AW: ITCP Advisory 13: Bypassing of ATGuard Firewal: msg#00434 security.bugtraq

Most products use checksums to detect replaced or modified applications.

But there are other problems with outbound filters. Most personal firewalls
do not detect if a malicious program uses a 'trusted' application to
transmit data (look at tooleaky.zensoft.com). I have tested several products
with a method similar to Bob Sundling's and only BlackICE PC Protection 3.5
stopped communication (Norton PF, Tiny PF and ZoneAlarm did not stop it).

There is no ultimate way to control all outbound communication. If you use
your own low-level drivers, no personal firewall can stop you.

Jonas

<Prev in Thread]	Current Thread	[Next in Thread>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible: 00434, BlueScreen
Next by Date:	RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS): 00434, Rui Miguel Silva Seabra
Previous by Thread:	ITCP Advisory 13: Bypassing of ATGuard Firewall possiblei: 00434, BlueScreen
Next by Thread:	Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible: 00434, BlueScreen
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible: 00434, BlueScreen

Next by Date:

RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS): 00434, Rui Miguel Silva Seabra

Previous by Thread:

ITCP Advisory 13: Bypassing of ATGuard Firewall possiblei: 00434, BlueScreen

Next by Thread:

Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible: 00434, BlueScreen

Indexes:

[Date] [Thread] [Top] [All Lists]

AW: ITCP Advisory 13: Bypassing of ATGuard Firewall possible: msg#00434

security.bugtraq