Originally published at: http://www.howtogeek.com/143263/how-to-test-your-antivirus-firewall-browser-and-software-security/
So you have an antivirus guarding your system, your firewall is up, your browser plug-ins are all up-to-date, and you’re not missing any security patches. But how can be sure your defenses are actually working as well as you think they are?
Great article Chris! Very useful. Secunia PSI is one of the best apps ever! The EICAR test worked just as you described. I wasn't aware of the ShieldsUp website, but I'll be using it regularly now. Thank you!
Doing a scan of your connection is definitely an important task that most people have never thought about doing, and it's even more important these days to make sure that your router isn't misconfigured, considering all of the uPnP port-forwarding flaws out there lately.
mse picked up the eicar (notepad file) promptly and threw it out.
PSI was great. Was able to update a few obsolete programs.
Gotta do the firewall thingy soon.
Often I use ShieldsUp and that normally reports back ok.
I did try SecuniaPSI today but it crashed 3 times (uninstalls and reinstalls) in Win7 Ultimate 64bit, although the download says 32/64 supported only the 32bit is being installed.
Secunia scans the fades out and that lil ol circle just never ends!
I just ran the SecuniaPSI app and it worked perfectly on Win7Ult x64 (it spotted some Adobe updates which I was aware of but had not installed as yet).
I also ran the EICAR and connection tests with reassuring results.
Thanks so much for this much needed testing procedure.
The EICAR test file was designed to let you test whether your anti-virus software is installed and working properly ONLY. It will not ensure that your AV software will detect new viruses. It was never meant to test the efficacy of an AV program and never will. You should read the "Intended Use Policy" on the EICAR Website at http://www.eicar.org/86-0-Intended-use.html.
You are misleading your readers and giving them a false sense of protection by simply having them "detect" the EICAR TEST FILE. You can contact EICAR if you need their confirmation of this.
Please correct this statement as it is false and misleading:
You can use the EICAR file to test your real-time antivirus scanner and **ensure it’s going to catch new viruses**, but it can also be used to test other types of antivirus protection.
If Secunia PSI won't install for you, or if you just do not like it, try File Hippo Update checker @ http://www.filehippo.com/updatechecker/
Unlike PSI, it does not check MS Security (Windows) updates; it's mostly for applications. It's links to get the latest Flash (IE or nonIE) have not worked for me the last few times; but one can always get the latest versions from http://www.adobe.com/products/flashplayer/distribution3.html (full installers without Adobe DLM).
Thank you for that link. That worked fine and was quick, I might find this useful.
The problem I had was with Secunia would install but was unable to perform the task (on 2 different machines).
I would suggest the everyone explore the GRC website where ShieldsUP is located. Not only does it check your firewall (really your router) but it has the capability to check how your router handles the Universal Plug & Play (UPNP) of your router. It has just been learned that a great many routers have wide open security flaws in them that was never known before. In addition, ShieldsUP checks for HTTPS Fingerprinting which is when your secure browsing connections are being intercepted & monitored without your knowledge. For those interested, there is a weekly podcast called Security Now! that discusses computer security (in general & specific terms). Information on all these topics and more is available on the GRC web site. Please note, I have no connect with GRC or the web site other than being a follower of Steve Gibson.
I don't think that we implied that by testing with a fake virus that you will be protected from every new virus. Perhaps we could have explained it a little more clearly, but after re-reading the article, I think we correctly told everybody that it isn't a real virus.
When we say "testing" your anti-virus, we meant testing whether it is installed and configured correctly. For instance, from the article:
For example, if you’re running antivirus software on a Linux mail
server and you want to test that it’s working properly, you can email
the EICAR file through the mail server and ensure it’s caught and
That said, I understand your point of view, and I'll add a quick note to the article.
The test was not picked up by Panda Cloud AV(free) - any comments please?
I always check my antivirus after installation, but thanks for the firewall and other stuff.
This topic is now closed. New replies are no longer allowed.