Skip to comments.
New Windows attack can kill firewall
Infoworld ^
| 30 October 2006
| Robert McMillan
Posted on 10/31/2006 4:03:06 PM PST by ShadowAce
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-52 next last
1
posted on
10/31/2006 4:03:07 PM PST
by
ShadowAce
To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...
2
posted on
10/31/2006 4:03:20 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
"Once the firewall is down, where's your line of defense?" he said Monday, in an interview. Where it should be ... on a network appliance.
3
posted on
10/31/2006 4:04:10 PM PST
by
Centurion2000
(To liberals: Dead enemies need no political or diplomatic solutions.)
To: Centurion2000
Yup--Also "the attacker would have to be within the LAN in order to make the attack work, and, of course, it would only work on systems using ICS, which is disabled by default. Furthermore, the attack would have no effect on any third-party firewall being used by the PC"
4
posted on
10/31/2006 4:05:43 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
..."has concluded that the issue only impacts users of Windows XP,"...Oh well that's OK then. It'll only affect a few million people.
5
posted on
10/31/2006 4:06:12 PM PST
by
facedown
(Armed in the Heartland)
To: ShadowAce
Do these people really have nothing better to do?
To: TommyDale; MikefromOhio
7
posted on
10/31/2006 4:08:40 PM PST
by
Perdogg
(Democratic Party - The political wing of Al Qaida)
To: FReepapalooza
Do these people really have nothing better to do? Ya gotta wonder, don't ya?
8
posted on
10/31/2006 4:09:00 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
Short sighted thinking there when it comes to the 3rd party firewall. If the attacker can shut down the Windows firewall, what else could the attacker do if they are interested in doing something? There would have to be a hole that would allow them to run their code to shut down the firewall. If they've breached the system to that point, they can likely do any number of other things that might not be in the proof of concept code.
To: facedown
I was thinking the same thing.
10
posted on
10/31/2006 4:10:45 PM PST
by
DollyCali
(Don't tell GOD how big your storm is -- Tell the storm how B-I-G your God is!)
To: ShadowAce
Does anyone still use ICS?
11
posted on
10/31/2006 4:11:02 PM PST
by
Redcloak
(Speak softly and wear a loud shirt.)
To: ShadowAce
I've never used the windows firewall. I don't think it's all that good.
12
posted on
10/31/2006 4:11:06 PM PST
by
Cicero
(Marcus Tullius)
To: ShadowAce
An interesting, but lame hack. You've already got to be inside the firewall to do it. Somebody who's building their network using ICS is already not very serious about security.
The firewall belongs on a box upstream of the LAN anyway.
13
posted on
10/31/2006 4:11:49 PM PST
by
Ramius
To: ShadowAce
Users can avoid the attack by disabling ICS, Reguly said. But this will also kill the shared Internet connection. Why not just get a cheap router with a hardware-based firewall built in?
14
posted on
10/31/2006 4:11:51 PM PST
by
Mr Ramsbotham
(Laws against sodomy are honored in the breech.)
To: Redcloak
Does anyone still use ICS? Dial-up users still gotta use it, I believe.
15
posted on
10/31/2006 4:12:13 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
Anything but a hardware firewall is useless anyway.
16
posted on
10/31/2006 4:12:56 PM PST
by
sumocide
To: ShadowAce
Oh yeah... You have a point there. And here I was hoping for a minor MSFT screwup.
17
posted on
10/31/2006 4:13:28 PM PST
by
Redcloak
(Speak softly and wear a loud shirt.)
To: Centurion2000
Where it should be ... on a network appliance. Remember, we are dealing with users here.
Users....at home.
Appliance? My stove is ok. Fridge is keeping the beer cold. Check.
18
posted on
10/31/2006 4:14:31 PM PST
by
LasVegasMac
(Islam........not fit for human consumption.)
To: sumocide
Anything but a hardware firewall is useless anyway. Technically, there's no such thing. What you're thinking of is an appliance that only runs firewall software. While they're usually better than the Windows firewall, they still consist of just software.
19
posted on
10/31/2006 4:14:43 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: FReepapalooza
Do these people really have nothing better to do? Actually no they don't. Finding exploits and examining code is literally the purpose of some of these hackers' lives.
20
posted on
10/31/2006 4:16:24 PM PST
by
Centurion2000
(To liberals: Dead enemies need no political or diplomatic solutions.)
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-52 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson