(cross post from WOODY'S LOUNGE here (http://www.wopr.com/cgi-bin/w3t/showflat.pl?Cat=&Board=security&Number=500749&page=0&view=collapsed&sb=5&o=0&fpart=) regarding an article in the July 18 ABC newscast about Keyloggers (http://abcnews.go.com/WNT/story?id=950313&page=1) )

My concern/question came from reading the article and the following a link in it to the Trojan Horse Demo by Hacker Eliminator, at:

~removed link to conform to TOS~ dog

"In testing we have tried several other firewall programs and ran the SubSeven server without raising any alarm whatsoever. The reason is that SubSeven will open a port on the computer as soon as it starts up ready and listening for the hacker to connect. As the port is already open when the standard firewall opens, it simply trusts it and ignores the Trojan."

Sooo, does this mean that my firewall (ZA) is NOT protecting me from outbound requests?

-{ Quote: "(cross post from WOODY'S LOUNGE here (http://www.wopr.com/cgi-bin/w3t/showflat.pl?Cat=&Board=security&Number=500749&page=0&view=collapsed&sb=5&o=0&fpart=) regarding an article in the July 18 ABC newscast about Keyloggers (http://abcnews.go.com/WNT/story?id=950313&page=1) )

My concern/question came from reading the article and the following a link in it to the Trojan Horse Demo by Hacker Eliminator, at:

~removed link to conform to TOS~ dog

"In testing we have tried several other firewall programs and ran the SubSeven server without raising any alarm whatsoever. The reason is that SubSeven will open a port on the computer as soon as it starts up ready and listening for the hacker to connect. As the port is already open when the standard firewall opens, it simply trusts it and ignores the Trojan."

Sooo, does this mean that my firewall (ZA) is NOT protecting me from outbound requests?" }-
You might also try posting in the Other Firewalls forum.

I don't know why the link to the trojan DEMO was removed. That demo is
over two years old now.

I actualy checked out Lockdowns site the other day just to see if anything new was happening with them.
Doesn't appear to be any new ennovation on their site these days either.

controler

-{ Quote: "I don't know why the link to the trojan DEMO was removed. That demo is
over two years old now.

I actualy checked out Lockdowns site the other day just to see if anything new was happening with them.
Doesn't appear to be any new ennovation on their site these days either.

controler" }-
Do you know the answer to the original post?

-{ Quote: "(cross post from WOODY'S LOUNGE here (http://www.wopr.com/cgi-bin/w3t/showflat.pl?Cat=&Board=security&Number=500749&page=0&view=collapsed&sb=5&o=0&fpart=) regarding an article in the July 18 ABC newscast about Keyloggers (http://abcnews.go.com/WNT/story?id=950313&page=1) )

My concern/question came from reading the article and the following a link in it to the Trojan Horse Demo by Hacker Eliminator, at:

~removed link to conform to TOS~ dog

"In testing we have tried several other firewall programs and ran the SubSeven server without raising any alarm whatsoever. The reason is that SubSeven will open a port on the computer as soon as it starts up ready and listening for the hacker to connect. As the port is already open when the standard firewall opens, it simply trusts it and ignores the Trojan."

Sooo, does this mean that my firewall (ZA) is NOT protecting me from outbound requests?" }-


Perhaps you could run a port checker like Active Ports or Portmon (both free) to check for suspicious activity. Also that's another reason we all still need anti-trojan software imo because with all the HIPS & IDS 'this and that' software around, if you get a trojan on your computer by, for example installing a program that you though was malware free, it still comes down to your anti-trojan to stop it.