Archived from groups: comp.security.firewalls (More info?)

The word firewall seems to indicate a powerful piece of software that
will protect our computers from hackers while we are online. But if a
cracker can unlock a trial firewall program in a few minutes, then how
can we trust any firewall program to protect us?

Archived from groups: comp.security.firewalls (More info?)

John Smith wrote:

> The word firewall seems to indicate a powerful piece of software that
> will protect our computers from hackers while we are online. But if a
> cracker can unlock a trial firewall program in a few minutes, then how
> can we trust any firewall program to protect us?

A firewall is like a bullet-resistant vest. People never say
"bullet-resistant", do they? No, they always say "bullet-proof",
because they don't understand security or safety.

Archived from groups: comp.security.firewalls (More info?)

What makes you think "a cracker can unlock a trial firewall program in a few
minutes?"
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

Archived from groups: comp.security.firewalls (More info?)

On 26 Jun 2004 15:48:15 -0700, John Smith wrote:
> The word firewall seems to indicate a powerful piece of software that
> will protect our computers from hackers while we are online. But if a
> cracker can unlock a trial firewall program in a few minutes, then how
> can we trust any firewall program to protect us?

It would be a pretty poor firewall which can be disabled from the
internet side of the connection. Now if the user runs programs
(browser/email,...) which can disable the firewall, the best firewall
inthe world is useless.

My solution is to take Micro$oft's advice you see on their product
specifications,
Memory: 128meg or more
OS: win98 or better
So I run linux OS.

Archived from groups: comp.security.firewalls (More info?)

>It would be a pretty poor firewall which can be disabled from the
>internet side of the connection. Now if the user runs programs
>(browser/email,...) which can disable the firewall, the best firewall
>inthe world is useless.

>My solution is to take Micro$oft's advice you see on their product
>specifications,
> Memory: 128meg or more
>OS: win98 or better
>So I run linux OS.

Oh? Will Linux protect you if you run malicious software on your computer?
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

Archived from groups: comp.security.firewalls (More info?)

On Sat, 26 Jun 2004 19:16:31 -0400, "Crash" Dummy wrote:
>>It would be a pretty poor firewall which can be disabled from the
>>internet side of the connection. Now if the user runs programs
>>(browser/email,...) which can disable the firewall, the best firewall
>>inthe world is useless.
>
>>My solution is to take Micro$oft's advice you see on their product
>>specifications,
>> Memory: 128meg or more
>>OS: win98 or better
>>So I run linux OS.
>
> Oh? Will Linux protect you if you run malicious software on your computer?

It will not run it unless I save/download it, change the permissions
to execute, then execute it.

Even at that, it can only wipe out my home directory/folder and not
disable the firewall or any other system dammage.

Archived from groups: comp.security.firewalls (More info?)

x-no-archive: yes

Bit Twister wrote:

> On Sat, 26 Jun 2004 19:16:31 -0400, "Crash" Dummy wrote:
>>> It would be a pretty poor firewall which can be disabled from the
>>> internet side of the connection. Now if the user runs programs
>>> (browser/email,...) which can disable the firewall, the best
>>> firewall inthe world is useless.
>>
>>> My solution is to take Micro$oft's advice you see on their product
>>> specifications,
>>> Memory: 128meg or more
>>> OS: win98 or better
>>> So I run linux OS.
>>
>> Oh? Will Linux protect you if you run malicious software on your
>> computer?
>
> It will not run it unless I save/download it, change the permissions
> to execute, then execute it.
>
> Even at that, it can only wipe out my home directory/folder and not
> disable the firewall or any other system dammage.

Don't be naive. For one thing, you can run as a limited user on
Windows, just as you can on Linux (though it's pretty unbearable in
actual practice). And malware can do damage on Linux just as it does on
Windows. There are privilege-elevation exploits on Linux, and there
would be more of them if there were an impetus for malware authors to
target the platform.

Changing permissions has nothing to do with it for the average idiot. I
don't care what platform you plop a moron down in front of--if that
moron knows how to make something run, the moron will run it. Just look
at the recent Windows malware which was sent in password-protected ZIP
files. The payload email messages gave the users instructions on how to
open the ZIP files, and the morons opened and ran it. Don't you think
that the same morons would do the same thing, if they were at a Linux
workstation, and that email gave instructions on how to change
permissions and make something execute?

Archived from groups: comp.security.firewalls (More info?)

On Sat, 26 Jun 2004 23:33:39 GMT, · wrote:

> Changing permissions has nothing to do with it for the average idiot. I
> don't care what platform you plop a moron down in front of--if that
> moron knows how to make something run, the moron will run it. Just look
> at the recent Windows malware which was sent in password-protected ZIP
> files. The payload email messages gave the users instructions on how to
> open the ZIP files, and the morons opened and ran it. Don't you think
> that the same morons would do the same thing, if they were at a Linux
> workstation, and that email gave instructions on how to change
> permissions and make something execute?

No system is secure when the admin/superuser is an idiot.

You cannot idiot proof anything because nature is constantly making
better idiots.

Archived from groups: comp.security.firewalls (More info?)

>No system is secure when the admin/superuser is an idiot.

>You cannot idiot proof anything because nature is constantly making
>better idiots.

That's why your gratuitous "So I run linux OS" was pointless. An informed user
running Windows is more secure than an idiot running Linux. Of course, I don't
expect anybody who spells Microsoft "Micro$oft" to be rational or objective.
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

Archived from groups: comp.security.firewalls (More info?)

x-no-archive: yes

Bit Twister wrote:

> On Sat, 26 Jun 2004 23:33:39 GMT, · wrote:
>
>> Changing permissions has nothing to do with it for the average
>> idiot. I don't care what platform you plop a moron down in front
>> of--if that moron knows how to make something run, the moron will
>> run it. Just look at the recent Windows malware which was sent in
>> password-protected ZIP files. The payload email messages gave the
>> users instructions on how to open the ZIP files, and the morons
>> opened and ran it. Don't you think that the same morons would do
>> the same thing, if they were at a Linux workstation, and that email
>> gave instructions on how to change permissions and make something
>> execute?
>
> No system is secure when the admin/superuser is an idiot.
>
> You cannot idiot proof anything because nature is constantly making
> better idiots.

Exactly my point. If you replaced Windows with Linux across the world,
then you'd have millions of morons acting as Linux admins. And though
the song would change, the music would still go on.

Archived from groups: comp.security.firewalls (More info?)

On Sun, 27 Jun 2004 00:08:26 GMT, · wrote:
>
> Exactly my point. If you replaced Windows with Linux across the world,
> then you'd have millions of morons acting as Linux admins. And though
> the song would change, the music would still go on.

Hmmm, maybe, maybe not.
Mandrakelinux out of the box has you create the user account
and the gui login does not have the root/superuser account selection.

That will work for the majority of the average users and they will not
be getting infected just by reading an email.

Archived from groups: comp.security.firewalls (More info?)

"\"Crash\" Dummy" <dvader@deathstar.mil> wrote in message news:<10drvv5m1f70j32@corp.supernews.com>...
> What makes you think "a cracker can unlock a trial firewall program in a few
> minutes?"

An experienced cracker who is familiar with protection systems could
patch the trialware in a very short time to give the full version.
I've seen how it's done.

Archived from groups: comp.security.firewalls (More info?)

>An experienced cracker who is familiar with protection systems could
>patch the trialware in a very short time to give the full version.
>I've seen how it's done.

And he can do this over the internet with the firewall running?
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

Archived from groups: comp.security.firewalls (More info?)

"Bit Twister" <BitTwister@localhost.localdomain> skrev i meddelandet
news:slrncds4ek.3uj.BitTwister@wb.home.invalid...
> On Sun, 27 Jun 2004 00:08:26 GMT, · wrote:
> >
> > Exactly my point. If you replaced Windows with Linux across the world,
> > then you'd have millions of morons acting as Linux admins. And though
> > the song would change, the music would still go on.
>
> Hmmm, maybe, maybe not.
> Mandrakelinux out of the box has you create the user account
> and the gui login does not have the root/superuser account selection.
>
> That will work for the majority of the average users and they will not
> be getting infected just by reading an email.
>




Can a hacker bypass a firewall from outside easily?
As for spyware perhaps execution detection or registry monitoring is enough?

Archived from groups: comp.security.firewalls (More info?)

On Sun, 27 Jun 2004 08:00:57 GMT, news wrote:

> Can a hacker bypass a firewall from outside easily?

Anything is easy when you know how. A CRACKER gets through the
firewall by using a service or a bug in the firewall or Operating system.

When you see the term *External Exploit* that means the attacker can get
control from the outside. All the attacker has to do is it get the
program with the external exploit to run.

> As for spyware perhaps execution detection or registry monitoring is enough?

Tell me, if some malware attaches it's self to a valid program which
is already registered, would a registry monitoring program see it?