April 28th, 2002 03:19 AM
ZoneAlarm Penetration (ouch!)
Recently I stumbled up a site that a claims that ZoneAlarm (et al) is "too leaky."
There is a small, downloadable utility on the site that is said to be able to penetrate "every firewall on the market."
If you're interested, have a look:
Trivial Firewall Leak Checker
By the way, the source code for the utility is also supplied.
April 28th, 2002 03:38 AM
When will people finally understand that firewalls aren't made to guess what you want to allow out but rather protect from INtrusions... not EXtrusions... IMHO it's up to the (l)user to watch out for what he's running. A good antivirus might help though...
Hell, if you invite people over to your place, it's up to you to make sure they don't take anything out with them... Don't go blame your alarm company...
I mean, people nowadays expect free software firewalls to bring them *absolute security*, with no reagard to the kind of threat. I wish people would at least start calling things by the right words: this isn't a case of ZoneAlarm "Penetration", its a case of ZoneAlarm "Extrusion"...
Anyone with me on this?
Credit travels up, blame travels down -- The Boss
April 28th, 2002 03:46 AM
I agree...after much ado about firewalls and all this "oh, someone trusted their browser and now I can sneak stuff by in a dll file", I decided to NOT trust my browser for one day to see how much I'd stop...
Holy ****ing christ, do that and see how much your firewall goes off for port 80. You'll do it for five minutes and say "how the hell am I supposed to NOT trust my browser AND deal with this?".
Hence what ammo said about deciding what you let in and such. Things like Tiny's sandbox and other IDS or trojan traps are a good thing to have on the sideline with the firewall.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
April 28th, 2002 04:39 AM
Actually ZoneAlarm and other firewall software distribution companies are working night and day to resolve the *outgoing* holes in their firewall software.
One might think that it is only the incoming data that needs attention and protection, but nothing could be further from the truth...
Trojans and Spyware, to name a couple, work from the inside out. Yes, they do have to first get in, but many come in without notice (on the back of things you allow), by way of trusted hardware (software onboard chips), software, and many other unsuspecting way. Major companies are secretly loading all manner of Spyware applications behind the scenes when their software is installed. Games and other applications are becoming increasingly loaded with applications that gather and send (private) data out the ports, without the users knowledge or permission.
Firewalls were invented to keep data from going out and data from getting in, without digital (and/or human) permission. Many companies need to protect sensitive data from getting out. Many of us do not want others to know what we do on our computers, or what files and data we have, without our expressed consent.
*ALL* firewall software is intended to help with both incoming and outgoing data security.
The real threats are now in programs/processes that you have given your firewall permission to leave your system (and apparently even those you haven't). If one gives a chat program permission, it can then execute internal code to send out whatever. [ZoneAlarm has some code in place to help with this, but they are currently working on smarter methods.]
Many major computer security firms and techinical media organizations have recently reported on the growing threat of Spyware, Malware, and others.
The following may be of further help:
What is Spyware
Wired on Spyware
Ad-Aware Spyware Removal Utility
Get That #@&* Spyware Off My Computer!
Steve Bass's Home Office: Beware: Sleazy Web Sites, Spyware Underhanded Web sites, spyware, and how to protect yourself from them.
April 29th, 2002 07:29 PM
any of you used ad-aware? your thoughts?
freedom is a road seldom traveled by the multitude
freedom aint free
April 29th, 2002 07:53 PM
Umm, just so you know, this has been discussed before. The "hole" in Zone Alarm was found a few months ago. Basically, it was a way to prove GRC wrong. The original person who wrote firehole (the first program to bypass Zone Alarm) didn't care about out going connections. His point was that GRC was full of ****, and people should stope worshiping him, or even beliveing most of what he says.
\"Ignorance is bliss....
but only for your enemy\"