Firewall outbound control tester

Discussion in 'other firewalls' started by CloneRanger, May 24, 2010.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    LeakOut - Firewall outbound control tester

    Following on from blacknight's thread https://www.wilderssecurity.com/showthread.php?t=272900 i thought it might be enlightening to test/retest some other Leakers. There are several listed on the www, and the only one i havn't used before is this one.

    http://mark0.net/soft-leakout-e.html

    lo.gif

    Tried it with FF v3 and IE6. Got prompted and denied = No go = expected. Got prompted and allowed = Go = expected.

    loie.gif

    Wasn't too happy about them being able to see my Machine/User name though when i allowed out :(
     
  2. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Oops...:eek:
     
  3. All the more reason to prevent malware from installing in the first place, then...
     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    I don't use IE full time anymore, only for testing etc, so i'm not worried about the Machine/User name result. I just wondered what method they were using to grab the info ? Java/javascript/activex/cookies etc were all disabled.

    The point of posting this was, for others to try it and see what results they got from both vectors ;)
     
  5. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    I use Opera 10.53: Defense+ alerted me about LeakOut: if I deny, all right: LeakOut is blocked. If I allow, LeakOut can read Machine name and User.
     
  6. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    353
    Location:
    Netherlands
    LoL PC Tools Firewall PLUS Hips function(If you can call it that) gave the choice...Allow/Block before LeakOut could do something, so i am not worried. :D
     
  7. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Doesn't matter what browser you use. The program gets the machine name/user and sends it out via the default browser. This is a very basic test and most firewalls/HIPS can handle it.
     
  8. markcc

    markcc Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    185
    Location:
    Michigan, usa
    No problem for Online Armor
     
  9. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Quote Espresso

    Well that's just it, if this app can get our machine name/user, if we allow it, how many other apps/browsers etc that we allow every day can do the same, and upload the info to their www ? Not good :(

    Sure blocking it from getting out seems easy for most, it's the machine name/user data that's more of a concern.
     
Loading...
Thread Status:
Not open for further replies.