HELP PASS ALL LEAKTESTs EXCEPT DNSTESTER

As shown in the table below, only DNSTester claims to be succesfull, while only running DefenseWall and Rising HIPS, see setup https://www.wilderssecurity.com/showpost.php?p=1272374&postcount=39

See results of leaktest in pics and explanation (by the way all ports stealthed also, with Router NAT/SPI FW), This clearly illustrates the madness of leaktesting, no software firewall and I would rank amongst the highest

I would love to read test of software firewalls or setup tips of routers, as long as they are concerning the firewall functionality! Firewall 'testd' are nowadays more concerned wth HIPS than wth FW functionality, same as buying a motorbike magazine which does not contain a single test on motorbikes, in stead only cars and trucks are tested. Does that make sense?

WHEN LEAKTESTS MADE SENSE FOR FIREWALL TESTING, HOW COULD I SCORE SO HIGH WITHOUT A SOFTWARE FIREWALL? I know Matousec has taken Firewall testing to next level with Firewall challenge, but most of the added test were tackled by DW anyway, since I have no firewall, how should I test it?

 

You would need outbound filtering for svchost to pass DNStester.
But yes, I agree with you. 'Leaking' needs to be detached from a term 'firewall' as you can accomplish this kind of protection using various software (or combination of 2 or more).
It is just a matter of terminology.

 

Nick,

Good to see you around more often these days. Seer and Stem and BigC are my FW tutors

Would any oubound filtering of svchost do? What program (beside Comodo with DNS recursive call would achieve this).

I think a good sticky on how to set up a router with nat/spi would be a real help.

Regards Kees

 

Hello Kees

Thank you for your kind words but I'm not much of a tutor. My answers are often in general terms as I do not test much software and am not very familiar with specific options in a specific app. So I will give you a generalized answer on this one as well.
Any firewall/HIPS monitoring injections/outbound connections will pass DNStester. This is a very basic test and should be easily handled by most firewalls - you can block the injection in svchost with a HIPS or you can block the outbound with an application firewall.
On the other hand, if you disable DNS client service, you will have a green light with DNStester test in advance...

 

Thx Nick,

This would mean my Domain Name System is cached at my Router or even further up at my ISP. Does not sound to bad. What is the downside of stopping client DNS service? By the when DNS client is stopped, DNS tester still reports success

By the way DefenseWall with ThreatFire gave the same result (because I had disabled active desktop the copycat leaktest could not place a webpage as wallpaper background).