lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 24 May 2003 06:33:35 +0400
From: "UkR security team™" <cuctema@...ru>
To: bugtraq@...urityfocus.com
Subject: Some problems in Privatefirewall 3.0


UkR security team presents:
Some problems in Privatefirewall 3.0
///////////////////////////////////////////////////////////////////////////////////////////
Product: Privatefirewall
version: 3.0
Vendor : Privacyware (http://www.privacyware.com)
Author : UkR-XblP (cuctema@...ru) - the chief specialist 
of UkR security team (http://ust.icqinfo.ru)
///////////////////////////////////////////////////////////////////////////////////////////
About Privatefirewall:
Privatefirewall™ is a powerful Personal Firewall and 
Intrusion Detection Application that eliminates 
unauthorized access to your PC, at home, the office, or on 
the road. It provides users with full system protection 
"out-of-the-box", and allows extensive customization for 
advanced users. It continually monitors sensitive areas of 
a PC where intrusion can occur and reports on their status 
so users can make informed decisions about these areas and 
make changes as necessary. A report is generated as a HTML 
file which the user has the option of viewing.
///////////////////////////////////////////////////////////////////////////////////////////
Overview:
Privatefirewall monitors incoming and outgoing Internet 
traffic.  This consists of blocks of information called 
"packets", which can be passed between any 2 computers on 
the Internet or local network.  The amount and type of 
packets allowed to and from the user's PC is based on what 
level of monitoring the user chooses.  The user can Allow, 
Filter, or Deny Internet traffic.  
1) Filter Internet Traffic (RECOMMENDED) – This setting 
allows the user to access the Internet while maintaining 
maximum protection from incoming intrusion attempts, but 
Privatefirewall cannot detect FIN scan and Xmas tree scan. 
Hence the task to not allow scanning ports or even to 
detect it remains outstanding.
2)Deny Internet Traffic – This blocks all incoming and 
outgoing Internet traffic. - Yes, the given setting blocks 
all connections, but attacking not looking at it all the 
same can FIN scan or Xmas tree scan. Though ALL 
connections should be blocked...
///////////////////////////////////////////////////////////////////////////////////////////
---
Professional hosting for everyone - http://www.host.ru

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ