Just about every firewall claims to protect your personal data by checking for illicit web connections – but do they really work?
The program interface is basic in the extreme. It’s mostly a toolbar with six buttons, one for each test, and a text box below to display the results.
Hovering your mouse cursor over each button displays a tooltip explaining what it’s going to do.
Test #1 “attempts to load a copy of the default browser and patch it in memory before it executes”, for instance, while Test #5 “Performs an heuristic search for proxies and other running software authorized to access the Internet, loads a copy and patches it in memory before execution from within a thread on Windows Explorer.”.
Clicking any of these buttons runs the appropriate test. Some tests ask for further input – a process to hijack, maybe – but after that you’ll either see a success or failure message.
A running score keeps you up-to-date with “Firewall Points” (tests your system has passed) and “AWFT Points” (tests your PC has failed).
A “Reset Points” button sets both scores to zero, giving you time to tweak your security settings and try again.
Interpreting your results requires some care. Our system failed 4/ 6 tests, but this doesn’t necessarily mean we should replace the firewall (detecting these techniques is more a task for a HIPS).
It doesn’t mean we’re particularly insecure, either. Our system allowed AWTF to run because it didn’t think it was dangerous. If it did the same with an unknown binary then we’d be more worried, but if malicious code is allowed to run on your system then you’ve got much bigger problems than whether it can access a web page.
For all that, Atelier Web Firewall Tester can be interesting for experienced users, and the program can now be installed and used by anyone, without restriction.