Re: Things a Firewall won't stop?

From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 01/07/03

• Next message: Karl Levinson [x y] mvp: "Re: Outlook Express Removes "Dangerous Attachments""
• Previous message: Steve: "Blocked access to email attachments"
• In reply to: Slarty Bartfast: "Things a Firewall won't stop?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Karl Levinson [x y] mvp" <levinson_k@excite.com>
Date: Tue, 7 Jan 2003 10:20:11 -0500

As mentioned in the other posts, this is not necessarily a successful attack
but a trick to get you to buy software.

It's true that firewalls do not block everything and are not a complete
security plan. However, this doesn't mean you should throw away your
firewall. Note that any attack that requires you to be fooled into going to
a hostile web page to run it is going to be somewhat uncommon and is not the
first thing I would worry about, unless you have already installed a
firewall and taken the other usual steps to secure your computer.

Also, it doesn't make much sense to choose a security plan based on whether
it blocks one particular attack. You want to secure your computer against
all of them, starting with the most common ones.

Said differently, the security community is already aware of attacks of this
type, but the general advice on how to secure your computer is nevertheless
still the same as always:

http://securityadmin.info/faq.htm#harden
http://securityadmin.info/faq.htm#firewall

"Slarty Bartfast" <Slarty@Bartfast.com> wrote in message
news:OHWrMagtCHA.2596@TK2MSFTNGP12...
> I recently ran a 'Snoop' test from this company;
>
> http://www.anonymizer.com/snoop/test_ip.shtml
>
> I ran the tests from a laptop dial-up, (Virus protected, but no firewall
> software) and again using the same laptop from behind the company
Firewall.
> Both times the results were the same. It didn't matter that I was behind
the
> Firewall to be 'compromised'.
>
> The tests showed a number of obvious things like my IP, City and country
> location, Browser and Operating System.
>
> What bothered me was, it was able to open and display any *.ini file in my
> computer.
>
> It displayed the contents of my clipboard in real-time.
>
> It activated various windows such as 'Control Panel', 'Network
Nieghborhood'
> etc.
>
> It presented me with a normal looking 'file download' screen with a radio
> button and caption "Open this file from it's current location". When I
> clicked on it, it ran an application - which could have been malicious in
> real life.
>
> So I don't think beefing up the Firewall will help in these type of hacks.
> This company has a product to sell of course, but are there any comments
> from this NG regarding my options?

---

• Next message: Karl Levinson [x y] mvp: "Re: Outlook Express Removes "Dangerous Attachments""
• Previous message: Steve: "Blocked access to email attachments"
• In reply to: Slarty Bartfast: "Things a Firewall won't stop?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.security  > 2003-01