Virus found on Firewall Leak Test web page

Discussion in 'malware problems & news' started by xTiNcTion, Mar 3, 2004.

Thread Status:
Not open for further replies.
  1. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    Hello,

    if you go
    http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/leaktest13.htm

    then trying to download
    Ghost.exe

    NAV said "Hactool.Sechole" virus found, and removed

    this is a trojan.

    is this normal? o_O
     
    xTiNcTion, Mar 3, 2004
    #1
  2. ShotgunGirl

    ShotgunGirl Guest

    Its normal if you download and install a trogan such as a leak test. If you installed a leak test did you use it to test your firewall before NAV caught it?
    A leaktest is nothing more or less than a self installed trogan used for testing a firewall .
     
    ShotgunGirl, Mar 3, 2004
    #2
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,152
    Location:
    New England
    Yes, I agree. Several leaktests are flagged by AV / AT products on purpose. Sometimes they are flagged just because people want to see that their products can detect these things and sometimes they are caught heuristically based upon what they do.

    In this case, NAV is directly flagging that tool as "Hactool.Sechole" (A "hacker tool - security hole" exploit. All that means is NAV recognizes that specific leaktest.)

    If you are going to download and test with leaktests, you should expect some of them to be flagged by your AV / AT products.
     
    LowWaterMark, Mar 3, 2004
    #3
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,152
    Location:
    New England
    This is a similar thread about a different leaktest download that was flagged as malware...

    http://www.wilderssecurity.com/showthread.php?t=20825
     
    LowWaterMark, Mar 3, 2004
    #4
  5. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi xTinction,

    i am the author of leaktests Ghost and Wallbreaker, and i can tell you that both, as any leaktest program, aren't spywares/trojans/viruses/worms, in fact aren't malwares at all.

    As LowWaterMark has well said, AV detects them not as viruses but as hacker tools, and hacker mean before all "White Hat" not Black hat.
    But all AV detects most of leaktests because even if their code isn't harmfull, included into a trojans it could be harmfull, so it's better to detect the code.

    If you wish to tests leaktests, download them into an exluded folder (AV exlusion list) and then you can use them safely.

    regards,

    gkweb.
     
    gkweb, Mar 4, 2004
    #5
Loading...
Similar Threads
  1. mood

    Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers’ Leak

    mood, Dec 13, 2018
    Replies:
    0
    Views:
    566
    mood
    Dec 13, 2018
  2. mood

    Hackers are using leaked NSA hacking tools to quietly hijack thousands of computers

    mood, Nov 28, 2018
    Replies:
    0
    Views:
    608
    mood
    Nov 28, 2018
  3. mood

    Updated Azorult malware for sale on the Dark Web

    mood, Oct 23, 2018
    Replies:
    0
    Views:
    525
    mood
    Oct 23, 2018
  4. mood

    MagentoCore Malware Found on 7,339 Magento Stores

    mood, Aug 30, 2018
    Replies:
    1
    Views:
    1,194
    Rasheed187
    Sep 1, 2018
  5. Minimalist

    Fake Websites for Keepass, 7Zip, Audacity, Others Found Pushing Adware

    Minimalist, Jul 27, 2018
    Replies:
    8
    Views:
    1,799
    mood
    Nov 7, 2018
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...