Mark0's Forum

Software => Other tools => Topic started by: IByte on November 20, 2006, 08:57:35 PM

Title: LeakOut blocked by Sunbelt Kerio Personal Firewall
Post by: IByte on November 20, 2006, 08:57:35 PM

I just tested LeakOut, and was pleased to find that it was blocked by the application launch control feature of Sunbelt Kerio Personal Firewall (free version available), which was configured to ask the user for permission when a program attempts to start another program. Kudos to Sunbelt/Kerio for protecting against this.

On a related note, the DLL dropped by the FireHole program you link to was blocked by Avast anti-virus as a generic Trojan (free version also available).

(Disclaimer: I'm not affiliated with any of these vendors, but I just thought you might be interested in knowing what security products know how to handle this exploit.)

Title: Re: LeakOut blocked by Sunbelt Kerio Personal Firewall
Post by: Mark0 on November 20, 2006, 11:02:02 PM

It's obvious a very simple tool, made just to show how a "lame" technique may (surprisingly) works against various personal firewall, without resorting to anything really complex. Off course it is to be expected that it will also fail against others.

Just one question: you have also tried with the browser already open? And/or maybe you can try also with Firefox, if you haven't?

Thanks for taking the time to post some feedback about the tool,
Bye!

Title: Re: LeakOut blocked by Sunbelt Kerio Personal Firewall
Post by: IByte on November 21, 2006, 03:08:49 AM

Firefox (2.0) is my default browser, and yes, it was open when I ran the test (it's open most of the time anyway). It's an interesting concept, but like I said, I'm glad my defences appear to be adequate for now.

Title: Re: LeakOut blocked by Sunbelt Kerio Personal Firewall
Post by: Mark0 on November 23, 2006, 09:44:03 AM

OK, thanks again!

Bye!