new leaktest released : DNStester (from Jarkko Turkulainen)

DNSTest can transmit information to a remote system - however it is easily identified with a suitable firewall configuration. If it used address space injection then it could masquerade as another process with network access permissions (e.g. Internet Explorer) in which case there would be nothing traffic-wise or application-wise for a firewall to pick up on.

 

I am wondering whether this leaktest is effective at all:

Please note that some people do not only use firewalls but also properly configure them ;-)

A DNS request is an outgoing connection. A properly configured firewall will allow such outgoing connection ONLY if it is made to your internet provider. The firewall will NOT allow a DNS request which is directed to an arbitrary internet address (i.e., a hacker's computer).

So ... where is the leak?

 

Paranoid2000: the Outpost site is down. Can you find those application DNS rules anywhere else?

 

SydneyProxy02,

Please review the DNShell documentation - communication takes place through your ISP's DNS servers using recursive DNS. Therefore unless your firewall restricts DNS access by application, this leaktest will go through it.

Mvdu:

As I stated previously, the Outpost forum is down for a vBulletin upgrade. It is supposed to be back up sometime on Monday. If you cannot wait till then, PM me with your email address and I will send a copy.

 

@Paranoid

Thx for the explanation!