Time To Retest Your Firewall

[rikytik]

You are a genius, Sony. Man, did that ever cause me a lot of worry. Well, all part of the game and I sure learned a lot of things. Very enriching thread you started, Sony.


Thanks for the data, unicorn. The big concern I had was why was this connection showing up on my pc. Thanks for your help.

And war, too. Great thread.

[Sony]

I'm glad we have it sorted.
I was pulling my hair for a few hrs on this one
Once i run every possiblescan on my sytem i decided that i needed to look in the xnetstat cause the chance of my pc be infected are not that big (i like to belive so anyway.......)

Now i have different problem that i need to solve........ but i might start a new thread.


Take care buddy and everyone that contributed to this thread

Sony

[Leech]

I just did this test and failed misrebly. I have McAfee Personal Firewall Plus, and McAfee viruscan Enterprise 8.1i running also .. This i behind a router .. Man what a shake up.

I wonder what I could do to fix that .. When the test was done it lead me to a page that showed the page I was on, it had a photo of my desktop. everything was there. It had the name of my pc, my ip address, my my docs folder list and so on - It even had my favorites list !! ... This is pathedic. ...

[Leech]

Hmm .. It seems to be a test of things going out - not coming in. SO if you think about it and you are behind a router or a software firewall. If some tried to get in they wouldn't be able to. This only explain in better detail why I insist on having a soft firewall along side the router ..

[roadworker]

What the disclaimer "forgot" to tell you,is that the windows/system32 .dll they used tries to connect 1 last time AFTER you ran the test and closed the pcaudit program.......which possibly means:

if you login somewhere with a real user/pass,it's possible that this info is transmitted

[EyU]

All this is interesting , I didn't run the file , it's detected as Spyware and , that is enough for me to not run it.
So how is it fixable , the vunerability I mean?
I suppose any software that had it incorporated would be detected by scanners anyway.
So what's the worry?

[war59312]

Quote:

Originally posted by EyU@Oct 15 2004, 03:39 PM
All this is interesting , I didn't run the file , it's detected as Spyware and , that is enough for me to not run it.
So how is it fixable , the vunerability I mean?
I suppose any software that had it incorporated would be detected by scanners anyway.
So what's the worry?

[snapback]215627[/snapback]

Detected as sypware? With what?

[EyU]

With NAV 2005

Source: C:\Documents and Settings\Me\Desktop\pcaudit.exe
Description: The file C:\Documents and Settings\Me\Desktop\pcaudit.exe is a Spyware threat.
Click for more information about this threat : link Spyware.Pcaudit

[Firefox]

So PCAudit is a gloryfied Keylogger, at least it helped patch the .dll hole.


@ .Unicorn if you want to browse cleanly everey time, why not just pop in linspire live cd it takes a couple of minutes to boot, but most everything is done with a RAM disk (I belive, My understanding is it is Like surfing in a PE enviroment and you can always save pages as favorites then export favorites to a Flash disk or USB disk, for revisisting later.

Just food for thought.

[war59312]

Quote:

Originally posted by Firefox@Oct 16 2004, 11:58 AM
So PCAudit is a gloryfied Keylogger, at least it helped patch the .dll hole.
@ .Unicorn if you want to browse cleanly everey time, why not just pop in linspire live cd it takes a couple of minutes to boot, but most everything is done with a RAM disk (I belive,  My understanding is it is Like surfing in a PE enviroment and you can always save pages as favorites then export favorites to a Flash disk  or USB disk, for revisisting later. 

Just food for thought.

[snapback]215686[/snapback]

In deed and you can write to hard drive if you have a parton setup and have accesss, as if it was installed like normal.