Full Disclosure mailing list archives
Re: AW: Zone Alarm
From: Adam Lydick <adam.lydick () verizon net>
Date: 05 Jun 2003 12:19:43 -0700
It is worth noting that the application filtering of zone alarm and other such "personal firewalls" is trivial to work around. There have been a number of articles on it (google for them). One brief example: Hostile process spawns iexplore.exe with a URL that "phones home". iexplore.exe is almost certainly a trusted application. Attacker wins (as always). Also worth noting, two other dedicated "firewalls / access points" from Linksys and DLink specifically say that they may "crash" when under attack to "protect" your network. I don't think I need to say any more about that... Cheers, Adam On Thu, 2003-06-05 at 06:31, Shawn McMahon wrote:
On Wed, Jun 04, 2003 at 08:37:50PM -0700, morning_wood said:you must have really crappy admin if you need per application blocking ( hint: kill the process )hint: most people on the Internet don't have admins. How much time do you spend monitoring your grandmother's computer for suspicious processes?
-- Adam Lydick <adam.lydick () verizon net> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: Zone Alarm, (continued)
- AW: Zone Alarm Michael Osten (Jun 04)
- Re: AW: Zone Alarm Jason (Jun 04)
- Re: AW: Zone Alarm Michael Osten (Jun 04)
- YABBT [1] - Re: Zone Alarm Jason (Jun 04)
- Re: YABBT [1] - Re: Zone Alarm Michael Osten (Jun 04)
- Re: YABBT [1] - Re: Zone Alarm Ron DuFresne (Jun 05)
- Re: YABBT [1] - Re: Zone Alarm Jason (Jun 05)
- Re: AW: Zone Alarm morning_wood (Jun 04)
- Re: AW: Zone Alarm Shawn McMahon (Jun 05)
- Re: AW: Zone Alarm morning_wood (Jun 05)
- Re: AW: Zone Alarm Adam Lydick (Jun 06)
- Re: AW: Zone Alarm Nick FitzGerald (Jun 04)
- RE: AW: Zone Alarm JT (Jun 04)
- Re: AW: Zone Alarm Shawn McMahon (Jun 05)
- Re: AW: Zone Alarm Ron DuFresne (Jun 05)
- Re: AW: Zone Alarm BlueRaven (Jun 13)
- Re: AW: Zone Alarm Michael Reilly (Jun 04)
- Re: Zone Alarm BlueRaven (Jun 13)
- Re: Zone Alarm Dave Howe (Jun 13)
- Re[2]: Zone Alarm 3APA3A (Jun 13)
- Re: Zone Alarm BlueRaven (Jun 16)