Guide | How To Another SECURITY TEST ( for time pass)

The associated guide may contain user-generated or external content.

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
I was getting bored really in home quarantine ( of 7 days, cause i travelled to a containment zone), nothing to do except watching netflix. Then just by coincidence,I Saw a video on youtube about DDOS attacks and mitigation strategies. I enable some syn attack and ddos preventing rules on my Mikrotik Hap Ac router and i got an itch to test my rules. I searched for DDOS simulated attack and found a website (Shield Test - Free comprehensive security test) which simulates ddos attack on your ip address. They provides some other tests too. Then while testing, on the second test (ddos test)it just stopped abruptly saying " the entire domain is getting blocked" and test terminated itself ( image 1). I thought it was my router blocking the test, but there was no logs registered in my router. Then i switched off nextdns doh and enabled google dns doh ( by adguard ). To my surprise the test went on without any hiccups ( image 2). So Nextdns was blocking ddos attack from this website. Try it for yourself just for fun.

1.With NEXTDNS.
2.jpg



2. With Google Dns

1.jpg
 

bayasdev

Level 19
Verified
Top Poster
Well-known
Sep 10, 2015
901
OS: Android 10 / DNS 1.1.1.1
Chrome
Screenshot_20201008-081420_Firefox Nightly.jpg


Firefox

Screenshot_20201008-081420_Firefox Nightly.jpg

I understand that Android doesn't has an AV although "malware" file was not downloaded to Downloads folder in both cases (triggered Google's safe browsing maybe), but I don't know what they're doing the credit card test.

Will post the results of my Linux laptop later
 
Last edited by a moderator:

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
On phone over mobile network I got the same result with Vanadium under GrapheneOS (Android 11) like geminis3.

I wonder too how they test download as no popup appear nor files were downloaded. Also the credit card test is strange
Surprisingly there is no explanation to the tests they are doing...so take it with a pinch of salt.
 

bayasdev

Level 19
Verified
Top Poster
Well-known
Sep 10, 2015
901
What this website do is downloading EICAR from the following URLs:

Code:
http://www.shieldtest.com/b/eicar1.com?random=1602176483499
http://v2qks.cybrarro.com/WebInterface/home/b/eicar1.com.zip?_=1602176446788
www.shieldtest.com/command.jsp?command=download2&random=0.36051329688618916

It also generates some tokens and user identifiers, and since those URLs are not blacklisted by Google's safebrowsing this test means nothing on non-Windows platforms. NextDNS probably looked at it and just added those domains to the blacklist.
 

Brahman

Level 16
Thread author
Verified
Top Poster
Well-known
Aug 22, 2013
799
What this website do is downloading EICAR from the following URLs:

Code:
http://www.shieldtest.com/b/eicar1.com?random=1602176483499
http://v2qks.cybrarro.com/WebInterface/home/b/eicar1.com.zip?_=1602176446788
www.shieldtest.com/command.jsp?command=download2&random=0.36051329688618916

It also generates some tokens and user identifiers, and since those URLs are not blacklisted by Google's safebrowsing this test means nothing on non-Windows platforms. NextDNS probably looked at it and just added those domains to the blacklist.
Even if I turn off nextdns, ddos is not getting logged by my router, I usually gets event logs even when I do a 10 continuous ping on my ip address from a vpn. So we can assume it is not even doing a reasonable continuous pings on ip.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top