https
Internet Connection Security for Windows Users
by Steve Gibson, Gibson Research Corporation

~  New Version 1.2  ~

Click to download LeakTest (25k)

To download LeakTest click on image above or the link below.

File stats for: LeakTestfile download  freeware page
spacer
gray
spacer
Last Updated:
Size: 25k
Jul 10, 2005 at 10:54
(3,209.87 days ago)
Downloads/day: 217
Total downloads: 7,836,503
Current Rank: 4
Historical Rank: 1


PLEASE NOTE that LeakTest marks itself "Read-Only" after
its first use. So you may need to delete or move your
old copy before downloading a replacement.

November 03, 2001
Announcing Minor LeakTest Update
NetworkICE's BlackICE Defender Update
Apparently Designed to Mislead its Users

Eleven Months after the release of our first, simple, but effective and popular (7,836,503 downloads) LeakTest firewall testing utility, BlackICE Defender (BID) continues to "leak" — as defined by LeakTest. But a recent update to BID (version 2.9cai) was hiding this fact from its users by effectively cheating the LeakTest.

Rather than enhancing BlackICE Defender by adding the sort of application-level controls that are available even from many completely free personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent LeakTest's intended operation by adding specific awareness to BID of LeakTest's remote testing IP.

Demonstrate This for Yourself
If you are using the current version of BlackICE Defender as of this writing (version 2.9cai), you can click this button to have your web browser touch the old LeakTest IP address and port:


BlackICE will alert you to "LeakTest trojan horse activity" even though your web browser obviously has NOTHING to do with LeakTest.

BID's fraudulent LeakTest detection is "misfiring" because it was never designed to truthfully test for LeakTest's outbound communications. As far as we know, BID has no such capability. So it appears to have been designed merely to mislead and hide that truth from its users.

This IP address-specific blocking could have falsely lead BID's users into believing that their updated BID firewall was now providing the sort of outbound blocking, protection, and awareness that LeakTest was designed to detect, test, and report. (And which all effective personal firewalls provide.)

Although we would celebrate the addition of true outbound application-aware control and blocking to BID, achieving that sort of protection is significantly more difficult — and certainly far more valuable to its users — than blocking a single IP address at Gibson Research Corp. in order to falsely appear to be doing more than they are.

LeakTest Version 1.1:
Shortly after we learned of and confirmed this unfortunate decision on the part of NetworkICE's developers, we updated the original LeakTest v1.0 to version 1.1 by simply changing LeakTest's remote connection IP and port number. With that small (two byte) change, LeakTest was again able to communicate out through BlackICE Defender's complete lack of defenses, as it always has — and as any other malicious hackerware or spyware presumably also could.

ISS / NetworkICE Responds
A recent BlackICE purchaser wrote to us:

"As someone who has recently purchased blackice defender, I was understandably worried by Steve's derogatory remarks about the program and it's functioning. So I mailed them [ISS/NetworkICE] and asked for comment. I paste it here un-altered, for whoever may wish to read it."

For those who are interested, here is the reply this BID user reportedly received from the anonymous "Trish M." at BlackICE Technical Support in reply to his concerns, followed by the reply I sent back to him (non-anonymously):

BID's Official Response & My Reply

October 25, 2001
LeakTest and the Windows XP Built-In Firewall
The Windows XP built-in firewall:

The rate of LeakTest downloads jumped significantly on October 25th, 2001, presumably due to the release of Windows XP on that date.

It is understandable that new Internet savvy users of Windows XP, who are aware of our work here at grc.com, would be curious to learn about their new system and its Internet defenses.

Just so you know, WinXP's built-in firewall does not attempt to manage or restrict outbound connections at all. It appears to be a useful firewall for hiding the machine from the Internet (it has "stealth mode" unsolicited packet handling), but you will still need to use a good third-party personal firewall if you wish to manage and control outbound connections from your system.


Introducing LeakTest

This site has been most well-known for its FREE ShieldsUP! Internet security test. Crucial as it is to protect yourself from malicious hackers outside, those bad guys represent only half of the threat. The Internet has proven to be an extremely fertile transportation medium for all manner of nasty Trojan horse programs, rapidly proliferating viruses, and privacy invading commercial spyware. As a result, it is no longer true that all of the potential problems reside outside the computer.

Your Internet connection flows both
ways . . . so must your security.

Not only must our Internet connections be fortified to prevent external intrusion, they also provide secure management of internal extrusion. Any comprehensive security program must safeguard its owner by preventing Trojan horses, viruses, and spyware from using the system's Internet connection without the owner's knowledge. Scanning for the presence of Trojans, viruses, and spyware is important and effective, but if a piece of malware does get into your computer you want to expose it immediately by detecting its communication attempts and cut it off from communication with its external agencies.

Most personal software firewalls provide — or attempt
to provide — application-based management and
control of outbound Internet communications.

Marketing and Exploitation of Loyalty and Trust
Just like people, no two firewalls are identical. Some are rather spartan where others have plenty of bells and whistles. Some are easy to use and some have been made too easy to use — rendering them highly insecure. And, sadly, there are others which are pure snake oil sucker bait. This situation is further complicated by the fact that in this weird and immature market, you don't get what you pay for. One of the BEST firewalls is completely free, and one of the most WORTHLESS is the most expensive.

On this issue, ZDNet's eWeek quotes Jose Granado, a senior manager at Ernst & Young LLP's Security Solutions Group, in Houston:

"These firewalls were rushed to market and are poorly designed," said Granado, who has testified in front of the U.S. Senate about Internet security. "Version 1 of these things is not a 100 percent solution; it's like an 80 percent solution. But business is business. Everyone saw a personal firewall out there, and they all had to have one. Most of them have to get much better in their next rev."

ZDNet eWeek, by Scott Berinato, 12/11/2000

My Role
It is for all of these reasons that I have decided to assume an active and vocal position as an unbiased third-party evaluator of the technology and security of personal software firewall products.

For the record, I have NO INTEREST in any of these vendors.
I have NO undisclosed relationship of any sort with any person,
company or entity, and no hidden agenda creating bias of any kind.

 . . . which is NOT to say that I don't have strong feelings and opinions about these products. But in every case you will know exactly why I feel as I do. And, more than that, you will be individually empowered to independently verify any and all of my findings. You don't need to take my word for it. You can see for yourself.

The LeakTest Family
To aid in the exploration of product strengths and weaknesses, and to invite an independent consensus and confirmation of my findings, I am producing a series of completely FREE "LeakTest tools". These tools may be freely used for experimenting with, and revealing, the security strengths and weaknesses of various firewalls.

The first freeware — LeakTest v1.2 — is ready for you now.

My Goal
The biggest problem with highly technical products — like software firewalls — is that they are, ummmm, highly technical. When viewed from a great distance they often seem pretty much alike. And they all claim to be the latest state-of-the-art, most secure and amazing things ever to grace your hard drive. But few actually are. Many are simply junk.

When the security of your computers is hanging
in the balance, you NEED to know which is which.

By openly exposing the strengths and weaknesses of these products, two significant things will happen:

YOU will be able to make fully-informed decisions about which products best suit your needs, and,

Unable to hide in the darkness any longer, the forces of natural selection will induce these products to either improve or die. The truth is, I don't care which. We only need a few personal firewalls and the market has become flooded with opportunistic competition.

Why am I doing this?
Why do I do anything? Why did I create ShieldsUP!?, or FIX-CIH?, or Trouble In Paradise? (TIP), or Free&Clear? or any of the other things I've done? I am doing this because I believe it's important. And because — with YOUR support, trust and help — we can together bring about significant positive changes in the state of the Internet security technology marketplace.

For me, that's reason enough.  But if you want more, there is more . . .

Examine the software licensing agreement accompanying
the security product you depend upon, and you'll find that
the vendor who took your money is not responsible for its
operation and/or performance.  Oh yeah? . . .

LeakTest is destined to become a staple of this web site, and a continuing focus of my future work, because it's a proper companion to, and complement of, my ShieldsUP! and NanoProbe services. As I explained at the top of this page, your Internet connection flows both ways, therefore, so must your security. And therefore, so must your security testing.

For more than a year, ShieldsUP! has provided the personal computing industry with useful, free, "first pass" external security testing. NanoProbe will take that testing to its theoretical limits. The evolving LeakTest family will provide a suite of internal security tests.

When viewed in retrospect, isn't it obvious that we have desperately needed something like LeakTest?

Thank you for your support.

To continue, please see: How to Use LeakTest

You are invited to browse these LeakTest pages:

LeakTest
How to Use LeakTest 1.x

Personal Firewall Scoreboard

Firewall Vendor Responses

Vulnerability Disclosure Policy
Hardware Firewalls/NAT Routers

Tracking Firewall Updates

Frequently Asked Questions

LeakTest News & History

Jump to top of page
Gibson Research Corporation is owned and operated by Steve Gibson.  The contents
of this page are Copyright (c) 2014 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.
Jump to top of page

Last Edit: Feb 21, 2008 at 13:55 (2,253.75 days ago)Viewed 365 times per day