GhostWall - Major Flaw

Helllo,

A major security flaw is present in GhostWall 1.150!

Because the software requires the user to have Administrative rights to initialize the Ghostwall Firewall Engine , I think it makes this software pretty useless. Securing the rulesets via admin is fine, but if the engine doesn't load when executed as a User, what good is it? Please take a look at fixing this problem, you don't want to end up on the Threat Code list.

http://www.threatcode.com/admin_rights.htm

 

Check out posts 8, 9,10,11 & 12 on this thread:
https://www.wilderssecurity.com/showthread.php?t=99345

Are you saying that you found no protection with Ghostwall under a limited user account as compared to what's mentioned there?

 

It allowed me to create a Feelancer (MS Game) server and access it from a remote system. Windows FW asked if it should be allowed, but Ghostwall did not need to be reconfigrued with a rule allowing the Direct Play ports (2302-2304 local/2300 remote) although it does require me to do this when trying to run the server as admin.