Re: win xp firewall

From: CJ (andrew@hotwire.com)
Date: 05/06/02 

From: "CJ" <andrew@hotwire.com>
Date: Sun, 5 May 2002 19:37:48 -0700

Thank you....
------------------
New Sygate Pro 5 PFW build 1116 here for download - 5M
http://forums.sygatetech.com/showthread.php?threadid=1087
pay attention to the login and pswd they give you for the download
------------------ 

--
73 / DX  de Charles
AB7SL - Ham Radio Pages
www.ab7sl.com
"ThePsyko" <thepsyko@itookmyprozac.com> wrote in message
news:Xns9205C2C41E32EIWishIWas@marashouse.org...
> On 05 May 2002 in that fucked up hellhole known as
comp.security.firewalls,
> an identity claiming to be CJ spewed forth
> news:udb1cmm86ce84f@corp.supernews.com:
>
> > Hello The Psyko,
> >   Just to clarify you stated that opening files only from "trusted
> > sources" was the answer to preventing trojan infestation.  I simply
> > pointed out that if your "Granny" was unaware she had klez you might
> > well get a "trusted" but "infected" email from her.  Based on your
logic
> > of "trusted" sources you would not hesitate to open the infected
file.
> >   Anyway..It is no big deal....I apologize if I upset you. Take look
> > here to see what I mean....
> >   http://www.ab7sl.com/friendship.html
> >
> >
>
> err.. actually I was talking about the net send command which is used
to
> send a popup box to a remote system running the messenger service.. 9x
> doesn't have it but NT/2K and XP all have it running by default.  It's
> convenient when you need to take a server down and don't want to run
around
> the office telling everybody :)  But there's a big difference between
a net
> send packet and a 'file' that could be infected with a trojan.. you
can't
> infect / install or otherwise tamper with a remote system via the net
send
> command (if you go to your DOS prompt and type (without the quotes)
"net
> send /?"  you'll see what I"m talking about.  My point was, the XP
firewall
> doesn't stop those packets from entering your system and IMO they
should.
> It's trivial to toss together a script that will loop endlessly
through the
> net send command - I have one on my IIS server (which isn't open to
the
> public - it's just for testing purposes)
>
> <?php
> $ip = $HTTP_REMOTE_ADDR;
> for($i = 1; $i <= 1000; $i++) {
>   exec("c:\winnt\system32\net send $ip \"HACKED BY CHINESE!!\"");
> }
> ?>
>
> That doesn't pose any real threat.. it's just annoying.. but I accept
your
> apology :)
>
>
> --
> ThePsyko
> Public Enemy #7
> "God told me to skin you alive"
>
> http://prozac.iscool.net