Firewall outbound control tester

LeakOut - Firewall outbound control tester

Following on from blacknight's thread https://www.wilderssecurity.com/showthread.php?t=272900 i thought it might be enlightening to test/retest some other Leakers. There are several listed on the www, and the only one i havn't used before is this one.

http://mark0.net/soft-leakout-e.html



Tried it with FF v3 and IE6. Got prompted and denied = No go = expected. Got prompted and allowed = Go = expected.



Wasn't too happy about them being able to see my Machine/User name though when i allowed out

 

Oops...

 

All the more reason to prevent malware from installing in the first place, then...

 

I don't use IE full time anymore, only for testing etc, so i'm not worried about the Machine/User name result. I just wondered what method they were using to grab the info ? Java/javascript/activex/cookies etc were all disabled.

The point of posting this was, for others to try it and see what results they got from both vectors

 

I use Opera 10.53: Defense+ alerted me about LeakOut: if I deny, all right: LeakOut is blocked. If I allow, LeakOut can read Machine name and User.

 

LoL PC Tools Firewall PLUS Hips function(If you can call it that) gave the choice...Allow/Block before LeakOut could do something, so i am not worried.

 

Doesn't matter what browser you use. The program gets the machine name/user and sends it out via the default browser. This is a very basic test and most firewalls/HIPS can handle it.

 

No problem for Online Armor

 

Quote Espresso

Well that's just it, if this app can get our machine name/user, if we allow it, how many other apps/browsers etc that we allow every day can do the same, and upload the info to their www ? Not good

Sure blocking it from getting out seems easy for most, it's the machine name/user data that's more of a concern.