As part of my ongoing paranoia that my PC’s are compromised, I found a free simple little utility to help test the mettle of my current software firewall of choice (Comodo Internet Security). Steve Gibson (GRC.COM) is a well known and respected source of data and security information and he has written and provided a great tool to show you whether or not your firewall is working as expected.
LeakTest is an incredibly easy tool to use that will attempt to make an outbound connection from your PC to a safe website. This is a very important demonstration of your firewall’s ability to detect and alert on connection attempts made from within your PC. Generally speaking, a properly patched and secured machine is not really susceptible to inbound attacks. Meaning, these days the bad guys aren’t often going around the Internet looking for “unlocked doors” (unprotected PC’s) to open up and start controlling. The goal is to get into your PC without you knowing about it and the using it to connect to other systems on their behalf, leaving you as the person accountable for whatever it is they do.
It is far more efficient for bad guys to get you to install their bad software on your PC for them! They hide trojans, viruses, spyware, etc. in programs that you download from nefarious sites or to otherwise trick or trap you into visiting a poisoned site that will install code on your PC. Pirated software, peer-to-peer file sharing, bit-torrents, e-mail viruses, and spam e-mail are all very common gateways used to lure you into infecting your own PC. The premise of all that spam you get promising to enhance your manhood, sell you a cheap Rolex, or offer you a free Nintendo Wii, is to get you to visit a webpage that will install malicious code on your PC and hand over control of your system to someone else. This is one of the main reasons why keeping your PC updated and patched is so critically important. The bad guys fin d new ways to take over your PC every day and the software vendors are always going to be a step behind. Once a vulnerability is identified, they do their best to patch it as quickly as possible but until you install the patch, you are vulnerable to whatever the vulnerability is.
Once the code is installed on your PC, a bad guy can schedule it to do things without your knowledge and it may be there for years without you even knowing it. (You may have heard the terms zombie computers or botnet before.) There is a huge underground business in controlling a great number of PC’s and you not knowing that yours is one of them is critical to the success of this underworld.
For example – let’s say a particular group of bad guys control a million PC’s just like yours. Somebody within that group gets mad at Microsoft, WalMart, McDonald’s, whatever. Because they control a significant number of PC’s, they can instruct all of those PC’s to go to the vendors website at the same time, thus taking it down and preventing real customers from accessing it. This can be a major financial problem for a company that relies on a website to generate money! I’m sure you have seen cases like this on the news before. Taken to the criminal level, someone can demand money to either stop or start this kind of headache for a vendor.
With that background, I hope you can now see why your Antivirus or AntiSpyware applications may not be enough. With “innocent” code that YOU install for the bad guys out there, AV and AS products may never think of it as a problem. The security of your PC and the information on it is your responsibility. Safe Internet surfing, diligence in what e-mail you open, and purchasing software from trusted and reliable sources are all actions that you can take to protect yourself. Using Antivirus and AntiSpyware applications, patching your OS and programs regularly, and using a firewall are additional measures that can help you stay safe. Unfortunately, once your PC has been “infected”, the only way to really KNOW it is safe is to reformat and reinstall your OS – which you probably want to do yearly anyway.
So I can’t solve all of your security woes in one blog post, but I can recommend that you run LeakTest to see if your firewall is behaving as it should.
Simply download LeakTest, run it, and see what happens. (By the way, anything I recommend or link to on this site is free of viruses and spyware as far as I can tell, but I hope you just second-guessed me pointing you to LeakTest!).
Once you download the tool, just double-click the LeakTest.exe file to launch it. There is no installation necessary. You should see the control panel displayed below:
Click Test For Leaks –
If your firewall is working properly, it should alert you and ask permission to connect. If you deny this activity, you should see proof that your firewall did its job:
If the tool was able to connect and you were not asked about it, you may need to either reconfigure your firewall of find a new one!
I hope this has been helpful to you. For a safe list of products and tools to use, feel free to browse my technology page and try some of them out for yourself. Feel free to post comments or send me questions.