ESET - my leak tests

Discussion in 'ESET Smart Security' started by absolon, Jan 4, 2008.

Thread Status:
Not open for further replies.
  1. absolon

    absolon Registered Member

    Joined:
    Nov 19, 2007
    Posts:
    6
    Hi!

    I took leak tests from matousec website and ran all of them.
    PASSED means test finished sucessfull (not good)
    FAILED means ESET stopped communication suspicious program with Internet (good).
    I made test with DISABLED virus real-time protection because some tests have been recognized as virus.
    My results are not optimistic or it means should I improve my current ESET settings? Any advice is welcome.

    Please see below for details:

    Awft
    test1 FAILED
    test2 PASSED
    test3 FAILED
    test4 PASSED
    test5 PASSED
    test6 PASSED

    BITStester
    FAILED

    Breakout2
    FAILED

    Coat
    PASSED

    CopyCat
    FAILED

    Cpil

    PASSED

    CPILSuite
    PASSED

    DNStester
    PASSED

    DNStest
    PASSED

    dnstest.png

    FireHole
    PASSED

    Firehole.png


    Jumper

    PASSED - if IE allowed

    LeakTest
    FAILED

    pcAudit
    FAILED

    PCFlank
    PASSED

    pcfalnk.png

    Surfer
    PASSED

    surfer.png

    Thermite
    PASSED if IE allowed

    TooLeaky
    PASSED

    Wallbreaker
    PASSED

    Yalta

    FAILED
     

    Attached Files:

  2. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    452
    if stopping leaktests is important to you and you lust pop ups for every action performed on your pc, you would do better to either:-
    a: use common sense when browsing
    b: use an additional hips alongside ess
    c: use comodo or oa or outpost or jetico alongside EAV

    still amazes me that people when browsing the internet click on any old links from porno or free software sites offering amazing smileys & awesome free software.
    if you dont understand what your doing on the internet, your time would be better spent learning "safe hex" than worrying about leaktests.
    sit behind a router, with an updated/secured OS, and resist the big CLICK ME IM FREE links on websites you dont know
     
    Last edited: Jan 4, 2008
  3. absolon

    absolon Registered Member

    Joined:
    Nov 19, 2007
    Posts:
    6
    Thanks for replay.
    I think common sense is the best way and weapon against all threats. It's something I rely on for years staying in Intrenet (and in real life too ;)).
    I like ESS and I hope guys from ESET will do their best to make ESS outstanding Security Suite on market. AV module is really fast and good, so I'm convinced one day Firewall will be too :)

    Greetings!
     
  4. legendary

    legendary Registered Member

    Joined:
    Feb 1, 2007
    Posts:
    62
    i just did a test also,

    Results of Advanced Port Scanner
    TCP CONNECT scanning (scanned in 37 seconds)



    We have scanned your computer' ports used by the most widespread trojan horses. Here is the description of possible ports' statuses:

    "Stealthed" (by a firewall) -Means that your computer is invisible to others on the Internet and protected by a firewall or other similiar software;
    "Closed" (non-stealthed) - means that this port is closed, but your computer is visible to others on the Internet that can be potentially dangerous;
    "Open" - Means that this port is ready to establish (or has already established) a connection with remote address. It also means that your computer is vulnerable to attacks and could have been already hacked or infected by a trojan/backdoor;

    Port: Status Service Description
    21 stealthed FTP File Transfer Protocol is used to transfer files between computers
    23 stealthed TELNET Telnet is used to remotely create a shell (dos prompt)
    80 stealthed HTTP HTTP web services publish web pages
    135 stealthed RPC Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems
    137 stealthed NETBIOS Name Service NetBios is used to share files through your Network Neighborhood
    138 stealthed NETBIOS Datagram Service NetBios is used to share files through your Network Neighborhood
    139 stealthed NETBIOS Session Service NetBios is used to share files through your Network Neighborhood
    1080 stealthed SOCKS PROXY Socks Proxy is an internet proxy service
    1243 stealthed SubSeven SubSeven is one of the most widespread trojans
    3128 stealthed Masters Paradise and RingZero Trojan horses
    12345 stealthed NetBus NetBus is one of the most widespread trojans
    12348 stealthed BioNet BioNet is one of the most widespread trojan
    27374 stealthed SubSeven SubSeven is one of the most widespread trojans
    31337 stealthed Back Orifice Back Orifice is one of the most widespread trojans



    Recommendation:

    All the ports we have scanned are Stealthed (by a firewall). So just continue following the fundamental security measures and regularly update your security software.

    PASSED
     
  5. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Legendary, your test was an inbound scan and the majority of firewalls will yield similar results, the OP was showing examples of leak tests which are normally outbound in nature.
     
  6. s4u

    s4u Registered Member

    Joined:
    Oct 24, 2007
    Posts:
    441
    yuo got me a bit confused here with passed and fail.
    What were you settings during these tests?
     
  7. absolon

    absolon Registered Member

    Joined:
    Nov 19, 2007
    Posts:
    6
    Well, real-time virus protection have been disabled (I mentioned about it in first post).
    My Firewall mode is "Interactive mode" which means ESS ask what to do each time new application is trying to get access to internet.
    What else... nothing special. After installation on first run I went through all ESS options but actually I didn't change much. Any advise, recommendation? Yours custom settings would be welcome?

    Greetings!
     
  8. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    why did you use pass/fail backward - surely FAIL would be used if the firewall FAILED to do it's job?!?! Most confusing....
     
  9. jmc777

    jmc777 Registered Member

    Joined:
    Aug 6, 2004
    Posts:
    244
    It makes sense if you look at it from the perspective of the leaktest programs.



    This is a cheap way of getting around leaktests.
     
Thread Status:
Not open for further replies.