Terrifying results from online test
Date: 9 Dec 2004 18:15:16 -0800
I did this test, which simulates an unknown Trojan attack on a windoze
computer. The program successfully bypasses my beloved (and well
configured) Kerio firewall. It also evades my universities hardware
firewall, which is configured very well (the admins are the block all
apart from port 80 type :-( )
Check out PCAudit from http://www.pcinternetpatrol.com/page/view/49
The program works by causing applications that have the privileges to
connect to the internet to upload data to their server.
I thought I would be safe because I configure kerio so it only permits
outbound connections to IP addresses of the resources that I connect
to, for example smtpserver:25, nntpserver:119, pop3server:110 and
PCAudit appears to scan its way out. Even when I click deny it gets
The company behind PCAudit have publicised a vulnerability that affects
almost all firewalls. Their PCAudit program could easily be reverse
engineered by crackers, and then a real and more malicious Trojan could
be produced that bypasses almost all firewalls.
What do you guys think of this? Did you pass the test (without
unplugging your internet wire/blocking all traffic Lol)?