online Security check

Discussion in 'other security issues & news' started by whoops, Jul 25, 2003.

Thread Status:
Not open for further replies.
  1. whoops

    whoops Guest

    ok, I should know better, but I tried the security check at:

    http://www.it-sec.de/vulchke.html

    Unfortunately I did not read all the warnings on the page before I clicked on check host. I feel like an idiot, but never had any problems from a uiuc link before.

    I stopped the test after reading some of the warnings

    Anyway was wondering if anyone has done this check before, and if so is it a legitimate site to test from. Should I be concerned?

    _________________________

    more info:

    I got the link from here:

    http://www.staff.uiuc.edu/~ehowes/info17.htm

    clicked on:

    SecureMeNow
    http://securemenow.tripod.com/smn/id3.html

    and then clicked on:

    ibh online

    which led me to the test.
     
  2. peakaboo

    peakaboo Registered Member

    Joined:
    Oct 20, 2002
    Posts:
    377
    I went to the test site, and although the warnings seem ominous, it is basic security (you should not trust just any site) especially if you are going there with IE. With all those patches M$ is putting out you don't even have to click on scan me to get a negative experience if you go to the wrong site, and your system and or browser is not secure.

    Also if you take the scan, I would uncheck their password check in light of discussion at this thread:

    http://www.wilderssecurity.com/showthread.php?t=11665

    Finally, I did a quick google and found the following:

    1:

    http://www.auditmypc.com/freescan/links.asp

    look under Online Security Audit Sites

    unlikely the author of audit my pc would include this test if it were not from a legitimate source (but not a guarantee - nothing is 100% safe on the net).

    2) also found a reference to Holger Heimann who is somehow connected maybe to it-sec.de.

    Look here: http://lists.insecure.org/lists/firewall-wizards/1999/Nov/0137.html

    Holger speaks on security issues and concerns, and appears to be one of the good guys. He mentions the test you referenced as being a netbios vulnerability type test, so if you are weak in this area, I would definitely steer clear:

    ******************************************

    Holger says -

    "Since then we offer a free little online "Netbios vulnerability check" which should be suitable for cablemodem users also, I think it's time to throw it
    in now:


    http://www.it-sec.de/vulchke.html


    We did a survey in 1998 where we found more than 12 percent of the people using dial-in ISPs and having file sharing enabled offering their disks to the world. By using hashes over the service characteristics a computers shows to the net, we were even able to recognise computers, when they dialed
    in again and got a different IP number.


    Highlight: a police department's disk ad no passwords, was even writable and
    connected to the internal network.


    so long,
    Holger "
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.