Thursday, October 19, 2006

Leak test your personal firewall

Hey folks have you tried giving your firewall a leak test? Leak test is a simple and easy to use tool to test your personal firewall. This is one of the many tools developed by Steve Gibson of the Gibson research corporation and this one has been around for a while. This is a simple tool that asks the firewall permission to access the net and is only 25KB. To use it just go here and download it to your pc. Once it is on your pc just lick on the "test for leaks" button. If your firewall is configured properly your firewall will ask you whether you should allow permission for this programme if u say no or block the programme Leak Test will show the "unable to connect message". This means that your firewall has been successful in blocking the prog from connecting to the net. If the firewall fails it will show a "firewall penetrated" message. This tool has been around for a while and I have been using it for a while to test my outpost firewall on my personal computer and it has been successful in blocking it.

According to Steve Gibson some firewall's like blackice had failed the test. This is a free tool and will tell you if your firewall is good enough to block unauthorized programmes from accessing the net.

LeakTest can be used to expose and demonstrate the following, all too common,personal firewall application filtering weaknesses:
As you know,any program in your computer can easily learn the name of your system's registered eMail client or web browser. Does your firewall allow any program with the same name to gain access to the Internet? If so, any Trojan horse or Spyware simply needs to change it's name to send anything it wants right out of your computer. Simply rename leaktest.exe to the name of a permitted program and find out whether it's able to access our server.

Also there are some firewalls that automatically create rules for "known" applications, then any Trojan or Spy software can simply rename itself after one of those programs and your own firewall will give the Trojan or Spyware complete Internet access permission without even asking you!

And according to Gibson
"When LeakTest v1.0 was released several popular firewalls could be completely circumvented with just a few lines of simple, documented, code. When you add the command-line option: stealth or hold either "Shift" key down while starting the test, LeakTest will check for this added firewall vulnerability."
I have tried the small yet very handy tool. May be you guys might find it handy too.