Re: Terrifying results from online test
From: Michael J. Pelletier (mjpelletier_at_mjpelletier.com)
Date: Sun, 12 Dec 2004 21:22:31 -0800
> I did this test, which simulates an unknown Trojan attack on a windoze
> computer. The program successfully bypasses my beloved (and well
> configured) Kerio firewall. It also evades my universities hardware
> firewall, which is configured very well (the admins are the block all
> apart from port 80 type :-( )
> Check out PCAudit from http://www.pcinternetpatrol.com/page/view/49
> The program works by causing applications that have the privileges to
> connect to the internet to upload data to their server.
> I thought I would be safe because I configure kerio so it only permits
> outbound connections to IP addresses of the resources that I connect
> to, for example smtpserver:25, nntpserver:119, pop3server:110 and
> PCAudit appears to scan its way out. Even when I click deny it gets
> The company behind PCAudit have publicised a vulnerability that affects
> almost all firewalls. Their PCAudit program could easily be reverse
> engineered by crackers, and then a real and more malicious Trojan could
> be produced that bypasses almost all firewalls.
> What do you guys think of this? Did you pass the test (without
> unplugging your internet wire/blocking all traffic Lol)?
THIS PRODUCT INSTALLS SPYWARE!!!!!!!!!!!!
DO NOT USE!!!!!!!!!