Everyone knows the best way to find out how secure your computer is to Hack Your Own Sytem. This is the best way of making sure that your system is safe. Everytime I read about a promblem in a hacker ezine or some where on the web, I made sure that I understood how the exploit works and make sure that it doesn't work on any of the hosts on my LAN. I like to keep a data-base of exploits. Yesterday I decide to download "zonealarm" FROMwww.zonealarm.com I already have "nortons internet security 2002" I just wanted to see how hard it would be to exploit zonealarm let me tell you it's not that hard to do all I did to gain REMOTE ACCESS to my computer was I used a system backdoor attack to bind a shell to a higher port installed code that allows my commands to be "tunnelled" through my firewall using source routed packets and ICMP COMMANDS. TOTAL TIME ABOUT 11 MINUTES ... The best part was trying to erase zonealarm It seems that ZA comes with two spy dlls that according to the their manufacturer. I found these two: C:WINDOWSSYSTEMVSMONAPI.DLL C:WINDOWSSYSTEMVSUTIL.DLL Had been left on my system after uninstalling ZA. It seems that myystem configuration and maybe the activity is logged to the file Iamdb.rbd, then transmitted. (not 100% sure though)