LOOK OUT: A New Windows attack can kill firewall

[Alec§taar]

New Windows attack can kill firewall:

http://www.networkworld.com/news/2006/103006-new-windows-attack-can-kill.html



* This IS pretty 'bad news' guys... & why I use "layered security"...

APK

P.S.=> Knock one down, like this one? Another (like port filtering &/or "NAT" routers, as just SOME examples) just get in the way... apk

 

[DaMulta]

This is why I have a Hardware firewall.

 

[Alec§taar]

This is why I have a Hardware firewall.

Agreed, & also why I did things like port filters & services "hardening" too... this is also another reason WHY I run Windows Server 2003 - this exploit isn't possible on it!

APK

 

[Deleted member 24505]

i reckon my blackice firewall could block that.windows firewall pah

 

[bruins004]

Agreed, & also why I did things like port filters & services "hardening" too... this is also another reason WHY I run Windows Server 2003 - this exploit isn't possible on it!

APK

Well Windows Server 2003 was meant to be more protective than Windows XP.
There have been some exploits on it, but def. not as much as XP.

 

[Alec§taar]

i reckon my blackice firewall could block that.windows firewall pah

Maybe, for now? That's the best move an XP user could make... for a 'quick fix', just use another firewall!

You have a good point.

APK

 

[Jimmy 2004]

Well I have a hardware firewall on my router and both my PCs are protected by a software firewall behind that. I know it could be hacked but at the end of the day hackers are much more likely to exploit the easier PCs and leave mine alone. Plus my firewall is Comodo not the built in windows one so it should be fine against attacks.

 

[Alec§taar]

Well I have a hardware firewall on my router and both my PCs are protected by a software firewall behind that. I know it could be hacked but at the end of the day hackers are much more likely to exploit the easier PCs and leave mine alone. Plus my firewall is Comodo not the built in windows one so it should be fine against attacks.

As long as you don't run UPnP service, & don't allow remote administration of your HARDWARE "NAT" firewalling router, that should be safe as 1 layer of defense.

(Steve Gibson of "shields-up" gives a decent explanation of that on his sites, & the newscast downloadable .mp3 files he has there & HOW that works in case your interested. A lot of folks give that guy a lot of guff, but he often makes pretty good points imo!).

And, like others stated above? It's probably a wise move to just use another firewalling program until the next "Patch Tuesday" issuance from MS... even if only temporarily.

APK

P.S.=> You know, I do TRY to be an "optimist" about 'hacker/cracker' types exposing this type of weakness, because if they didn't, who KNOWS if the OEM's of various softwares would make patches or not... but, it gets a little "maddening" finding out wares we use are riddled w/ holes too, every month or two... apk

 

[Jimmy 2004]

Yeah, I think UPnP is the most idiotic attempt at improving firewalls I've known. It tried to make them easy to use but opens them up to trojans. Both UPnP and remote administration are disabled... and for local security so is 128bit wep and MAC Filtering... not one port is open on my router's firewall. I would enable WPA encryption and use a hidden SSID but my some of my family's laptops can't connect then.

 

[Agility]

So what now? I wait for my stupid brother who doesn't know a shit about computers to hack me in my local network? Lol.

 

[Alec§taar]

So what now? I wait for my stupid brother who doesn't know a shit about computers to hack me in my local network? Lol.

Ah, now THAT's the point I was curious about...

I.E.-> Does this count merely for INTERNAL "Home LANS", or does it also count for folks on the same ISP/BSP?

(Sort of like how the old filesharing errs existed on Win95)

* I am unclear about this... what do you guys think?

APK

 

[Agility]

Thats why i was wondering this would also mean a LAN network which means offices or a small net work set up. And it would also mean that hacker can hack easily and get caught easily too.

 

[Alec§taar]

Thats why i was wondering this would also mean a LAN network which means offices or a small net work set up. And it would also mean that hacker can hack easily and get caught easily too.

Probably VERY true, because there is a log you can maintain in Windows Firewall, & it indicates who/what is connecting to you & from where...

APK

 

[Steevo]

One machine, one download, one user.



Users are the biggest security risk to any company. All we can do is to educate them on what is unsafe, and possibly deny them as much access, through firewall filtering, and local file access.


In our network here, if one PC gets hacked via a downloader, or some other form of malware, and they actually manage to make it through the firewalls........

 

[Alec§taar]

One machine, one download, one user.

Users are the biggest security risk to any company. All we can do is to educate them on what is unsafe, and possibly deny them as much access, through firewall filtering, and local file access.

In our network here, if one PC gets hacked via a downloader, or some other form of malware, and they actually manage to make it through the firewalls........

In a way, I don't BLAME network techs/admins for "locking things down" for most folks, or moving towards std.'ized desktops like Citrix/TS or even Winterms usage...

I usually am not subject to that as a developer (usually I get admin rights across a LOT of areas, especially data I have to access), but I have seen folks NOT like it as end-users... limiting their freedoms & such.

I wouldn't like it either, but then, the equipment's NOT MINE either. I am only "borrowing it" to do a particular job is all.

BUT, it makes good for the "whole of the herd" @ any company... and, does make guys like you Steevo, have an easier day... hopefully!

(And, I am sure occasionally? Stuff gets thru, anyhow... bad stuff!)

APK

 

[Steevo]

We have a suck re tardy that would download everythign she could get her hands on. And a few years back when er were still inthe 9X days I was plagued by a copy of a trojan-worm that was infested so bad that I had to travel to our other store and start, one machine at a time boot-clean-check-shutdown. Then back here.

And the bad part was is only 3 PC's on then etwork had internet access through dialup. But they spread due to everything being shared with no username or password.

All from one user.


No more though. I have the server check inside all the backups, and with proper file access control no more problems. I do look forward to a server version of Vista-Longhorn for the ability to forward errors and critical event logs to one location from many machines. Plus enforced security for access.

 

[Batou1986]

i don't worry about firewalls because theres really noting on my computer worth hacking or any reason to waste the time

 

[Canuto]

It's not the importance of what you have it's a question of principle..

 

[bruins004]

And it can also be a major headache as well.

 

[Batou1986]

And it can also be a major headache as well.

exactly i find i have more problems with firewalls then anything else also im behind a router with the firewall off but to my understanding its quite hard to hack a computer behind a router that only has a local ip address i may be wrong but still who's gonna take the time to hack my computer to do what steal my steam account that i don't use or what my porn from bt ??

Btw anyone know of a anti virus like avg free that supports x64

 

[Jimmy 2004]

I think Avast supports X64, might be wrong. As for being behind a router - it makes it slightly more difficult than a direct connection but still very easy compared to a firewall being there.

 

[Steevo]

A small encapsulation program and a bit of ping 6 will get you a false origination IP address generator as well as a source generator. Plus a tiny little random number generator. Think about it. Generate millions of packets from a few machines and a few mediocre connections in a few minutes.



All small enough to fit on a floppy.