Re: Terrifying results from online test

From: Michael J. Pelletier (
Date: 12/13/04

Date: Sun, 12 Dec 2004 21:20:41 -0800 wrote:

> I did this test, which simulates an unknown Trojan attack on a windoze
> computer. The program successfully bypasses my beloved (and well
> configured) Kerio firewall. It also evades my universities hardware
> firewall, which is configured very well (the admins are the block all
> apart from port 80 type :-( )
> Check out PCAudit from
> The program works by causing applications that have the privileges to
> connect to the internet to upload data to their server.
> I thought I would be safe because I configure kerio so it only permits
> outbound connections to IP addresses of the resources that I connect
> to, for example smtpserver:25, nntpserver:119, pop3server:110 and
> proxy:8080
> PCAudit appears to scan its way out. Even when I click deny it gets
> through!
> The company behind PCAudit have publicised a vulnerability that affects
> almost all firewalls. Their PCAudit program could easily be reverse
> engineered by crackers, and then a real and more malicious Trojan could
> be produced that bypasses almost all firewalls.
> What do you guys think of this? Did you pass the test (without
> unplugging your internet wire/blocking all traffic Lol)?

DO NOT USE!!!!!!!!!!!!!!