[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Firewall Check

Hi Armin

I've found an interesting Program to check firewalls. It demonstrates the ability to connect to internet via other programs which are allowed to connect. (Trojan Horses) Is it possible to block the program from accessing the internet via a stand-alone router ?

--> A router cannot detect which program sent the package. It can deny access to certain IP ranges and/or certain port ranges.

Ok - this was a clear point. And what about standalone firewalls (i.E. SuSE Firewall) ? I think, to block such internet access is only possible with an client-based firewall, which knows the programs and dlls which are allowed to access the net ?

The important point IMHO is to teach users not to download programs from the internet without thorough checking of the intention of the program. And of course not to click on suspicious links or open Email Attachments.

I think the only posibility to avoid such dangers is to prevent users from downloading ANY program ;-)
This little demo program works without installing it :-/



Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here