Virus found on Firewall Leak Test web page

Discussion in 'malware problems & news' started by xTiNcTion, Mar 3, 2004.

Thread Status:
Not open for further replies.
  1. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    Hello,

    if you go
    http://perso.wanadoo.fr/jugesoftware/firewallleaktester/eng/leaktest13.htm

    then trying to download
    Ghost.exe

    NAV said "Hactool.Sechole" virus found, and removed

    this is a trojan.

    is this normal? o_O
     
    xTiNcTion, Mar 3, 2004
    #1
  2. ShotgunGirl

    ShotgunGirl Guest

    Its normal if you download and install a trogan such as a leak test. If you installed a leak test did you use it to test your firewall before NAV caught it?
    A leaktest is nothing more or less than a self installed trogan used for testing a firewall .
     
    ShotgunGirl, Mar 3, 2004
    #2
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,141
    Location:
    New England
    Yes, I agree. Several leaktests are flagged by AV / AT products on purpose. Sometimes they are flagged just because people want to see that their products can detect these things and sometimes they are caught heuristically based upon what they do.

    In this case, NAV is directly flagging that tool as "Hactool.Sechole" (A "hacker tool - security hole" exploit. All that means is NAV recognizes that specific leaktest.)

    If you are going to download and test with leaktests, you should expect some of them to be flagged by your AV / AT products.
     
    LowWaterMark, Mar 3, 2004
    #3
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,141
    Location:
    New England
    This is a similar thread about a different leaktest download that was flagged as malware...

    http://www.wilderssecurity.com/showthread.php?t=20825
     
    LowWaterMark, Mar 3, 2004
    #4
  5. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi xTinction,

    i am the author of leaktests Ghost and Wallbreaker, and i can tell you that both, as any leaktest program, aren't spywares/trojans/viruses/worms, in fact aren't malwares at all.

    As LowWaterMark has well said, AV detects them not as viruses but as hacker tools, and hacker mean before all "White Hat" not Black hat.
    But all AV detects most of leaktests because even if their code isn't harmfull, included into a trojans it could be harmfull, so it's better to detect the code.

    If you wish to tests leaktests, download them into an exluded folder (AV exlusion list) and then you can use them safely.

    regards,

    gkweb.
     
    gkweb, Mar 4, 2004
    #5
Loading...
Similar Threads
  1. mood

    MagentoCore Malware Found on 7,339 Magento Stores

    mood, Aug 30, 2018
    Replies:
    1
    Views:
    1,132
    Rasheed187
    Sep 1, 2018
  2. mood

    Malware Found in Arch Linux AUR Package Repository

    mood, Jul 10, 2018
    Replies:
    0
    Views:
    460
    mood
    Jul 10, 2018
  3. ronjor

    Why Mastercard is ripping a page from Bitcoin’s book

    ronjor, Jun 15, 2018
    Replies:
    4
    Views:
    1,481
    ronjor
    Oct 10, 2018
  4. Minimalist

    Malicious Package Found on the Ubuntu Snap Store

    Minimalist, May 13, 2018
    Replies:
    2
    Views:
    980
    mood
    May 16, 2018
  5. mood

    Oh, Joy! Source Code of TreasureHunter PoS Malware Leaks Online

    mood, May 10, 2018
    Replies:
    0
    Views:
    604
    mood
    May 10, 2018
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...