BACKSTEALTH

Older News. No Urls To Be Provided


Backstealth attacks firewalls
By Pedro Gomes
(clip)
April 30, 2002


According to Backstealth's author, Paolo Iorio, the program is designed to access a remote Web site and download a harmless text file without detection by the user's firewall. Iorio said Backstealth's network connections are invisible to many firewalls because it operates in the same space in the computer's memory that is allocated to the firewalls.

Reported by Brian McWilliams for Newsbytes from Italy, his article says that the utility is able to defeat blocking by Kerio Personal Firewall, McAfee Personal Firewall, Norton Internet Security 2002, Sygate Personal Firewall Pro and Tiny Personal firewall, but a representative of the latter said that their new version, which was released last week, is not vulnerable. Iorio himself said that the popular Zone Alarm personal firewall is not susceptible to an attack.

Tom Powledge, Symantec´s product manager, considers Backstealth just a "proof of concept" that poses no risk to users of Norton Internet Security. As a "proof of concept" is usually an abbreviated version of a software designed to show the best features of your product to a software publisher, Powledge is trying to diminish the importance of the firewall breaker. He even says that "Hackers are always going to come out with new ways to get around firewalls. But they all rely on executing code on your system. And that means they can be detected by anti-virus software", if the programs perform malicious activity.

Due to some doubts raised by other companies, a representative of ICSA Labs, which last year certified four of the vulnerable products, said the testing firm was still evaluating Backstealth.


- Fixed subject, LowWaterMark