http://www.isa-llc.com/ "About pcAudit™ pcAudit™ is a free security evaluation program, for personal computers, developed by Internet Security Alliance, Inc. How it works pcAudit™ is a program developed to simulate an attack by a "hacker". To determine the status of security on this computer, pcAudit™ will try to send data from this computer to Internet Security Alliance's server. If successful it means you either do not have a security program installed, or your present program was ineffective in blocking the data sent from your computer to Internet Security Alliance's server (which it absolutely should have). In either case you have a security problem. A little more technical Our research shows that ".dll" files sending and receiving data, to and from the Internet, outnumber ".exe" files by 2 to 1 margin. Using a "dll" file as a "payload", pcAudit™ will test for vulnerabilities exploited by such notorious malicious programs as "Happy99" or recent "Sircam", overlooked by most personal and corporate firewalls. System Requirements: • Windows 95, 98, Millennium, NT/2000/XP; • Intel Pentium 120 MHz or higher; • 32 MB of RAM; • 10 MB of available hard disk space; • Internet Explorer 5 or higher; • Active Internet connection" This type of program represents a serious problem as no firewall that i know of is yet able to defeat this test. The program uses a dll to inject code into any other process able to access the net and will fly right through without your firewall being able to defeat it. However, there is a way to handle it. If your proxy ( you better start using one, if you don't already) is able to use HIDE SYSTEM INFORMATION (user agent ) then it will defeat the test from gathering info from your system and sending it out elsewhere. Naviscope does offer such protection. This is how Naviscope handles the request/Send Headers: http://mickeytheman.digitalrice.com/files/pcaudituseragent.png I tested successfully against this test with Naviscope launched directly from the browser or linked to the pacfile (spyblocker) as well as both with a firewall running or not. I tested on Win98SE and win2k platforms I advised Frédéric ( LNS ) of my findings and rest assured that LNS will undoubtebly be the first firewall to incorporate measures to counteract such programs.