Virus found on Firewall Leak Test web page

Discussion in 'malware problems & news' started by xTiNcTion, Mar 3, 2004.

Thread Status:
Not open for further replies.
  1. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    Hello,

    if you go
    http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/leaktest13.htm

    then trying to download
    Ghost.exe

    NAV said "Hactool.Sechole" virus found, and removed

    this is a trojan.

    is this normal? o_O
     
    xTiNcTion, Mar 3, 2004
    #1
  2. ShotgunGirl

    ShotgunGirl Guest

    Its normal if you download and install a trogan such as a leak test. If you installed a leak test did you use it to test your firewall before NAV caught it?
    A leaktest is nothing more or less than a self installed trogan used for testing a firewall .
     
    ShotgunGirl, Mar 3, 2004
    #2
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,966
    Location:
    New England
    Yes, I agree. Several leaktests are flagged by AV / AT products on purpose. Sometimes they are flagged just because people want to see that their products can detect these things and sometimes they are caught heuristically based upon what they do.

    In this case, NAV is directly flagging that tool as "Hactool.Sechole" (A "hacker tool - security hole" exploit. All that means is NAV recognizes that specific leaktest.)

    If you are going to download and test with leaktests, you should expect some of them to be flagged by your AV / AT products.
     
    LowWaterMark, Mar 3, 2004
    #3
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,966
    Location:
    New England
    This is a similar thread about a different leaktest download that was flagged as malware...

    http://www.wilderssecurity.com/showthread.php?t=20825
     
    LowWaterMark, Mar 3, 2004
    #4
  5. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi xTinction,

    i am the author of leaktests Ghost and Wallbreaker, and i can tell you that both, as any leaktest program, aren't spywares/trojans/viruses/worms, in fact aren't malwares at all.

    As LowWaterMark has well said, AV detects them not as viruses but as hacker tools, and hacker mean before all "White Hat" not Black hat.
    But all AV detects most of leaktests because even if their code isn't harmfull, included into a trojans it could be harmfull, so it's better to detect the code.

    If you wish to tests leaktests, download them into an exluded folder (AV exlusion list) and then you can use them safely.

    regards,

    gkweb.
     
    gkweb, Mar 4, 2004
    #5
Loading...
Similar Threads
  1. itman

    Modified Versions of Nukebot in Wild Since Source Code Leak

    itman, Jul 19, 2017 at 4:58 PM
    Replies:
    0
    Views:
    66
    itman
    Jul 19, 2017 at 4:58 PM
  2. ronjor

    Study: Backdoors Found on 73% of Compromised Websites

    ronjor, Jul 17, 2017 at 2:47 PM
    Replies:
    2
    Views:
    170
    Peter2150
    Jul 17, 2017 at 4:44 PM
  3. ronjor

    How Hollywood Got Hacked: Studio at Center of Netflix Leak Breaks Silence

    ronjor, Jun 21, 2017
    Replies:
    1
    Views:
    189
    RockLobster
    Jun 21, 2017
  4. ronjor

    Stanford University Site Hosted Phishing Pages for Months

    ronjor, Jun 2, 2017
    Replies:
    0
    Views:
    114
    ronjor
    Jun 2, 2017
  5. itman

    Fake Chrome extensions inject code into web pages

    itman, Apr 28, 2017
    Replies:
    0
    Views:
    144
    itman
    Apr 28, 2017
Thread Status:
Not open for further replies.