Looking for nice leaktests

Discussion in 'other firewalls' started by faenil, Apr 15, 2008.

Thread Status:
Not open for further replies.
  1. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    Hi guys...

    I'm going to test Online Armor today...
    Free version...

    Do u know any nice leaktest I could try with OA?

    Some rare ones ^^

    The leaktest I own so far are the ones downloadable from testmypcsecurity.com

    Let me know asap ;)

    also with private messages if u don't want the file to be public ;)
     
  2. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Any advance ? :)
    Please, let us know about your findings (if any). It will be fixed in a day or two :)
     
  3. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    Leak tests are pointless mate.
     
  4. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    srry guys haven't tested it yet ^^
    I'll test it tomorrow maybe, due to lack of time...
    soz..

    I know...I used the word leaktest but I meant every program that could attack our computers...like keyloggers, etc ;) to test if OA reacts in a good way
     
  5. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    Here try this new one from Comodo
     
  6. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    I disagree. Yes, there are some completely silly leaktests (IMHO), but others are very good POCs that every decent security soft should pass. For example memory access control, windows messaging control, OLE control, DDE control, registry control etc ... I just think this relates more to HIPS, than to firewalls.
     
  7. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    ...testing it....

    It has failed some tests of the APT test suite from diamondcs...processes can be easily killed... :(
     
    Last edited: Apr 21, 2008
  8. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    what is ATP test suite ? Could you provide a link ?
     
  9. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    There are no nice leak tests, they are all naughty.
     
  10. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    Last edited by a moderator: Apr 21, 2008
  11. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    Then tell me, what is more better? These are examples-
    A rootkit that has been blocked from download. (This is what a firewall's inbound traffic does, except its not rootkits.)
    OR
    A rootkit that has already gone into your system, infilterated your AV, made itself stealth, and acsess? (outbound)

    A skilled hacker will not really be bothered about an outbound traffic firewall, AND also, a hacker always uses THE LATEST technology, and are leaktests updates every day? NO.
     
  12. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    haha very naughty. :)
     
  13. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    I agree with you but I'm sure it's implicit in your message that leaktests are not used by hacker cause they're old and so they are blocked easily by HIPS...

    how comes HIPS can't stop them all? You say they're useless, old, well but HIPS can't stop them yet!!! ^^ :D
     
  14. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    You mean apt. Yes, it was possible. The same killtask prevention worked in spt and taskmanager but didn't work in apt. Seems like wrong implementation. But the day after this was reported it was fixed.
     
  15. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    I'm testing version 2.1.0.31...

    not fixed..
     
  16. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    I didn't say HIPS could catch 'em all. The company knows how to stop it, but are just concentrating on more important stuff.
    Another disadvantage is that AV's seem to target these software these days...
     
  17. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    2.1.0.31 is quite an old version of OA. The current release is 2.1.0.131
     
  18. faenil

    faenil Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    88
    I meant 2.1.0.131 ofc ^^

    soz ;)
     
  19. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Either one is good in case rootkit is stopped, except a zero-day rootkit. Then the only option is HIPS. And, please, do not overestimate those hackers. Yes, they work day and night looking for the holes, but most of "zero-day" malware is just modification of the old ideas and code. I deal with malware. 95% of this can be disabled manually with only regeditor. 5% needs something like Gmer, Sysprot. 0.1% needs Debugger and disassembler. And I didn't see something revolutionary new for a pretty long time.
     
  20. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    Then, may I ask, what have you done to search for a 'revolutionary' thing. Also, if we overestimated them, I wonder why they are still in buisness...
     
  21. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    They're still in business because a good amount of people have poor security setups, little (if any) security knowledge and they fall victim of social engineering tricks and drive-by downloads.
    You don't need a super-stealth malware to build a big enough botnet. And the hundreds of rogue scanners are simple pieces of coding, as simple as Notepad.
     
  22. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    I did nothing, but collected everything I could reach. And they are in business because too many people do not care about their security.
     
Thread Status:
Not open for further replies.