Advanced
Info on Firewalls for Home Computer Users
How Hackers Defeat Personal Firewalls
From: Mystykalsystym@cs.com
Date: Sun, 17 Dec 2000 07:50:07 EST
Subject: kewl stuff
To:
Ever get annoyed cause you wanted to place a trojan or a virus somwhere
and a firewall wouldnt let you? Well if this firewall is one of
the commercially made and distributed types such as Norton personal
firewall, or Blackice Defender, and most any other comercially
available firewalls it is very simple to exploit it and put anything
you want behind it. Most personal firewalls work by having a preset
rules database that has a listing of trusted applications that
it will allow access to and from your computer. A simple modification
of a rogue application such as a trojan horse or virus will allow
the rogue application to have trusted access to your system. The
modification requires no programming knowledge and can be done
by anyone very easily. All you have to do is rename the rogue
application to a name that the personal firewall knows is a trusted
application.
For example if I take BackOrifice, the stealth remote control
application, and rename it iexplore.exe, most personal firewalls
will allow it to run without complaint. The same is true for any
other trojan horse or virus.
Kinda neat huh?
There is only one readily available firewall that I cant use this
with and thats zonealarm from zonelabs. http://zonelabs.com/
BTW my handle is natas and I look forward to upcoming issues of
your newsletter. I haven't been hacking maliciously for years
now, actually since i got caught in highschool and lost my priviliges
to use a computer till i was 18. Please visit my homepage if youd
like http://www.geocities.com/mystykalsystym/natas.html.
In-depth Information on Personal Firewalls
- Learn about them at the PC-Help web site, http://pc-help.org/
- See tests of personal firewalls at SecurityPortal.com.
Many of those tested here are free and easy to use. They highly
recommend the free Tiny
Firewall.
- Click
here for a review of Norton Firewall 1.0 for Macs
- Sébastien Sauvage (sebsauvage@bigfoot.com, http://www.bigfoot.com/~sebsauvage,)
recommends ZoneAlarm,
"A free and very effective firewall. It can filter either
incoming and outgoing network traffic. Latest version can even
stop VBscripts (like the ILoveYou virus)." Carolyn Meinel
also points out that ZoneAlarm
tells you what kind of attacks are hitting you, and what computers
are being used to attack. Great if you like to fight back, heh,
heh. http://www.zonelabs.com
- Sybergen
Secure Desktop is a free (to personal users) firewall with
considerable power to customize. Read
a review of this product.
- Another free firewall: eSafe
Desktop.
- Click
here for a review of Zone Alarm, Norton Personal Firewall and
McAfee Personal Firewall.
- Reviews
of F-Secure Corp., InfoExpress, Network ICE Corp. and Sybergen
Networks personal firewalls.
- Vendor
descriptions of 15 personal firewalls
- NeoWatch
firewall and intrusion detection system, with free trial version.
According to Leslie Kirsch <leona153@earthlink.net>, "
Thought I'd let you know about a great firewall called NeoWatch
2.0 this program is the best I've had so far effectively it
makes you invisible I mean all of your ports are in stealth
and all netbios, telnet, ftp, http, finger, smtp, pop3, Ident,
Imap, https. I know don't break out the champagne but I gotta
tell you I've tried Blackice, Atgaurd, neotrace, zonealarm.
This one tops them all. I've had other people I know scan all
the way to 65,000 ports and up. They know what they are doing
and can't find me. Effectively It looks like I'm disconnected.
All you have to do is configure it properly. For some newbies
that could be tricky. But any regular user of firewalls will
figure it out no time flat"
|
|
Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
|
