Re: ... Tiny Personal Firewall ...
From: Scott Nursten (scottn@s2s.ltd.uk)Date: 03/01/02
- Previous message: Dave Ahmad: "Re: ... Tiny Personal Firewall ..."
- In reply to: Andrew Barkley: "... Tiny Personal Firewall ..."
- Next in thread: Dave Ahmad: "Re: ... Tiny Personal Firewall ..."
- Reply: Dave Ahmad: "Re: ... Tiny Personal Firewall ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 01 Mar 2002 16:55:40 +0000 From: Scott Nursten <scottn@s2s.ltd.uk> To: Andrew Barkley <andrew.barkley@usa.net>, <bugtraq@securityfocus.com>
Not being au fiat with Windows programming etc., I was wondering if this was
standard practice? Surely if the workstation is locked it's supposed to stop
all I/O?
Isn't this also an OS related bug? No flames please, it's just a question.
:)
Regards,
Scott
--On 28/2/02 2:53 pm, "Andrew Barkley" <andrew.barkley@usa.net> wrote:
> Hi ... > > > Scanning hosts running the Tiny Personal Firewall (2.0.15a) on W2K > workstations that have been locked (ctl + alt + del) > > The popup alert/dialogue jumps to the foreground, thus open to accept > permit/deny input from the local console, even when the workstations are > locked (ctl + alt + del). Thus an untrusted individual whom has local access > to individuals workstations can scan a workstation/network, wait for the popup > alert dialogue and enter "permit" on unattended (locked workstations) without > the owners permission/knowledge, No need to first unlock (ctl + alt + del) > ... > > > CHEERS ... >
- Previous message: Dave Ahmad: "Re: ... Tiny Personal Firewall ..."
- In reply to: Andrew Barkley: "... Tiny Personal Firewall ..."
- Next in thread: Dave Ahmad: "Re: ... Tiny Personal Firewall ..."
- Reply: Dave Ahmad: "Re: ... Tiny Personal Firewall ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
