Author Topic: GreenBorder Online Security Test?  (Read 4529 times)

Offline [Firefox]

  • Newbie
  • *
  • Posts: 2
GreenBorder Online Security Test?
« on: February 24, 2007, 08:12:09 AM »
Well today i tested the GreenBorder Online Security Test. But even if I deny all internet access for that application it still can access the internet and "send" all the stolen files on my computer. Am I doing something wrong or why does it bypass the internet block?  ???

You can find the test here: www.greenborder.com/test/

Sry for my bad english.

Offline Quwen

  • Comodo's Hero
  • *****
  • Posts: 218
Re: GreenBorder Online Security Test?
« Reply #1 on: March 03, 2007, 11:46:38 PM »
That test is a serious joke. First of all, they only say it is able to, but they don't give any proof. Secondly, I have hundreds of files in My Documents, and it didn't get a single one of them. A packet sniffer shows that it does not actually connect to the internet, meaning that it probably just uses a default list of files built into it.

Either they don't know how to write a test or it's a dangerous advertisement for their product.

Offline djet

  • Comodo Family Member
  • ***
  • Posts: 62
Re: GreenBorder Online Security Test?
« Reply #2 on: March 05, 2007, 09:18:20 AM »
It ain't a joke. It's a HTML Application, that you have to gain access to download and run. Consider running HTA script equal to downloading and running .exe. No wonder it can enumerate & manage your files and send results encrypted in URL string. But if you don't have a habit running suspicious files, you won't be affected.
From Russia with lags.

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: GreenBorder Online Security Test?
« Reply #3 on: March 05, 2007, 10:19:03 AM »
The whole point of the Greenborder test is the HTA exploit possible when running Internet Explorer.  I have Firefox as my default browser, which doesn't have that particular vulnerability.  I took the test a while back, and intentionally allowed it, to see what it would do.  It was unable to open the browser, as it couldn't utilize the exploit.

There are applications which allow you to disable the HTA scripting mechanism within Windows (so that you can toggle it On or Off).  In some instances, it is needed for the Add/Remove Programs applet to work.

As to your question, [Firefox], if you deny the application within CFP, you shouldn't see any results indicating that it was able to get out; but you have to deny all popups.  It may give you an alert that your browser is trying to connect; you will have to deny that...

I'd like to know specifics of what you experienced.  Screenshots would be good.  If you run the test again, please reboot prior to doing so (and clear out your temp files; ccleaner is a good free utility to do so with).

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek