How safe is your firewall?
As the number of broadband users increases, more and more computers are finding themselves with permanent Internet connections. With some choosing to leave their computers on all the time, permanent Internet connections introduce an inevitable security risk. While the 'real' hackers out there may have no interest in messing around with random Internet users, there's a whole world of l337 h4><0rs out there with nothing better to do.
To combat this risk, many users have invested in personal firewall softwaresoftware that apparently is only "pseudo protection." This article over at InternetNews suggests personal firewall software isn't doing enough to stop something called internal extrusion. While the firewalls out there do a fair enough job from stopping people from getting into your computer from the Internet, they aren't doing a good enough job with communications from your computer to the outside world:
To prove his point, Gibson has developed a free utility called LeakTest. The 27-Kbytes program is a trojan-horse/spyware simulator that attempts to slip past a personal firewall's defenses and connect to a server on the Internet.
Not surprisingly, popular intrusion detection programs like BlackIce Defender from Network Ice fail to catch the outgoing connection and report it to the user. But more disturbingly, several firewalls that claim to offer outbound detection are also fooled by LeakTest. Among them, the best selling Norton Personal Firewall and McAfeeFirewall.
Both are among a small number of desktop firewall programs that attempt to address the problem of unauthorized outbound leakage, but Gibson says they fall short and can be easily fooled or bypassed because they come pre-programmed to allow some applications to pass through the firewall.
You can grab LeakTest here
if you want to see how well your firewall does with its outbound detection. The question now becomes, can the software be fixed before exploits are developed and used?