Rot in hell, GRC

Jun. 25th, 2007 10:34 am
[identity profile] ebtb.livejournal.com posting in [community profile] techrecovery
Seriously, I wish the people who make leak tests site would die in a fiery explosion visable from space.  Not a day goes by - not a day - where I don't  get some luser emailing me with:

ZOMG! YOUR FIREWALL FAILED THE GRC LEAK TEST! I WANT MY MONEYZ BACK 'CAUSE IT WON'T STOP HACKERZ! :(

Well, if failed because you allowed the connection, you fucktard!  That's like being pissed at ADS for allowing a burglar in your home because he found the key under the welcome mat.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Date: 2007-06-25 02:58 pm (UTC)
From: [identity profile] hikari-neko.livejournal.com
They'd complain quick enough if the firewall just silently denied things.

Date: 2007-06-25 03:40 pm (UTC)
From: [identity profile] mouser.livejournal.com
...and if they didn't allow the connection, they'd complain that the GRC site didn't work.

Date: 2007-06-25 03:42 pm (UTC)
From: [identity profile] docjeff.livejournal.com
In case you don't already know:

GRC Sucks dot Com (http://grcsucks.com/)

Date: 2007-06-25 03:55 pm (UTC)
From: [identity profile] jill-idle.livejournal.com
well, I don't blame grc for the ignorance of a user. leak tests are useful tools. i'm not going to blame black and decker if someone saws their own arm off with a skill saw either.

Date: 2007-06-25 04:42 pm (UTC)
From: [identity profile] yndy.livejournal.com
so it's GRC's fault that the luser doesn't understand the technology?

Apparently tho - you haven't ever read the directions of leaktest, as it specifically has the luser look through the names of already allowed programs and rename the file the same as one of those to see if the altered program is still allowed through the firewall even though the .exe is not the one originally allowed...

the analogy there is that the user shouldn't be pissed because your border guard let thru the terrorist simply because he had a passport - doesn't make a difference that the guy with the passport looked nothing like the picture...

Date: 2007-06-25 06:54 pm (UTC)
jecook: (Default)
From: [personal profile] jecook
Mr. Gibson wrote one product that worked very well, from what other techs that have used it have told me- Spinrite.

But with the bizzare adventures he's taken into network security (an altogether different critter) I can't recommend it. That, and I've never used it.

GRC is good for one thing...

Date: 2007-06-26 01:35 am (UTC)
From: [identity profile] coyoteden.livejournal.com
Whenever a client needed ports opened on their fw, I would use a ShieldsUP! custom scan to verify the ports were indeed open.

You never know what some ISPs will block...

Date: 2007-06-26 07:57 pm (UTC)
From: [identity profile] goose-entity.livejournal.com
but if the firewall silently denied SMTP you would never read their whinges ;)

Date: 2007-06-27 05:41 am (UTC)
From: [identity profile] kayfox.livejournal.com
My opinion, exactly.

Re: GRC is good for one thing...

Date: 2007-06-27 10:28 pm (UTC)
From: [identity profile] coyoteden.livejournal.com
using nmap from the LAN against the public IP isn't always reliable...

I've seen some routers that drop all LAN side traffic directed at the router's WAN address (very broken...) some that follow the port-forwarding rules, and some that do other things, like dropping all traffic except to the router management ports.

If I don't have an outside box I can access, GRC is a good substitute. ShieldsUP probably runs nmap on the backend anyway.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only
Page generated Mar. 20th, 2026 06:42 am
Powered by Dreamwidth Studios