ESET - my leak tests

Hi!

I took leak tests from matousec website and ran all of them.
PASSED means test finished sucessfull (not good)
FAILED means ESET stopped communication suspicious program with Internet (good).
I made test with DISABLED virus real-time protection because some tests have been recognized as virus.
My results are not optimistic or it means should I improve my current ESET settings? Any advice is welcome.

Please see below for details:

Awft
test1 FAILED
test2 PASSED
test3 FAILED
test4 PASSED
test5 PASSED
test6 PASSED

BITStester
FAILED

Breakout2
FAILED

Coat
PASSED

CopyCat
FAILED

Cpil
PASSED

CPILSuite
PASSED

DNStester
PASSED

DNStest
PASSED



FireHole
PASSED




Jumper
PASSED - if IE allowed

LeakTest
FAILED

pcAudit
FAILED

PCFlank
PASSED



Surfer
PASSED



Thermite
PASSED if IE allowed

TooLeaky
PASSED

Wallbreaker
PASSED

Yalta
FAILED

 

if stopping leaktests is important to you and you lust pop ups for every action performed on your pc, you would do better to either:-
a: use common sense when browsing
b: use an additional hips alongside ess
c: use comodo or oa or outpost or jetico alongside EAV

still amazes me that people when browsing the internet click on any old links from porno or free software sites offering amazing smileys & awesome free software.
if you dont understand what your doing on the internet, your time would be better spent learning "safe hex" than worrying about leaktests.
sit behind a router, with an updated/secured OS, and resist the big CLICK ME IM FREE links on websites you dont know

 

Thanks for replay.
I think common sense is the best way and weapon against all threats. It's something I rely on for years staying in Intrenet (and in real life too ).
I like ESS and I hope guys from ESET will do their best to make ESS outstanding Security Suite on market. AV module is really fast and good, so I'm convinced one day Firewall will be too

Greetings!

 

i just did a test also,

Results of Advanced Port Scanner
TCP CONNECT scanning (scanned in 37 seconds)



We have scanned your computer' ports used by the most widespread trojan horses. Here is the description of possible ports' statuses:

"Stealthed" (by a firewall) -Means that your computer is invisible to others on the Internet and protected by a firewall or other similiar software;
"Closed" (non-stealthed) - means that this port is closed, but your computer is visible to others on the Internet that can be potentially dangerous;
"Open" - Means that this port is ready to establish (or has already established) a connection with remote address. It also means that your computer is vulnerable to attacks and could have been already hacked or infected by a trojan/backdoor;

Port: Status Service Description
21 stealthed FTP File Transfer Protocol is used to transfer files between computers
23 stealthed TELNET Telnet is used to remotely create a shell (dos prompt)
80 stealthed HTTP HTTP web services publish web pages
135 stealthed RPC Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems
137 stealthed NETBIOS Name Service NetBios is used to share files through your Network Neighborhood
138 stealthed NETBIOS Datagram Service NetBios is used to share files through your Network Neighborhood
139 stealthed NETBIOS Session Service NetBios is used to share files through your Network Neighborhood
1080 stealthed SOCKS PROXY Socks Proxy is an internet proxy service
1243 stealthed SubSeven SubSeven is one of the most widespread trojans
3128 stealthed Masters Paradise and RingZero Trojan horses
12345 stealthed NetBus NetBus is one of the most widespread trojans
12348 stealthed BioNet BioNet is one of the most widespread trojan
27374 stealthed SubSeven SubSeven is one of the most widespread trojans
31337 stealthed Back Orifice Back Orifice is one of the most widespread trojans



Recommendation:

All the ports we have scanned are Stealthed (by a firewall). So just continue following the fundamental security measures and regularly update your security software.

PASSED

 

Legendary, your test was an inbound scan and the majority of firewalls will yield similar results, the OP was showing examples of leak tests which are normally outbound in nature.

 

yuo got me a bit confused here with passed and fail.
What were you settings during these tests?

 

Well, real-time virus protection have been disabled (I mentioned about it in first post).
My Firewall mode is "Interactive mode" which means ESS ask what to do each time new application is trying to get access to internet.
What else... nothing special. After installation on first run I went through all ESS options but actually I didn't change much. Any advise, recommendation? Yours custom settings would be welcome?

Greetings!

 

why did you use pass/fail backward - surely FAIL would be used if the firewall FAILED to do it's job?!?! Most confusing....

 

It makes sense if you look at it from the perspective of the leaktest programs.

This is a cheap way of getting around leaktests.