Security Basics mailing list archives
RE: Remotely manage Zone Alarm
From: "Jay Woody" <jay_woody () tnb com>
Date: Thu, 04 Sep 2003 14:23:15 -0500
I think there was a vulnerability that allowed you to take complete control of a box running Zone Alarm. If he hasn't patched it, you may be able to hack in. http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt That's it I think. Didn't read it again, but it came out in April if I remember right, so he has had time to patch. JayW
"Halverson, Chris" <chris.halverson () encana com> 09/04/03 11:57AM
Short of getting on the machine and enabling remote management, and a password protection schema. I am not sure... you might try protecting the resource from his username and if the password is being utilized, you know it is intentional. Chris -----Original Message----- From: Cesar Diaz [mailto:cesadiz () yahoo com] Sent: Thursday, September 04, 2003 7:36 AM To: security-basics () securityfocus com Subject: Remotely manage Zone Alarm We have a user that works remotely. Since he works outside our firewall he has Zone Alarm Pro on his machine. This week he is in the office. Our logs show he is trying to access things he shouldn't be and doing things he shouldn't be. For internal political reasons HR wants some more proof that it's not accidental. I can't access his c$ share to look at Zone Alarm logs or remotely access his event logs because of the Zone Alarm Is there a way to centrally manage Zone Alarm settings or is this user completely shielded while inside our network? Cesar --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Remotely manage Zone Alarm Cesar Diaz (Sep 04)
- RE: Remotely manage Zone Alarm Zachary Mutrux (Sep 04)
- Re: Remotely manage Zone Alarm gregh (Sep 04)
- Re: Remotely manage Zone Alarm Birl (Sep 05)
- RE: Remotely manage Zone Alarm Jef Feltman (Sep 08)
- Re: Remotely manage Zone Alarm gregh (Sep 08)
- Re: Remotely manage Zone Alarm Birl (Sep 05)
- RE: Remotely manage Zone Alarm Aditya (Sep 05)
- <Possible follow-ups>
- RE: Remotely manage Zone Alarm Halverson, Chris (Sep 04)
- RE: Remotely manage Zone Alarm Mike Peppard (Sep 04)
- RE: Remotely manage Zone Alarm Jay Woody (Sep 04)
- Re: Remotely manage Zone Alarm Thomas Graf (Sep 04)
- Re: Remotely manage Zone Alarm Birl (Sep 05)
- Question on Corrupted BlackIce Defender Installation Paul Fishbein (Sep 11)
- RE: Question on Corrupted BlackIce Defender Installation matt willson (Sep 15)
- Re: Remotely manage Zone Alarm small fry (Sep 05)
- Re: Remotely manage Zone Alarm Cesar Diaz (Sep 08)