ok, I should know better, but I tried the security check at:

http://www.it-sec.de/vulchke.html

Unfortunately I did not read all the warnings on the page before I clicked on check host. I feel like an idiot, but never had any problems from a uiuc link before.

I stopped the test after reading some of the warnings

Anyway was wondering if anyone has done this check before, and if so is it a legitimate site to test from. Should I be concerned?

_________________________

more info:

I got the link from here:

http://www.staff.uiuc.edu/~ehowes/info17.htm

clicked on:

SecureMeNow
http://securemenow.tripod.com/smn/id3.html

and then clicked on:

ibh online

which led me to the test.

I went to the test site, and although the warnings seem ominous, it is basic security (you should not trust just any site) especially if you are going there with IE. With all those patches M$ is putting out you don't even have to click on scan me to get a negative experience if you go to the wrong site, and your system and or browser is not secure.

Also if you take the scan, I would uncheck their password check in light of discussion at this thread:

http://www.wilderssecurity.com/showthread.php?t=11665

Finally, I did a quick google and found the following:

1:

http://www.auditmypc.com/freescan/links.asp

look under Online Security Audit Sites

unlikely the author of audit my pc would include this test if it were not from a legitimate source (but not a guarantee - nothing is 100% safe on the net).

2) also found a reference to Holger Heimann who is somehow connected maybe to it-sec.de.

Look here: http://lists.insecure.org/lists/firewall-wizards/1999/Nov/0137.html

Holger speaks on security issues and concerns, and appears to be one of the good guys. He mentions the test you referenced as being a netbios vulnerability type test, so if you are weak in this area, I would definitely steer clear:

******************************************

Holger says -

"Since then we offer a free little online "Netbios vulnerability check" which should be suitable for cablemodem users also, I think it's time to throw it
in now:


http://www.it-sec.de/vulchke.html


We did a survey in 1998 where we found more than 12 percent of the people using dial-in ISPs and having file sharing enabled offering their disks to the world. By using hashes over the service characteristics a computers shows to the net, we were even able to recognise computers, when they dialed
in again and got a different IP number.


Highlight: a police department's disk ad no passwords, was even writable and
connected to the internal network.


so long,
Holger "