Foundstone Free Security Tools

[Lisandro]

Does anybody knows anything about Foundstone Free Security Tools?

The company seems to offer utilities to add power to any network security including a command line port redirector; forensic tools for doing CSI (computer scene investigation) on Internet Explorer, Windows, and ports; tools for Sherlock Holmes role-playing to do detection for intruders; scanning tools; and stress testing tools.

They say that Some Anti-virus packages may falsely report viruses in some of our tools. These tools, like many network utilities, have the ability to cause crippling performance and other damage to the hosts and networks they run against. Because of this, some Antivirus software may identify these tools as being Denial of Service (DoS) agents, Trojans, back-doors or other forms of virus. Certain anti-virus software may falsely report viruses in some of our tools, however you may safely ignore these warnings; Foundstone tools are 100% trustworthy.

Thanks  

[Lisandro]

avast! indeed detects a virus: Win32:Trojan-gen. {VC} on file udpflood.zip\udpflood.exe

Is it a false positive?

Reporting:
Scanning of selected files

Move files to temporary folder: C:\DOCUME~1\...\CONFIG~1\Temp\asw28.tmp
FileID: 0000000004  Original file name: ...\Foundstone Free Security Tools.zip\udpflood.zip\udpflood.exe  New folder: C:\DOCUME~1\...\CONFIG~1\Temp\asw28.tmp\4.exe

Scan files in the temporary folder: C:\DOCUME~1\...\CONFIG~1\Temp\asw28.tmp
C:\DOCUME~1\...\CONFIG~1\Temp\asw28.tmp\4.exe  Win32:Trojan-gen. {VC}

[igor]

UDP Flooding tool (according to the name)? Well, you may call it a "stressing tool", but I'm afraid it's still what it is. I wouldn't call it a false alarm, no matter what they say.
I'd put it this way: an ordinary user usually doesn't have such a tool. If anybody wants to have it, he/she should know what it is and understand that it's considered as malware. I'm not saying it cannot be used "legally", but abusing such a thing is much more probable.

[Pavel Baudis]

avast! indeed detects a virus: Win32:Trojan-gen. {VC} on file udpflood.zip\udpflood.exe

Is it a false positive?

No, we detect this file on purpose - it is (according to us and many other AV vendors) the trojan with the UDP Flooding capability.

Pavel

[Pavel Baudis]

They say that Some Anti-virus packages may falsely report viruses in some of our tools. These tools, like many network utilities, have the ability to cause crippling performance and other damage to the hosts and networks they run against. Because of this, some Antivirus software may identify these tools as being Denial of Service (DoS) agents, Trojans, back-doors or other forms of virus. Certain anti-virus software may falsely report viruses in some of our tools, however you may safely ignore these warnings; Foundstone tools are 100% trustworthy.

BTW: Such sentence is very suspicious by itself anyway and could be found in many viruses (Klez-H for example)  . As we (and others) detect this tool for very long time it is much simpler for the producer (if he really believes that his program is innocent) to contact the AV vendors and explain his position to them. But they did not do this. So for me (personally) their programs are definitely not 100% trustworthy!!

Pavel

[Lisandro]

Thanks Igor and Pavel.
Does the other 'tools' are safe? Are they usufull for anything?

Of course, I believe more in you than in Foundstone