Firewallcheck.org

URL: http://www.firewallcheck.org

E-mail this article to a friend

Rating: Forget about it

Review:

A reader brought this web site to my attention recently, and since online security is always an important topic, I went to check it out. What I saw really upset me.

Their “Firewall” page gives the distinct impression that this web site is a storefront for McAfee. Not only did they obviously sell out to Network Associates, they also recommend their products which I’m less than fond of. I bet they get nice commissions …

I ran their security check. It pops up a nice big browser window, displaying an image of a flaming firewall while checking your security. During the check your browser window suddenly starts to shake and vibrate for a few seconds. That is just too cheesy! It’s a simple java script effect and has absolutely nothing to do with the security check. Ridiculous! If it’s meant to be a joke, it’s not very funny. If it’s meant to impress or scare people, it’s not funny at all. All this security check does is probe 20 ports. Go to GRC.com and use Steve Gibson’s Shields Up! for a much better security test.

I received a warning dialog during the test about the test being able to write a file called warning.htm to my hard drive. Well, guess what? There was no such file on my hard drive when I searched for it afterwards. What irked me even further is that in this dialog they further state that “it is very likely that my system is already infected by trojans and viruses”. This machine has full virus protection and is hidden by a SonicWALL firewall, so where the hell did they deduct that from? Oooh, I’m scared now. I should better go out and purchase some McAfee products to be safe, right? … NOT!

If you go to their page titled “Antivirus” you’ll see a list of what they call antivirus sites. But hover your cursor over the links without clicking and watch the status bar at the bottom of your browser. What do you see? Every single link is actually a sponsored advertising that they get paid for when you click on it! Yet there is no sign of links to real antivirus sites like Symantec, Trend Micro, etc. I wonder why ….

So I checked out their “About Us” page. Turns out the web site is actually designed and maintained by WebInfoSearch, which is not a security company but a search engine. Why the hell would I contact a search engine company and trust them with my security needs?

Then I looked at their “Critical Updates” page. I couldn’t believe it. They actually recommend a program called “NetDetective” as a download and claim “this amazing new tool uncovers the full research capabilities of the Internet.” What a load of bull! It is one of those schemes where people get their money sucked out of their pockets for a list of old addresses and some useless or outdated info. I’m sure you also have received very similar spam in your inbox, right? And the Gator software they link to is spyware, another thing you don’t want. But do they have any useful links to real critical updates? E.g. the pages of virus vendors where you can download the latest virus definitions? Or links to CERT’s vulnerability and fixes pages? No, of course not. That would be way too useful now, wouldn’t it?

The final straw is their privacy statement. They should call it marketing statement instead, because it clearly states that you don’t have any privacy by visiting their site or signing up to their newsletter. They gather every single piece of info about you that they can and share it all!

Web sites like that really tick me off. Sites like that should not exist. I hereby officially award firewallcheck.org the PC911 stamp of disapproval and put it at the top of the PC911 web compost list.

Submitted by: Alex “crazygerman” Byron

Leave a Comment: