| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1074254596.838.27.camel@bobby.exaprobe.com> From: nicob at nicob.net (Nicob) Subject: Re: January 15 is Personal Firewall Day, help the cause On Fri, 2004-01-16 at 05:44, James Patterson Wicks wrote: > Your NAT router works at Layer 3. You still need a personal firewall or > proxy system that looks at as many layers as possible. You need > something like Sygate Personal Firewall that alerts you when an > application or process that you have not approved tries to go OUT to the > Internet from your PC. Even with a personal firewall, a trojan could go out to the Internet without your knowledge, using different tactics : - exploiting a bug (in filtering) of the personal firewall used (like not monitoring UDP 53 outbound) - exploiting a bug (like a buffer overflow) of the personal firewall used and using these new privs to modify the setup and allowing itself - bypassing the personal firewall by using authorized applications (like Internet Explorer via the OLE controls) - bypassing the personal firewall by injecting your own code in authorized applications (? la CreateRemoteThread) - bypassing the personal firewall by injecting your network data under the hook in the TCP/IP stack - ... -- Nicob <nicob@...ob.net>
Powered by blists - more mailing lists