Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Some problems in Privatefirewall 3.0

From: "UkR security team™" <cuctema () ok ru>
Date: Sat, 24 May 2003 06:33:35 +0400
UkR security team presents:
Some problems in Privatefirewall 3.0
///////////////////////////////////////////////////////////////////////////////////////////
Product: Privatefirewall
version: 3.0
Vendor : Privacyware (http://www.privacyware.com)
Author : UkR-XblP (cuctema () ok ru) - the chief specialist of UkR security team (http://ust.icqinfo.ru) 
///////////////////////////////////////////////////////////////////////////////////////////
About Privatefirewall:
Privatefirewall™ is a powerful Personal Firewall and Intrusion Detection Application that eliminates unauthorized access to your PC, at home, the office, or on the road. It provides users with full system protection "out-of-the-box", and allows extensive customization for advanced users. It continually monitors sensitive areas of a PC where intrusion can occur and reports on their status so users can make informed decisions about these areas and make changes as necessary. A report is generated as a HTML file which the user has the option of viewing. 
///////////////////////////////////////////////////////////////////////////////////////////
Overview:
Privatefirewall monitors incoming and outgoing Internet traffic. This consists of blocks of information called "packets", which can be passed between any 2 computers on the Internet or local network. The amount and type of packets allowed to and from the user's PC is based on what level of monitoring the user chooses. The user can Allow, Filter, or Deny Internet traffic. 1) Filter Internet Traffic (RECOMMENDED) – This setting allows the user to access the Internet while maintaining maximum protection from incoming intrusion attempts, but Privatefirewall cannot detect FIN scan and Xmas tree scan. Hence the task to not allow scanning ports or even to detect it remains outstanding. 2)Deny Internet Traffic – This blocks all incoming and outgoing Internet traffic. - Yes, the given setting blocks all connections, but attacking not looking at it all the same can FIN scan or Xmas tree scan. Though ALL connections should be blocked... 
///////////////////////////////////////////////////////////////////////////////////////////
---
Professional hosting for everyone - http://www.host.ru
Previous By Date Next
Previous By Thread Next

Current thread: