Firewall Killer - AntiSec

Hi!

Not sure whether issue was discussed here. If not, take a look at the software here:

AntiSec disarms firewall and similar anti-intrusion programs while leaving the programs' icons in place as if protection was in force, thus allowing snooping programs access to computers without the owners knowing.

http://cryptome.org/dirty-antisec.htm

This issue is also currently being discussed under grc.security.software

 

Ahhhhhhhhhhhhhh emergency emergency panic panic Anarchy anarchy Blaze run around in circles.

I knew i wasnt triping the otheer day i went to a bad site and my zone alarm said true vector disabled and the za pro told me to reboot my system and the logo was a big red box with a yellow x.

but it was only temporary.

what your talking about is a ZA KILLER RIGHT

Panic panic=(

 

ughhhhhhhhhhh

 

Hi MRBLAZE!

The software not only disables ZA but the following firewalls/IDS programs as well:

Boshield.ico
Esafe.ico
cyberwall.ico
Atguard1.ico
Blackice.ico
zonealarm.ico
lockdown2000.ico
neverhack.ico
Jammer1.ico
eTrust Intrusion Detection.ico

 

well what are they doing about it gulp=(

Any news  any real feed back does that include the latest zone alarm pro 3020?

blaze grab WE Sim t shirt d.a.m.n it man tell me tell me hestiractly

 

I'd regard anything that's coming from Codex with a grain of salt until we get some hard info on the actual capabilities of the program. I'm heading over to GRC and DSL to catch up on what's been written. Later. Pete

 

spy 1 will sneak in and get the low dowen on those mofos good luck spy 1

 

I have not read it yet, so my thoughts might be premature (!), but I would be surprised if a good AT wouldn't protect you against such a thing....
Well, let's see.

 

lol that would suck you get za pro and all fire walls are obsolite caause some guy made that firewall killer.

 

I don't see SPF Pro 5 on that list - it has TerminateProcess protection.

 

Blast it man we need insight

ring the bells all parionoyed newby head for the hills grab your woman and children.

Blaze shows up in kelt blue face and dress they may take are land but they will never take are freadom.

anybody else feel a cold breeze?=)

 

             I'll wait to see what the experts have to say.....right now this thing doesn't seem very impressive to be........a process ender??   are so it would seem.

            don't think I'll be lossing any sleep over this.






            MR BLASE

              hope you are enjoying you very brand new firewall........there was a recent update....you are awear of it huh?  am not sure but I think it was a patch for the e mail feature.........not really sure

 

The general consensus on other forums seems to be that its' threat is minimal.

While the program claims to have shut down such-and-such a firewall when run, in many reported cases it actually hadn't - in the cases where it did, simply re-starting the app worked.

If you're running something like ZA, and using the DeskBand, it'll be instantly apparent if the icon's been replaced (you won't see activity on the bar while you're online anymore when you're surfing).

I wonder why more programs don't have a feature like that? And why it's seemingly so hard for the firewall manufacturers to include a feature that severs your Internet connection instantly if your firewall goes down while you're online? (it seems to me a small, separate program could be included which would constantly monitor two conditions - are you (a) online and (b) is the firewall up and running. If (a) is true and (b) is false, it would instantly cut your connection and throw up a box asking you to re-start your firewall. Pete

 

But that extra program could also be put out of control.
So it still would be a good idea to have a good resident running AT.

 

Resident running AT's are targeted by the same kinds of exploits. They should have the same feature included.

As I said, this small program would be separate from whatever the parent program is, and one of the requirements of using it would be to re-name it to something of your choice (thus making it secure from dis-abling - it can't be shut down if malware doesn't know what its' path is).

Where's javacool at - I bet he could design a program that would do this himself (you could have a 'fill-in-the-blank' feature for whatever program you're trying to cover with it). Pete

 

          TerminateProcess?  isn't that the same or very near the same as using  Alt+Ctrl+delete?  

        on my os if/when using Alt+Ctrl+delete a warning window will automatically appear stating that all un-save information will be lost if I continue.......an then there is an option to make a choice.

         am not for certain but isn't this the same way with win2000 and xp?


         Pete we have near same os's.....is that how your's works?

         so as I don't have a false sense of security.....if this is not the case its appreciated if someone advised.


              thankingya all

 

{SNOWMAN}   hope you are enjoying you very brand new firewall........there was a recent update....you are awear of it huh?  am not sure but I think it was a patch for the e mail feature.........not really sure

WHERE IS THIS PATCH LOL

 

mr.blaze - Use the 'Check for Updates' feature in ZA.

Helpful hint - It's probably not a good idea to mock the way other people write - if it hasn't crossed your mind, that could, definitely, back-fire on you. Pete

 

LOL=) what on gods eareth are you talking about mock i use cut and pase lol i be the last person to mock someone ROTFL LMAO have you seen my spelling

im worst then any one here lol=)

i think you better go back and reads smomes posts ; lol

yes i look at updates already says there are none im have most current verstion=)

so where is patch or i dont need one

 

snowman - No, I think it refers to whatever happens when you close any program using the program itself, not C/A/D. Like clicking the 'x' in the upper right-hand corner of the screen while you're in your browser.

I'm not expressing myself well on my idea, apparently.

Last shot: I'm running Program X resident in SYSTRAY, and it's in my start-up.

Iwant to be instantly notified if Program X goes down - for whatever reason.

The makers of Program X (being the nice, customer-responsive guys that they are) , provide me with a small separate d/l (which is either tied into an existing process monitor on my computer or contains one of its' own). All that small program does is monitor the two conditions I noted before - (a) is the computer connected to the Internet (b) is Program X a running process. If the small program (or separate module) sees that the indicated program has shut down, and the computer is still on the Internet, it instantly throws up a screen asking you if you wish to re-start the program while at the same time cutting your Internet connection. As I said before, you would have to re-name the module with the name of your choice to keep it from being terminated by any outside source - and seeing as how it's a separate d/l (those who didn't wish to make use of it wouldn't have to d/l or use it.

I really do not understand why this wouldn't work, so someone please explain it to me. okay? pete

 

            Pete

            you explained yourself very well......an your idea sounds super great........I'll be watching to see if such a program is mage available.

          actually,, seems I mistakenly thought that a warning would be displayed if any process was being terminated by way of the terminate process feature....an I appreciated your guidence..thanks


         P.S.

            if by chance it somehow appeared that it was me who was mocking how someone writes......I definitely did not intend to do so......an offer an apology
if it appeared as such............never would I intentionally do such a thing..........an Pete I am grateful to you for pointing this out .     I type poorly.....an rarely check for mis-spelling......a bad combination.........

 

      http://www.edvicesecurity.com/ad02-02.htm




        Mr Blase

        the above url is the info i was referring to......an as Pete said......the updater should dl any patches...to be honest I may have spoken to soon an a patch has not been made as yet......my apology if such is the
case,,,    from one of your other posts I was awear that you had un-checked "check for update" an I just wanted to make sure you was being fully potected.