site is again up, but i will stay on this forum, instead of make advertise everywhere and to be attacked for unknown reason.
Anyone can give his opinon, anyone can not agree with me, np, but attack me like that :o
Sorry for this reaction, but it was too much for me!

I hope i'll have always interesting thread at wildersecurity forum ;)

regards,

gkweb.

Don't worry about that gkweb that type of attacking is not permitted at this bord thx to Paul and the admins and great moderators.

There may be allot of company's here but none can attack you .

This bord is Flame free.

When you do get difference of opinion it's usually in a tasteful manner paul and the guys always root out the best members for this bord.

Consider it a huge coffee filter only the best elements get threw the screening.

There for making the bord the best experience for all.

Hi gkweb :)

I really appreciate having a person of your caliber posting your thoughts and ideas on this board.
Thanks, and please keep it up. Like has been said, we're learning alot.

Sincerely,
Douglas

As well as i.

I notice Look'n'Stop did very well.

I'm guessing it is no coincidence that paul has them here.

Always top notch software here.

I'm enjoying your website more and more each day.

Keep up the good work.

thanks you to all ;)

regards,

gkweb.