MikeAA

Default setting firewall allows GR Leaktest to penetrate.

Recommended Posts

I tested the firewall with Gibson Research leak test.  

  https://www.grc.com/files/LeakTest.exe 

 

The leaktest program penetrated the firewall when I used the default settings.  It also automatically created a rule allowing future execution.

 

After deleting the rule, when I changed the setting to "Ask" about "Outgoing Connections for unsigned or unknown programs, a pop-up appeared when I tried to run leaktest asking if I wanted to block it.

 

After creating a blocking rule, the firewall nicely blocked execution even if I renamed leaktest.exe to firefox.exe.

 

I know that asking about outgoing connections adds some pop-ups, but how else can I trap programs like leaktest?

 

 

 

 

Share this post


Link to post
Share on other sites

If you want to get a warning for every unknown application trying to access the internet, you can change the default settings under Protection/Firewall/Automatic rule settings. Keep in mind though that these additional confirmations don't necessarily translate into better protection. The reason for that is that the behavior blocker already intercepts suspicious connection attempts to the internet. The reason it doesn't interact with leak tests is because leak tests are neither suspicious nor dangerous. For the behavior blocker to trigger an alert in that case would just be a false positive.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.