Re: The Coalition against Personal Firewalls
- From: Wolfgang Ewert <w.ewert2002@xxxxxx>
- Date: Tue, 30 May 2006 14:13:40 +0200
Leythos wrote:
In article <447a7400@xxxxxxxxxxxxxxx>, bumens@xxxxxxxxxxx says...What does it mean? Volker's PoC failed on some computers, it successed on
Against this stands for example a simple PoC code of mine, which
simply ignored every "Personal Firewall" on the market and phoned
home.
And you've ignored people that stated your POC failed on their
computers with PFW installed.
others, so it's still possible to circumvent these PFWs. ...
No, what it means is that it only works on computers that were already
vulnerable and where the user has not followed microsofts instructions
on how to secure the browsers.
No, it hasn't had to do with vulnerabilities. There are multiple built in
mechanism in the Windows OS for inter process communications and so for
remote control applications: Windows Messaging (the only thing, what
breakout.c uses), DCOM, ...
here are some more examples:
windows http://copton.net/Personal_Firewalls/ccc-vortrag-en.html
Instead of this I'd try to test a DNS-tunneler as phone home software.
All the POC code does is show that the user is already vulnerable, and
that they may have improperly configured their PFW as it didn't work on
any of the computers I tried it on.
Tell it Mr. Birk. He'd write a special version of the PoC for you ;-)
Wolfgang
.
- References:
- The Coalition against Personal Firewalls
- From: Rod Engelsman
- Re: The Coalition against Personal Firewalls
- From: Volker Birk
- Re: The Coalition against Personal Firewalls
- From: Wolfgang Ewert
- The Coalition against Personal Firewalls
- Prev by Date: Re: NIS Norton/Symantec firewall compromised for MicroSoft
- Next by Date: Sebastian - Re: What is blocking my ports?
- Previous by thread: Re: The Coalition against Personal Firewalls
- Next by thread: Re: The Coalition against Personal Firewalls
- Index(es):
Relevant Pages
|
