yep by disabling it , it work, but i shouldn't disable it in the first place.
However, the criterias are a bit fearmonging and mostly Enterprise environment oriented.
for example they say i have several vulnerabilities, but after reading , most are leaking or download vulnerabilities which i can block with tools i have but the test can't detect them.
so: my "vulnerabilities" :
How do you perform on a test that determines whether you're able to download an executable file?
Fail. Your security solution allows executable file downloads from a CDN website, which may make you vulnerable to malware. This test delivers a .com file via CDN, which is the way much web content is delivered today, but is often bypassed by security solutions as coming from a 'trusted source'.
While CDNs may have generally better security, it is still a poor security stance to assume that the content is legitimate and reliable. All content should be assumed potentially risky and should therefore be scanned.
Downloading exes from a legit site is a threat? in the absolute, yes, but in real life for home users not much, for enterprises , surely.
My remediation : my sandbox.
Fail. Your device is not blocked from contacting a known Botnet control and can therefore be used to steal your data or launch massive attacks with other 'zombie' devices.
Consider a security solution that not only blocks initial infections but can also block further malicious activity that may cause damage to your enterprise.
How can it contact a botnet when the malware is not on my system?
My guess the test check some ports and assume im vulnerable.
My remediation: Appguard, ReHIPS, HMPA ( no RAT can install and call home on my system.)
Fail. You can access an anonymizing website, which enables users to subvert company policy and visit blacklisted websites such as pornography or other potentially restricted content.
Of course i can and i want to ...
Not a direct threat, more a behavior based one. clearly an enterprise management issue.
My remediation: tweaking Adguard for Desktop
Fail. You can access websites in countries that are embargoed by the United States and the European Union, such as North Korea. This test usually fails because your security infrastructure cannot block Internet connections by geography.
Im not a politician , i go where i want
Same as above, not a direct threat
My remediation: tweaking Adguard for Desktop
Fail. No filtering has been detected and you can access an adult website.
Ummmmmmmmmmmmmm....because i wanted too
Same as above , not a direct threat , but maybe it is one for my health and procreation abilities
My remediation: tweaking Adguard for Desktop
Fail. Your current system allows the outbound transmission of sensitive data such as credit card numbers. It should both detect and block this type of data loss. Many security and compliance systems are deployed in Tap mode and detect, but do not block, the leakage of sensitive information outside of your organization.
Consider a data leakage protection system that monitors outbound traffic for specific data patterns and blocks based upon match to sensitive data such as US Social Security, credit card numbers or your company's intellectual property.
Umm i dont often store/use credit card.
My remediation: HMPA keystroke encryption. Appguard & ReHIPS application control ( no keyloggers can run on my system.)
Fail. Your current system allows the outbound transmission of sensitive data such as US Social Security numbers. It should both detect and block this type of data loss. Many security and compliance systems are deployed in Tap mode and detect, but do not block, the leakage of sensitive information outside of your organization.
Consider a data leakage protection system that monitors outbound traffic for specific data patterns and blocks based upon match to sensitive data such as US Social Security, credit card numbers or your company's intellectual property.
Im not US citizen
My remediation: HMPA keystroke encryption. Appguard & ReHIPS application control ( no keyloggers can run on my system.)
Fail. Your current system allows the outbound transmission of sensitive data such as software code. It should both detect and block this type of data loss. Many security and compliance systems are deployed in Tap mode and detect, but do not block, the leakage of sensitive information outside of your organization.
Consider a data leakage protection system that monitors outbound traffic for specific data patterns and blocks it based upon match to sensitive data such as US Social Security, credit card numbers or your company's intellectual property.
My remediation: HMPA keystroke encryption. Appguard & ReHIPS application control ( no keyloggers can run on my system.)
Clearly this is an enterprise-oriented test , good one anyway , but i can deny all of the vulnerabilities im supposed to be affected.
I cant get past eicar test web page comes back with "error: something went wrong. Please try again?
Avast aborted the connection when the eicar file was offered!
works fine with uBlock Origin
Fail. Your security solution allows executable file downloads from a CDN website, which may make you vulnerable to malware.
Fail. You can access websites in countries that are embargoed by the United States and the European Union, such as North Korea
Fail. Your current system allows the outbound
Fail. Your current system allows the outbound
Fail. Your current system allows the outbound
uBlock Origin Emsisoft Anti-Malware Windows Firewall Control Voodoo Shield