PG + software firewall vs. Leaktests

Discussion in 'ProcessGuard' started by ogcg, Oct 27, 2004.

Thread Status:
Not open for further replies.
  1. ogcg

    ogcg Guest

    How about PG3 & Personal Firewall (ZAP, Kero, LnS,...) against leaktests?
  2. Socio

    Socio Registered Member

    Jun 29, 2004
    Here is my results on leak tests I did a couple of months ago to give you and idea:

    I used Kaspersky 5 AV, Outpost Pro 2.1 ( tweaked to my system) and Process Guard 2. Here is how my tests now play out:

    pcaudit (Passed)-PG
    pcaudit2 (passed)-PG
    wallbreaker (passed)-PG
    DNS tester ( passed thanks to Paranoids guide on the official OutPost pro forum)-OP
    Toleaky (passed-OP
    Thermite (passed)-PG
    Yalta (passed)-OP
    AWFT (Oupost 10 AWFT 0)-OP
    Firehole(virus detected did not run)-KAV
    Copycat(virus detected did not run)-KAV
    Ghost (virus detected did not run)-KAV
    outbound- (unable to find packet.dll could not run)
    MB test ( unable to find packet.dll could not run)

    KAV would not even let me download three of the tests, as for thew others, what Outpost did not stop Process Guard did. The last two tests I am not sure what the packet.dll missng was about.
  3. gkweb

    gkweb Expert Firewall Tester

    Aug 29, 2003
    FRANCE, Rouen (76)

    leaktests are not "download & launch" which explain your troubles while running them.

    First, a "virus" detection is not a block since the leaktest can be totally rewritten to be undetected (I have few private versions on my comp which are not detected by any AV/AT).
    Then for the file missing, it is because (as written on their page) you have to install other files, there is even one that has to be compiled on your PC to get it to work (of course a real malware/trojan could do it all for you, the point is that the leaktests are not trojans).
    Understand that I do not criticise at all the need of an AV or of a layered defense.

    Generally speaking, whatever your firewall, adding ProcessGuard to it will block the leaktests that it cannot block.
    Firewall + ProcessGuard is a very good combo which can block nearly everything, and as your results above, depending of the leaktest it will be either ProcessGuard or your firewall which will catch it.


  4. PGGuy

    PGGuy Guest

    I did a try with those tools on my box { pg3b2 + zas5.1.033 } - results:
    01- leaktest 1.2 ( -> zas detected
    02- toolleaky -> zas detected
    03-fireholes, 04-Yalta -> PG3b2 protected successfully.
    05-Outbound -> could not be done since I did not follow the instructions to add extra files { packet.dll, xxx.sys driver } to my box which outbound.exe would use packet.dll and asked services.exe to install that driver for it to work through. -> no result to report.
    06-PCAudit, 08-Thermite, 09-CopyCat -> PG3b2 protected successfully.
    07-AWFT : not yet downloaded then.
    10-MBtest -> requires extra files installed as 05-Outbound -> no result done to report.
    11-WallBreaker -> Not sure the results to report; first IE not allowed to run (PG setup); then let it run -> not sure!
    12-PCAudit2 -> PG3b2 protected (like above, block it from creating hook)
    13-Ghost -> not sure to report
    14-DNSTest -> not sure to report
    15-Surfer -> PG3b2 protected -> Error dialog displayed :
    Looking forward to a comprehensive tests on those firewallleaky tools vs firewall and see PG helping to defeat most attacks.

    Please correct anything wrong. thx.
  5. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Jul 19, 2002
    Perth, Oz
    Just some of the leaktests that ProcessGuard 3 is known to block (PG2 also blocked most of them) include Copycat, Thermite, Atelier Web Firewall Tester, Firehole, PCAudit, and PCAudit 2. gkweb has done some very good testing in this area
Thread Status:
Not open for further replies.