RE: antifirewall
From: Seth Knox (seth.knox@sygate.com)Date: 08/24/02
- Previous message: Sean N MacLeod: "Re: Modem Audit Tool"
- Maybe in reply to: Guy Nevo - Decidir International Headquarters: "antifirewall"
- Next in thread: jnf : "Re: antifirewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Seth Knox <seth.knox@sygate.com> To: 'Guy Nevo - Decidir International Headquarters' <guy@decidir.net> Date: Fri, 23 Aug 2002 15:09:19 -0700
Guy,
The best way to prevent this type backdoor is with a host-based firewall
that can create rules that link to the application layer. On a single
machine you can use a application-based personal firewall. In an enterprise
environment, you'll need a solution that include central management,
enforcement, and the ability to learn application that are being used in
your network. Then you can push out a policy to block all unauthorized
application (white list type policy) or specifically block antifirewall and
other malicious applications (blacklist type policy). Here are some links
where you can get more information. I'd be happy to answer any specific
questions you have on this type of a solution.
Enterprise Solution:
http://www.sygate.com/solutions/datasheets/Sygate_Secure_Enterprise_Datashee
t.pdf
Consumer Solution: http://soho.sygate.com/products/pspf_ov.htm
Seth Knox
-----Original Message-----
From: Guy Nevo - Decidir International Headquarters
[mailto:guy@decidir.net]
Sent: Thursday, August 22, 2002 1:07 PM
To: security-basics@securityfocus.com
Subject: antifirewall
Hi list!
Does anybody know what can be done in order to block this product
(antifirewall - http//www.antifierwall.com) that alouds users to jump over
the firewall and use port 80 for ICQ and other dangerous
staff?
Saluda atentamente,
Guy Nevo
Gerente General
Decidir Argentina
http://corp.decidir.com/ceos.asp?ceo=nevo
________________________________________
mailto:guy@decidir.net
Visítenos en http://www.decidir.com.ar
Decidir Argentina
*************** Pie de confidencialidad de correo electrónico en Internet
***************
Este mensaje puede contener información confidencial. Si usted no es el
destinatario de este mail, o la persona encargada de recibir los mensajes
para dicha persona, por favor no copie ni reenvíe este mensaje. De ser así,
por favor destruya este mensaje y de ser tan amable notifique al remitente
con un e-mail. En caso de no querer recibir esta clase de información vía
Internet, por favor avísenos cuanto antes. Conclusiones, opiniones y
cualquier otro tipo de información que contenga este mensaje y que no este
directamente relacionado con el rubro oficial de esta Empresa, no debe ser
tomado en cuenta.
- Previous message: Sean N MacLeod: "Re: Modem Audit Tool"
- Maybe in reply to: Guy Nevo - Decidir International Headquarters: "antifirewall"
- Next in thread: jnf : "Re: antifirewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
