System Shutdown Simulator 1.1 Released

Discussion in 'other anti-malware software' started by dmenace, Dec 16, 2007.

Thread Status:
Not open for further replies.
  1. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    If anyone is interested,

    System Shutdown Simulator (SSS) Version 1.1 has been released.

    Can be obtained from here: http://zeroday-software.freetzi.com/

    ___________________________________________

    New Features:

    This update no longer uses an outbound ping test for the firewall
    test component. Now System Shutdown Simulator downloads an actual
    file from the internet (a webpage in this case) and tries to open
    it. In reality malware could download and run files from the
    internet this way.

    Change Log:

    * New Firewall Test Method Used.

    * Clear Button For Payload Results

    * Minor GUI Changes

    ___________________________________________

    Release Notes:

    * Firewall Leaktest Component Downloads and Opens Webpage. It is
    possible that your HIPS software will prevent webpage from opening.
    This is still a fail as the file was downloaded successfully.

    * Ensure Browser Cache cleared in between subsequent running of
    the firewall test component. This will ensure a new file is
    downloaded each time the test is run.

    * Please report any bugs as there are significant changes in this
    version. We recommend everyone to re-run the firewall test component
    as misleading results may have been obtained from previous versions
    of SSS.
     
  2. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Bit Defender IS 2008 (firewall disabled) + Comodo (latest version). The BD icon disappears from tray. However, all tests passed successfully.

    a.png

    b.png

    g.png

    c.png

    Thanks for the test!
     
  3. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    For the last result,

    I've changed it from "Firewall Test file could not be executed"
    to
    "Firewall Test file could not be downloaded / executed"

    This is what it should say. But results wont change :)
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Dmenace,

    Thx nice test prog. What is your connection with zero day software?

    Regards K
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I never knew about this new version. Just found it today by chance. Thanks Dmenace.
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    It was beter for this file to be an executable, rather than an html file but i understand it needs more effort.
    Anyway the FW test is now much more better than before.
     
  7. alfa1

    alfa1 Registered Member

    Joined:
    May 3, 2006
    Posts:
    61
    it would be very intresting to know from dmenace if S.S.S. is truly tring to access SCM as showed us by Fuzzfas...

    1.JPG

    I don't succeed infact in repeating this behaviour with other HIPS...o_O

    Txs in advance :)
     
  8. Dieselman

    Dieselman Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    795
    All tests passed for me. I am using NOD32 3.0.621.0 and Zone Alarm Anti Spyware. Cool test.
     
  9. Eh_Greg

    Eh_Greg Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    64
    Location:
    US.
    Last edited: Feb 22, 2008
  10. Eh_Greg

    Eh_Greg Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    64
    Location:
    US.
    Ok I think my last post was slightly misleading. I was using the Freeware edition of System safety monitor. But anyway, when I tried to run the sss.exe right after hitting "shutdown" on my PC., I got the 'sss.exe - DLL Initialization Failed : The application failed to initialize because the window station is shutting down.'

    So this wouldn't just be able to startup all by itself anyway. Eh ? *puppy*
     
Loading...
Thread Status:
Not open for further replies.