November 14th, 2001 09:35 PM
Question about firewalls...
If there is a trojan nestled somewhere on your pc with an odd filename...can a firewall still prevent someone from using it to get into your computer?
Also, I ran a trojan and full virus scan both of them scanned and said there were no trojans or viruses on my hard-drive. However, yesterday Norton detected one and was unable to delete or quarntine it. So even though I have done two major scans with two different pieces of software and they said there were no trojans/viruses, I'm assuming the virus that orginally was detected is still there. Should I still format my hard-drive and heed the first warning I got or should I wait a bit or just forget about it since I ran two system scans after this and nothing was detected? Could it have been an error?
November 14th, 2001 09:45 PM
Short answer, maybe, it depends on the firewall and the trojan.
Typically a physical firewall sitting between your computer and the internet will allow only outgoing connections, which will normally prevent somebody from connecting to a machine inside the firewall.
A software firewall can't provide that level of protection, but depending on what you've got, may still prevent the trojan from being exploited.
November 14th, 2001 09:50 PM
There is a program available at www.download.com called ProPort that scans common trojan ports and can kill any connections that may be trojans. It's pretty handy.
A firewall like Tiny (also available at www.download.com) will allow you to set custom rules based on ports, so you could use that to block common trojan ports, or even set a rule to block all traffic that you haven't explicitly allowed.
November 14th, 2001 10:01 PM
Zonealarm and Tiny are supposed to prevent that, but as you all have read Tooleaky has proven that there are flaws.
read it at www.dsinet.org if u want
November 14th, 2001 10:41 PM