Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Leak Test

  1. #1
    larsson Guest

    Default Leak Test

    Hi there,I have just done a leak test on my Zone Alarm product and it failed. Can anyone verify that this is a genuine test and if so is there anything i can do to protect my computer from an attack like this. I have always had a 100% faith in Zone Alarm products but I am not so sure now.
    I got the test from the following address:

    http://www.pcflank.com/pcflankleaktest.htm
    Thanks in advance for any advice.

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm (Free)
    Software Version:

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: Leak Test


    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    stevo_c Guest

    Default Re: Leak Test

    Hi, I also just did the PC Flank Leak Test from the same site as larsson which failed for me too.
    I had a look at fax's response and whilst I am no "guru" the logic doesn't seem to stack up to me.
    You say "this tests are purposely deviced to avoid firewalls it is just theory". But surely malicious software is also purposely devised to avoid firewalls? And no
    - it is not just theory! The software from PC Flank really does transmit data from your machine to its own site without ZoneAlarm raising an eyebrow! How is that just theory?
    Fax, you may well refer us to a page where some tests were done and ZoneAlarm performed well, but that is just dodging the issue. The PC Flank Leak Test which Larsson (and I) refer to is nothing to do with the page you have referenced. I am sure one could find many other review pages listing ZoneAlarm as the number one product, but that has nothing to do with the specific issue we are raising.
    Finally the
    statement "And if you still not feel safe better to choose another security tool you feel confortable with" is hardly responsible. This Leak Test is showing up a glaring problem and you just say "go somewhere else". Well I humbly disagree with you here too - I would say this leak is something ZoneLabs would be best advised to deal with!
    As the situation stands, I would say ZoneAlarm has a bug that needs fixing.

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: Leak Test

    Hi!find my reply in-between your text.Cheers,
    Fax<BLOCKQUOTE><HR>stevo-c wrote:
    Hi, I also just did the PC Flank Leak Test from the same site as larsson which failed for me too.I had a look at fax's response and whilst I am no "guru" the logic doesn't seem to stack up to me.You say "this tests are purposely deviced to avoid firewalls it is just theory". But surely malicious software is also purposely devised to avoid firewalls? And no- it is not just theory! The software from PC Flank really does transmit data from your machine to its own site without ZoneAlarm raising an eyebrow! How is that just theory?If it was real malware it would have been detected by your AV/AS. Strictly speaking if you have ZApro, you will not even get to pcflank page, because you will be blocked. This will happen also for real malware. Of course, ZA does apply a trick to the trick to thePCFlank site...Fax, you may well refer us to a page where some tests were done and ZoneAlarm performed well, but that is just dodging the issue. The PC Flank Leak Test which Larsson (and I) refer to is nothing to do with the page you have referenced. I am sure one could find many other review pages listing ZoneAlarm as the number one product, but that has nothing to do with the specific issue we are raising.If you would have read better the link I have given you, youwould have noticed thatresults include both PCflank and firewallleak tests mentioned here, so its more than one test... and you will notice that many fails the PCflank test not just ZA.Finally thestatement "And if you still not feel safe better to choose another security tool you feel confortable with" is hardly responsible. This Leak Test is showing up a glaring problem and you just say "go somewhere else". Well I humbly disagree with you here too - I would say this leak is something ZoneLabs would be best advised to deal with!Yes, because if you judge your security fromjust aleak test than better you use anotherproduct you feel confortable with... some sort of false sense of security. Leak test are marketing tools.. and if you have had a look to PCflank they sponsor a certain product that pass that test...As the situation stands, I would say ZoneAlarm has a bug that needs fixing.</BLOCKQUOTE><BLOCKQUOTE>Please provide feedback to ZA,here: www.zonelabs.com/tsform
    </BLOCKQUOTE><HR>


    Message Edited by fax on 02-24-2007 11:01 AM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Leak Test

    The PCFlank leaktest is an example of could happen. The truth is there is no malware known that is using the technique that is used by the PCFlank leaktest. Hence it is just a theory, not an actual exploit.

    Leaktests are considered by some to be a valuable rating of a firewall and others consider the leaktests to be of little value. Some consider a firewall to be just a packet filter and others consider a firewall to be a softwrae that does hips, content filtering, and many other things for advanced security.

    Leaktests can be best described this way- a user downloads an exploit and allows it to be executed. First mistake. Then the antivirus and antispy will alert of danger. The user allows the malware and ignores the antivirus and the antispy. Second mistake. Now for the matter of truth- the firewall will alert the user of a new connection. If the user allows the new connection, the third mistake is any firewall that is excellent in leaktest is now useless. Just as the excellent antivirus and antispy were useless when the user allowed the malware to be executed and ignored their alerts. Some will now say the firewall that does poor in leaktests will never give that alert for the malware connection to the internet.


    An older or dated leaktest that is trustworthy

    http://www.firewallleaktester.com/tests.php

    a good read about leaktests and layered security

    http://www.firewallleaktester.com/index.html


    Another point of veiw about firewalls and leaktests and an interesting one. A user installs Safety System Monitor and Antihook along with a good antivirus on a PC. The user has a SPI/NAT router for inbound protection and does not use a software firewall. Now the user runs all of the leaktests- he beats them all, with just those three applications. But he obeyed all alerts and did not over-ride the alerts. But no software firewall is being used. What does that do for the users who highly value the leaktest proof software firewall, when a PC with no firewall beats the tests?

    An interesting site about HIPS and layered security and lots of info and details>

    http://kareldjag.over-blog.com/

    Just in case you missed the site that Guru Fax had mentioned about leaktests and firewall ratins>

    http://www.matousec.com/projects/win...ts-results.php

    The three sites in this post are excellent reads and very complete.

    Oldsod
    Best regards.
    oldsod

  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Leak Test

    BTW One of the easiest tricks to beat most of the leaktest will the ZA firewall is set the Internet Explorer to Ask for the Internet Access. The malware/leaktest/hijack will use the IE and the firewall is set to Ask the user for it's access. Again if the user ignores the alert and allows the access, that is a mistake. But if the user denies the access and investigates as to why the IE out of the blue wants access, he will be able to see what and where wants the IE to go to the Internet. This trick works for most IE/browser exploits with the ZA.

    The biggest issue I have with the default settings of the ZA is that they are too lax and not secure enough. Windows explorer does not need to have permission for the Internet or any server rights- an Ask is much more secure. This applies to many of the windows components, noy just the windows explorer example. Changing those and making the ZA tighter or more restrictive does improve the over-all security and in aids in defeating malware.

    Oldsod
    Best regards.
    oldsod

  7. #7
    larsson Guest

    Default Re: Leak Test

    Thanks for the info guys but I have another question but I'll post it seperatly.

  8. #8
    sukieng Guest

    Default Re: Leak Test

    to my knowledge gibson research sponsors no products other than their own ( spin rite and such ).all versions of ZA have passed and NEVER failed a leak test on www.grc.com
    . if you go to thesection of the &quot;shields up&quot; page, you will find the leak test program. what i cant figure out isthat the newest version of ZA internet security suite that i just bought IS now failing that same exactleak test on grc's website. i think that there is alot of unbiased information on this site and it wouldbe a good read for anyone concerned about the security of their pc. i also think that its rediculous thatzone labs charges their customers for phone support no matter if they bought the product 1 year or 1day ago. thats customer service for ya !!! i have always been a ZA preacher but know im not surethat im preaching the right serman anymore...i think this proves that someting has changed in the ZAproduct. i have been using that leak test on www.grc.com for years and NO version of ZA has ever faiedthe leak test until now.. THINK ABOUT IT ! something has changed with ZA. anybody know what that is ?guru ? ? ?

  9. #9
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Leak Test

    You using the Vista or the XP operating system?
    Is the ZA in the learning mode or set to High?

    Oldsod
    Best regards.
    oldsod

  10. #10
    sukieng Guest

    Default Re: Leak Test

    XP PRO SP2i have tried it in the learn mode and with it on high. fails every time.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •