|
|
 |
|
|
Pages: 1
Firewall Leak Exposed
(Click here to view the original thread with full colors/images)
Posted by: TotalRecall
NewsBytes has a story up on the current potentional security risks associated with 3 of the most popular firewalls: Zone Alarm, Norton Personal Firewall, and Tiny Personal Firewall. Here's a snip:
Techniques for defeating the outbound data filters in popular personal firewalls such as Zone Alarm and Norton Personal Firewall have been independently posted on the Web by several researchers. Using the methods described, a rogue program could upload private user data without being detected by the firewall, the experts claim.
To evade a firewall's guards against unauthorized data leaks, the new techniques include commandeering a legitimate program such as Microsoft's Internet Explorer and forcing it to send out data on behalf of the attacker.
Zone Alarm plans to incorporate a limited fix in an updated version next week, but full coverage isn't expected until January in Zone Alarm's next full update. The entire story at NewsBytes is here
Posted by: Tweaker
Thanks for the info "TR"
Now that we know this, what do we do for security??
Posted by: Kdr Kane
This is more of a preference than a security issue. First, you would have to install a trojan on your machine. Then of course, it could send out data to another site.
These are not really "leaks" per se. If you close up all of your out-bound traffic, you will never be able to surf without constant alarms. Many sites direct advertising to other sites.
It really looks like another "security" company trying to make a name for themselves.
Posted by: TotalRecall
Kane's correct. Don't get a trojan! 
Posted by: Canis Lupus
The women wouldn't like that ... 
Posted by: Jess
 Quote:
Originally posted by Kdr Kane
It really looks like another "security" company trying to make a name for themselves.
- Wouldn't that be all the security companies, though?
Here's a funny one for you (Sorta off topic, but about ZAP):
[quote]Originally posted by Purple`Haze:
A vulnerability exists in ZoneAlarm, a popular firewall for Windows home-users, which could allow an unauthorized user to connect to a host with local intranet security settings. The following was tested with ZoneAlarm Pro latest version: 2.6.357.
Similair to Internet Explorer, ZoneAlarm Pro (ZAP) has security settings for Local and Internet. However ZAP in certain cases classifies connections as Local when they really aren't Local. All connections that have the same 2 octets as your IP (ex. Your ip 123.123.123.123 - 123.123.*.*) are also considered Local.
That means everyone on with the same two first octet's of your IP can connect to your computer under local level security settings instead of the internet level security settings. With default settings this will expose your computer and all it's ports plus opening and allow access to windows services and shares..
|
Posted by: TotalRecall
I don't understand why they would assume the last two octets are local, but thanks Jess.
|
|
|
|
|
