http://www.securitypark.co.uk/article.asp?articleid=25330&CategoryID=1

A new test created by PC Flank has demonstrated that all major firewall programs can be bypassed and that none of them can prevent a leak of your personal information from Internet-connected computers. The test is called the PC Flank Leaktest and it attempts to upload user-specified text data directly to PC Flank's server, undetected by the firewall.

To the creators' surprise, all of the top-tier commercial firewalls failed the test. They allowed the custom data to be transmitted to the test location. None of the firewalls could deter a genuine, malicious attempt to steal private data.

These results emphasize the fact that, while most firewalls provide reliable protection against inbound data threats, they are often incapable of providing outbound protection, allowing your private information to be accessed by hackers.

A firewall leak test is software designed to determine how capable a firewall is at preventing information from leaving your system, using either legitimate software installed on your computer or an insecure system configuration. While there are over a dozen hard-to-beat leaktests in existence, which are largely addressed by the firewall developers, PCFlank's new test has so far proven unbeatable. The technical principle behind the PCFlank leaktest is called OLE automation-application control technique.

PC Flank has informed all firewall developers about the existence of this security issue and will conduct a re-test in a month's time to verify each developer's response to the urgent need to protect their customers.

"It remains to be seen how the top firewalls will be able to cope with our test sample. So far I've only seen lackluster performance with even the heavyweights, such as of Symantec, McAfee, ZoneLabs, Sunbelt and Agnitum. All of them, except Tiny are porous. The scariest thing about this test is it's based on real life; its principle could be successfully used by real identity thieves, costing real people real life savings." - said Andrew Cooper, PC Flank's editor-in-chief.

Details about the PC Flank Leaktest can be found on the PC Flank website.

http://www.pcflank.com/

*LOTS OF SECURITY SCANS on this site!

*I don't know what relevance the flank test has as you have to have IE open to run it ... but check out some of the other scans they have as well.

Ok, they have some scans that may prove useful.
I only show two visible ports, which I know are set for port forwarding in the router for specific reasons. Visible but not open.
All the other scans show solid as a rock.
Whether or not they are pushing the Outpost Firewall remains to be determined.

Maybe Rich will give it a quick trial and see if has promise.

IE is the key. The test itself does not send any information. There is no network activity until you paste the link or
hit the Open Browser button. Then the number shows up, even in Firefox, if it is the default browser. I blocked IE with ZA and stopped the leak. IS this the case of exploiting one of those infamous IE security hole vulneralbilities? This test seems to be a little bit of smoke-and-mirrors.

I did Outpost about 6 months ago. It was outstanding if you don't want to use a browser. No matter what i did I could not use any browser known to man. I'll try again.

Well now I remember...this is one of the most annoying programs. Every single site you go to has to be approved on every browser as a screen comes up. I never even got to see if network works as this became intolerable.
No thank you I would rather behacked and lose my money!

Thanks guys you started this BS up again. Kerio will not let me set exception anywhere for Ad Muncher which could be my most active activation. I had to stop reading a forum to uninstall Kerio to finish reading a few posts.

This is another reason why I abandoned all of those over-promising firewall programs. I've settled on using the firewall that comes with Windows XP. All of the major firewalls cause such a drag on performance. Add to that the poor performance of the firewall in protecting you and why even use it? My computer is so much more quick with using the Windows XP firewall. I may not even go back to a resource hogging firewall program again.

I know John and I have to choke off the temptation to start that up again. I noticed both firewalls also slowed down my system considerably and what bothers me is that is a 2000 machine so i really need something on it.I am beginning to think I may just buy XP for it so I can use the XP firewall as time is money and I just don't feel like wading through that ocean of crap software again because I think I know the conclusion. I wanted to keep a Windows 2000 pc since I have clients that use it. Damn I am so annoyed that Sygate is gone. You cannot imagine how I feel about Symantec now for buying and destroying the only decent firwall out there. I guess it would have been an embarassment to them with that coral of pure crap they sell under the Norton label to have a good program available that worked right and did not rob resources and crash computers all the time!
You klnow I just noted that Bit defender has a free version BTW and I may go to paid version and do trial of that because it has a firewall I have not tried.

Frankly, I get the same results with ZA on and off. Except for Browser check, everything shows up as stealthed or protected. It would appear that my router is masking my true IP address. The Browser check only shows possible vulnerability to cookies and referrals. Wouldn't that be more of a browser issue, since it is info passing thru a trusted program? Curious, though, Task manager still shows no Network activity except when the pages turn. This is true with the downloaded test also. Anyone know another good place to test(besides Gibson; I already passed on there)?

Then again, if my router masks my address, why worry?:)

A simple NAT router takes care of 90% of your inbound security needs.
Your modem has an IP but that is all that's visible to the public.
Anything behind your router has an internal IP, from the router.
Ports are otherwise closed and invisible to the outside unless an app in your machine opens them outbound or you set port forwarding in the router to send incoming pings to a specific port to a specific machine.
The $30 for a router is the cheapest and most secure security you can have.

If you are only talking inbound protection, even the XP firewall is redundant with a router.
If it's outbound protection you want (and should have) then a two way software firewall behind the router is required to monitor things in your machine calling out.

Why worry?
If a trojan or rootkit gets inside, you could become one of the thousands of machines used by a botnet and your machine could be doing all kinds of things behind your back. Botnets and zombie machines exist because people don't know about or notice the activity.
Botnets and zombies are one of the biggest security threat out there currently and are extremely stealthy because their owners don't want you to know they are using your machine!

The average person, with an unprotected machine, risks attack online within hours. There are huge botnets that do nothing but search for unprotected machines. You will be assimilated!
The average person with an unprotected machine rarely discovers they have been taken over.

Network awareness is key!
Besides firewalls and routers, the other important things that should be obvious is the network icon in your systray and the activity lights on your router and modem.
When they are flickering away and you are not talking... who is?

This is big money, big organized crime and big risk these days.
If you have a 24/7 cable connection, unless you place the modem in standby or block all internet access when not in use, yes, I would worry!

Even if you have dial-up, if your modem suddenly starts coming on and connecting by itself, I would worry!

Thanks, Doug. Well, I'll be sticking with ZA for now, especially since you can lock things down when you want to.

If you ever doubt that their is trouble in paradise....
Use any good firewall that logs incoming pings.
Connect the machine to the web without a router for 24 hours. Look at the results! You will probably have to increase the size for recording the results or the page will fill up in an hour!
Compare that with the alert logs with a router - zip,nada!

I recall, back before I had a router, during one of the virus outbreaks watching the port pings coming in so fast I couldn't read them!

They're out there and they're looking for you!