| View previous topic :: View next topic |
| Author |
Message |
Lin Sivvi Defiant Hero
Registered User
Joined: 17 Jan 2002
Location: Some small boring city
Posts: 1205
|
 Posted: Sat May 04, 2002 5:58 pm Post subject: Very interesting article for those who like compute security |
 |
|
Here
It's a program that injects a dll file into the memory of a firewall. It's some what like the cheat injection to hl, but in a different form. I liked reading it. |
|
| Back to top |
|
 |
Warhammer
Server Admin
Joined: 12 Aug 2001
Location: Atlantuh, Jawjuh
Posts: 1226
|
| Posted: Sun May 05, 2002 9:11 am Post subject: |
|
|
| Looks like this only applies to Sygate, Symantec, McAfee, TinyPersonalFirewall, and Kerio personal firewalls. An enterprise or soho-based firewall like Firewall-1, PIX, Raptor, or even the little Linksys systems aren't affected. It's an interesting attack but it's not one that's impossible to defend against. If the pfw's did a runtime hash of the code in memory it would be defeated. Also, it doesn't work if you're not logged in with administrator priviliges. Most people running NT/2K/XP based systems do this for convenience, unfortunately. |
|
| Back to top |
|
|
Lin Sivvi Defiant Hero
Registered User
Joined: 17 Jan 2002
Location: Some small boring city
Posts: 1205
|
| Posted: Sun May 05, 2002 9:34 am Post subject: |
|
|
| I think it's a hack that would be used with spyware and trojans applications, and not on against big companies. It is like the trojans that hijack internet explorer. It does work against more firewalls, such as zonealarm. If you read that thread all the way through, the guy reversed it and made it work with ZA. I'm not too sure how a linksys, or soho firewall could prevent this, but all you would need to do in any case is block the firewall itself from accessing the internet. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
