Full Disclosure mailing list archives
Re: How to easily bypass a firewall...
From: Kain <kain () kain org>
Date: Tue, 29 Jul 2003 11:35:27 -0500
On Tue, Jul 29, 2003 at 12:01:42PM -0400, compguruman () mail comcast net wrote:
At 03:49 PM 7/28/2003 -0500, you wrote:5. Firewall dialog box uses random numbers / letters represented by graphics that the user has to enter in a password field if the password is not correct sound alarm, halt system.know of anything that does this?
Well, the signup procedures for some services, such as Yahoo, Paypal etc do this, but they have the advantage that your application trying to spoof the response cannot access the memory space of the running program. In Windows, unless you have a carefully locked down system, it is too easy for J. Random Application to take control of the entire system, to the point where you can scan and alter the data structures of arbitrary processes. In fact, many applications people use almost insist on this being the case. -- Bryon Roche Professional {Developer,Linux/MS Consulting,Software Architect} <kain () kain org> PGP Key Fingerprint: FE0D EC23 6464 726A CD54 48D3 04AD 86FE 6878 ABD5 Fortuna est caeca
Attachment:
_bin
Description:
Current thread:
- How to easily bypass a firewall... Sir Humpsalot (Jul 28)
- RE: How to easily bypass a firewall... Nate Johnson (Jul 28)
- RE: How to easily bypass a firewall... compguruman (Jul 29)
- Re: How to easily bypass a firewall... Kain (Jul 29)
- Re: How to easily bypass a firewall... Karl DeBisschop (Jul 29)
- RE: How to easily bypass a firewall... compguruman (Jul 29)
- RE: How to easily bypass a firewall... Nate Johnson (Jul 28)
- <Possible follow-ups>
- RE: How to easily bypass a firewall... Schmehl, Paul L (Jul 29)
- Re: How to easily bypass a firewall... CHeeKY (Jul 29)
- RE: How to easily bypass a firewall... Sir Humpsalot (Jul 29)