| Home |  | Security Center | | Test Your Vital Security Policy |
Test Your Vital Security Policy
The tools below let you test your Vital Security policy. Each of the tests below focuses on a specific security domain in the product’s security policy.
Anti Virus Security Engine Testing
| Test | Anti Virus |
| Description | EICAR, the European Institute for Computer Anti-Virus Research, had developed a test file that Anti Virus product “detects" as if it was a virus. This is not a virus, and does not include any fragments of viral code. The file is a legitimate DOS program that shows the message "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!" |
| Guidelines | Click on one of the links below to test your Anti Virus policy. If the download dialog appears, your Anti Virus policy is not active. If you see the Vital Security alert message, it means that your Anti Virus policy is working properly. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Known Viruses] rule in your security policy |
| Links |
Vulnerability Anti.Dote™ Security Engine Testing
| Test | Java Script / VB Script |
| Description | Java Script / VB Script are codes that can be embedded into a webpage to add functionality. This added functionality and flexibility results in exposure to some security risk. |
| Test | Denial of Service (DoS) |
| Description | Denial of service is an attack that cause the application to stop responding and must be closed, in some cases this exploit can be leveraged into remote code execution attack (by using an exploitable buffer overflow). The below is a harmless example that will cause IE to close on unprotected machine. |
| Guidelines | Click on the link below to test your Vulnerabilities and Exploits policy. If you receive "Security Status: You are safe" message, your Vulnerability Anti.Dote engine is active. If you receive the message "Security Status: You are vulnerable", it means that your Vulnerability Anti.Dote engine is not setup properly. When clicking on "Run Demo" your browser will crash. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Application Level Vulnerabilities] rule in your security policy |
| Links | |
| Test | Remote Code Execution (RCE) |
| Description | Remote code execution attack allows unauthorized party to remote control your computer and steal confidential information, attacker can create/delete files, and basically do anything. |
| Guidelines | Click on the link below to test your Vulnerabilities and Exploits policy. If you receive "Security Status: You are safe" message, your Vulnerability Anti.Dote engine is active. If you receive the message "Security Status: You are vulnerable", it means that your Vulnerability Anti.Dote engine is not setup properly. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Application Level Vulnerabilities] rule in your security policy |
| Links | VBDemo.htm |
| Test | Phishing |
| Phishing is an attack designed to steal data from unsuspected users. This can be done by disguising a malicious web site as a known and trusted one (e.g. bank website) and tempting the user to enter his personal information. | |
| Guidelines | Click on the link below to test your Vulnerabilities and Exploits policy. If you receive "Security Status: You are safe" message, your Vulnerability Anti.Dote engine is active. If you receive the message "Security Status: You are vulnerable", it means that your Vulnerability Anti.Dote engine is not setup properly. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Application Level Vulnerabilities] rule in your security policy |
| Links | PhishingDemo.htm |
Behavior Profile Security Engine Testing
| Test | Code Obfuscation of Malicious Script |
| Description | Code Obfuscation is a methodology used by malicious code writers to obfuscate their harmful code. It uses encryption and encoding in order to garble the original source code therefore making it harder to analyze. |
| Guidelines |
Click on the link below to test your Behavior profile policy. If you receive "Security Status: You are safe" message, your Behavior policy is active. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Malicious Scripts by Behavior] rule in your security policy. |
| Links |
This demo is based on a known vulnerability in web browsers. The vulnerable code is obfuscated by a popular home-encoding script. |
| Test | Java Applet |
| Description | Java applets are programs designed to be run from other application (typically web browser). Since java applets run without user intervention the JVM (Java Virtual Machine) enforce some limitation on it. These limitations include writing files to the local computer, reading files, programs execution, registry manipulation etc. There are, however some security vulnerabilities (See: CAN-2005-3906) which allow malicious applets to bypass these limitations, Hence any applet which tries to perform any of the restricted actions should be blocked (regardless of the bypass technique, if any used). |
| Guidelines | Click on the link below to test your Behavior profile policy. If you receive "Security Status: You are safe" message, your Behavior policy is active. If you receive the message "Security Status: You are vulnerable", it means that your behavior policy engine is not setup properly. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Malicious ActiveX, Java Applets and Executables] rule in your security policy |
| Links |
The below applet will try to create a file (AppletDemo.txt), on C:\Finjan. As described above, since this applet tries to perform potentially illegal and dangerous operation it should be blocked (if your machine is patched, no file will be created). |
| Test | ActiveX Control |
| Description | ActiveX is a technology developed by Microsoft. This technology is used on the Internet to add functionality to the browser and to make interactive web pages. When accessing a web page which requires ActiveX, this piece of software is being automatically installed by the browser - after a quick user approval. The quick approval process combined with the automatic installation and the capabilities of this software exposes the user to security risk. |
| Guidelines |
Click on the link below to test your behavior profile policy. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Malicious ActiveX, Java Applets and Executables] rule in your security policy |
| Links |
The below link will open a web page which requires an ActiveX, when installed this ActiveX creates a folder name c:\Finjan with a text file in it “demo.txt”. The demo.txt file contains the results of Dir command on drive C. |
URL Filtering Security Engine Testing
| Test | URL Filtering |
| Description | Perform the following test in order to validate whether the URL filtering engine works correctly |
| Guidelines | Click on the link below to test your URL Filtering policy. The URL below will lead to a site which is categorized as hacking site, and therefore should be blocked. If you receive Vital Security alert message, your URL Filtering policy is active. If you get to the actual Hacking site, it means that your URL Filtering policy was not setup correctly. |
| Solution | To block this malicious code from entering your network, make sure to enable the [Block Access to High-Risk Site Categories] rule in your security policy |
| Links |