Leaktest 1.2 Released
- Thread starter Blane
- Start date
Thanks for the info. 
Thanks Blane -- it's always good to check.
Blane
1
If someone is trying to find their way into your computer, the first thing they look for is an "open window" through which they may gain access. This is accomplished by running a port scanner that looks at a particular TCP/IP address and then scans all 65,535 TCP/IP ports on that address to see which are available. They then try to exploit any available port to gain access to your computer. Stealth mode provides no feedback when someone looks for weaknesses by probing your Internet TCP/IP address.
dx
1
Thanks Blane for the heads up!
Steve Gibson site is an Internet treasure. All this good software...and it's FREE! Lookie, lookie...http://grc.com/freepopular.htm
Steve Gibson site is an Internet treasure. All this good software...and it's FREE! Lookie, lookie...http://grc.com/freepopular.htm
Blane
1
All of this is directly from the GRC LeakTest site and he doesn't explain how the stealth mode works. ----------LeakTest can also operate in "stealth mode" by holding down either Shift key when testing, or adding the word "stealth" to the command line, to render it further invisible to some firewalls. LeakTest pretends to be an FTP client application which attempts to connect to port 21 (FTP) of one of our servers within the grc.com domain. It verifies the connection by receiving a short string of 13 random characters, then it immediately disconnects. The server connected is not a true FTP server, it is simply a custom-built component of our forthcoming NanoProbe technology. LeakTest also recognizes the optional command-line term "stealth". You can provide this by starting LeakTest from a DOS Prompt Window, from the "Run..." option of the Windows Start menu, or by creating a program shortcut and adding the term "stealth" after "LeakTest.exe". (Using a shortcut lets you easily and always use LeakTest in stealth mode.) LeakTest's stealth mode requires the use of Microsoft Windows Sockets (WINSOCK) version 2.0 or later. This has been "standard equipment" on all versions of Windows AFTER Windows 95. Because Winsock 1.x is literally riddled with significant and widely known Internet security holes, and is absolutely unsafe to use, Microsoft offers a FREE UPGRADE to all Windows 95 users. How is this done? What is LeakTest's "stealth mode" ? You probably know that I would love to tell you. But since I have no wish to help Trojan horse, virus, and spyware authors increase the power of their own firewall-penetrating technology, I can not provide details. Suffice to say, however, that some firewalls are so poorly written that they can be easily and completely circumvented with just a few simple lines of code — regardless of the name of the penetrating program. Once Trojans, viruses, and spyware pick up on this
trick, ALL USERS OF VULNERABLE FIREWALLS
will be COMPLETELY unprotected.
trick, ALL USERS OF VULNERABLE FIREWALLS
will be COMPLETELY unprotected.
Last edited:
Oh well, Outpost stops it either way - and I know Outpost queries if an application has been updated (my antivirus updater changed a few updates back, and Outpost warned of it.
Some of the more exotic "leaks" are not yet resolved, usually those structured around browser hijacking.
PS. I'm seeing it as port 80 (HTTP) not port 21 (FTP) - is this consistent with what other firewalls log?
Some of the more exotic "leaks" are not yet resolved, usually those structured around browser hijacking.
PS. I'm seeing it as port 80 (HTTP) not port 21 (FTP) - is this consistent with what other firewalls log?
Last edited: