 justin..needs sleep
Mod
join:1999-05-28
2031
Apple AirPort Extreme (2011)
1 recommendation |
justin
Mod
2015-Mar-16 9:45 am
need a small bit of security tool helphey so I figure you guys know your tools. I'm trying to make sure the browser speed test ( » /speedtest ) does not silently fail when windows security products get in the way. So far it only knows about noscript being on. But there may be others that break what it needs to do without making it clear to the user what is going on. Can someone au fait with all these things check out which if any product in its default state be busting up the test? I'm wondering if MSE or malwarebytes could be a candidate. Typically the symptom is that the test can't talk to any server right at the start. |
|
| |
i use the "avira" antivirus program and its "webguard" causes problems with speedtests..
you have to temporarily disable the avira program's webguard's realtime-protection when doing speedtests..
i don't know if any other similar "webguards" cause problems with speedtests, or not.. |
|
|
85160670 (banned)"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB |
to justin
AFAIK ..... my MSE & MBaM did NOT slowing down my paid bandwith and steady with more LAYER behind ( SPI-NAT Firewall) & steady PING too {{{ SMILE }}} You know better to read and check the web code or to compare with my image att. *_* |
|
 norwegian
Premium Member
join:2005-02-15
Outback |
norwegian
Premium Member
2015-Mar-16 11:07 am
I think what justin  is getting at here, is not what already passes where, as flash, java or any other platform has nothing to to with the raw IP transfers of this test. Security product and the short falls for this specific test will not have answers of "what works for me now" to help. Just a thought. |
|
85160670 (banned)"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB |
85160670 (banned)
Member
2015-Mar-16 11:30 am
Ooops ...... sorry, justin "IF" I missunderstood your question, jut try your new tools "I'm trying to make sure the browser speed test ( »/speedtest ) " looks good {{{ SMILE }}} |
|
norwegian
Premium Member
join:2005-02-15
Outback |
norwegian
Premium Member
2015-Mar-16 11:34 am
I should have been more clear in my reply. The feedback topic for the test is here. » FYI: for general feedback on the new speedtest |
|
85160670 (banned)"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB |
85160670 (banned)
Member
2015-Mar-16 12:23 pm
THX & ACK ...... norwegian {{{ SMILE }}}, BTW, R U Neil ? *_* |
|
justin..needs sleep
Mod
join:1999-05-28
2031 |
to norwegian
yeah mainly I dont know what bolt on security tools block cross domain browser requests which is what the speed test page does when it starts. So i figured this forum would have some that do. Maybe noscript is the only one. |
|
| |
to justin
Great work on the new tool! After the phrasing of your request, I went into this thinking that I would have to enable and update Flash, Java, or install some obnoxious plug-in/active-X control/applet and adjust firewall rules to accommodate. Instead, everything seemed to work just fine out of the box - I can't vouch for the optimistic results, but they at least seem reasonably close to what I'd expect.
This site is so full of great tools and information - thanks for making it even better.
-PIA |
|
85160670 (banned)"If U know neither the enemy nor yoursel
join:2013-09-17
Edmonton, AB |
to justin
This result what I get from URL.Void ....... false positive ¿ ¿ or just cause G0-daddy as your web-server ? |
|
Nanaki (banned)aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH |
Nanaki (banned)
Member
2015-Mar-16 4:56 pm
uh wow i just checked dslreports on the link from the scumware thing. They actually have dslreports listed as hosting a trojan file for download something called dhcpfore.exe.zip
So justin you might want to try contacting them and uh getting them to delist you as having a trojan. |
|
justin..needs sleep
Mod
join:1999-05-28
2031 |
justin
Mod
2015-Mar-16 6:42 pm
wtf is that site
i am away but can someone hassle them
if they have any brains at all its a false positive from a forum post or something.
ps: whats that dumb 1/30 reputation score |
|
 Dustyn
Premium Member
join:2003-02-26
Ontario, CAN |
Dustyn
Premium Member
2015-Mar-16 6:45 pm
» www.urlvoid.com/Never heard of them myself. |
|
 GadgetsRmeRIP lilhurricane and CJ
Premium Member
join:2002-01-30
Canon City, CO |
to justin
results of search show these entries have malware attached. Query results URL MD5 IP Threat 2014-01-03 20:55:18 » /r0/do ··· db328b3242be4e58df41433ee9b4/testsettdsdatabase.zip 21857F1A421D8876A1C0BA45D183B5C5 64.91.255.98 US Win32/Y3KRat.Pro.02 trojan 2012-12-15 03:02:16 » How to Verify if a Website is Infected?f-a-Website-is-Infected 873A5A9662D29315A0D2544F1C9121ED 209.123.109.175 US Virus found JS/Downloader.Agent The 1/30 means 1 found you bad and 29 found you good. |
|
Nanaki (banned)aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH |
to justin
Yeh id never heard of them ither. And would be my guess as well. My guess is at some point some one had some issue with dhcp and made a quick and dirty app to force it. |
|
| Nanaki |
to justin
This is the site that generated the false positive (direct url to their removal request form) » www.scumware.org/removal ··· scumware |
|
Mele20
Premium Member
join:2001-06-05
Hilo, HI |
to Dustyn
said by Dustyn:
»www.urlvoid.com/
Never heard of them myself. It's a free service from the NoVirusThanks folks. NoVirusThanks EXE Radar Pro is their main product. I played with it when it was in beta four years ago. The developer posts regularly in the Wilders 178 pages thread. It's an HIPS anti-executable program reminiscent of Diamond CS's ProcessGuard or Faronics Antiexecutable. » www.novirusthanks.org/pr ··· dar-pro/» www.wilderssecurity.com/ ··· .300552/ |
|
justin..needs sleep
Mod
join:1999-05-28
2031 |
justin
Mod
2015-Mar-17 12:19 am
i prefer the google approach: visit sites using a virtual clean copy of windows until it gets infected, mark the site that was the culprit. |
|
 dib22
join:2002-01-27
Kansas City, MO |
to justin
said by justin:Maybe noscript is the only one. ScriptSafe does it on chrome as well... I just go down the list after the initial fail and temp allow all the IPs. |
|
justin..needs sleep
Mod
join:1999-05-28
2031 |
justin
Mod
2015-Mar-17 3:55 am
thanks!
did the test give an error message that says noscript? or a generic error
i can add scriptssafe to the message. |
|
4 edits |
to justin
said by justin:wtf is that site actually, it is "scumware.org" that has "dslreports.com" listed as hosting malicious content.. here is the URL that they have listed: hXXp://dslreports.com/r0/download/1228756~5beb9dd653f43c16cc15b85922a477e8/DHCPForce.exe.zip the listing is dated "2013-08-02" » www.scumware.org/here is their webpage with information about having a website removed from their listing: » www.scumware.org/removal ··· scumwarep.s. i used the URL, posted above, to try to download the file, and the file was flagged by my avira antivirus program when i tried to download it.. if you look at gadgetsrme's post, above, they posted another link with a supposedly malicious file: hXXp://www.dslreports.com/r0/download/410961~afe3db328b3242be4e58df41433ee9b4/testsettdsdatabase.zip when i tried to download the file, it too was flagged by my avira antivirus program.. i don't know what tool gadgetsrme used to pull up the URL with the malicious file.. |
|
 Ian1
Premium Member
join:2002-06-18
ON |
Ian1
Premium Member
2015-Mar-17 12:13 pm
Where is that from in the site? Could it not be a file that someone specifically uploaded on one of the security forums as being suspect? |
|
Nanaki (banned)aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH |
Nanaki (banned)
Member
2015-Mar-17 12:16 pm
I had that thought as well. I know back when there was a advanced security forum there was tons of stuff there that could uh kill a computer lol.
I miss that forum :\ |
|
| |
to redwolfe_98
Virus Total says the URL is suspicious: » www.virustotal.com/en/ur ··· 6608962/The file is classified as malware here: » www.virustotal.com/en/fi ··· 5883687/It was probably a malware sample which should have been protected with a password to prevent false positives on site scanners. |
|
Ian1
Premium Member
join:2002-06-18
ON |
Ian1
Premium Member
2015-Mar-17 12:21 pm
said by Sportsfan:It was probably a malware sample which should have been protected with a password to prevent false positives on site scanners. Speaking of false positives though, it seems pretty ridiculous to flag a top level URL for a buried forum attachment. URLvoid has pretty questionable utility if that's the case. |
|
justin..needs sleep
Mod
join:1999-05-28
2031 |
to Sportsfan
yes if someone can reverse search the download link in google maybe it leads to the post that attaches it, and a mod can delete it. I cant from here over a dodgy connection. |
|
| justin |
to redwolfe_98
ok found it cheeky boy (not that a post in 2007 isa threat to anyone) » Re: [Equipment] I need help in Guatemala |
|
 SnowyLock him up!!!
Premium Member
join:2003-04-05
Kailua, HI |
Snowy to Ian1
Premium Member
2015-Mar-17 6:19 pm
to Ian1
said by Ian1:Speaking of false positives though, it seems pretty ridiculous to flag a top level URL for a buried forum attachment. URLvoid has pretty questionable utility if that's the case. Maybe you can send them a message via the site's .htaccess file? |
|
Nanaki (banned)aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH |
to justin
Ahh so you found and killed it that explains it. I just found the post on google and was about to post here but looked for the file first  |
|
| Nanaki |
Nanaki (banned)
Member
2015-Mar-17 6:27 pm
Oh btw played a bit more with the speed test love how it looks now lots more info there now.
As for this little side topic i love digging up the why this or that is happening type stuff it is fun to me lol. |
|
