Boot-time protection and risks

Discussion in 'other firewalls' started by nadirah, Nov 21, 2004.

Thread Status:
Not open for further replies.
  1. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    I would like to know about whether hackers or trojans are able to get into computers during the boot-up process before the main firewall program actually loads.
    Are the trojans and hackers able to get in before the firewall loads? Somebody please tell me.
    Do all firewalls have boot-time protection?
     
  2. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    I would think that if the firewall/AV/AT was loaded as a service then it would be loaded before the trojan or virus. It depends on what you use. Same goes for hackers, all depends on your protection being loaded as a service. The only exeption I know of is if the trojan or virus was also loaded as a service, or your netbios was somehow infected (unlikely)

    Check out https://www.wilderssecurity.com/showthread.php?t=35528
     
    Last edited: Nov 21, 2004
  3. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    As I understand it, there is a theoretical vulnerability at boot-up before the FW gets active - but of course it's a very short time frame for the hacker to get you. One of the features of the new XP SP2 FW, touted by Microsoft, is the greatly reduced window of opportunity for vulnerability due to it's enhanced speed of initiation.

    Indeed, and correct me if I'm wrong, I believe the SP2 FW gets going before my Zone Alarm and then gets switched off by ZA as soon as the latter is active. Be that as it may, if you're not connected to the internet at boot-up (because you are not on Ethernet) then I don't suppose it matters.
     
  4. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    The Window of chance is very small. That is my understanding however, if that is of concern it is just one of several good reasons for that HardWare Firewall I believe in, no matter if protecting your single PC or your network, is a good idea. Downside more $$ to shell out for some who may not have it. Also consider your other layers of protection. It is also my understanding that the "germ" would not live long once it is caught by one of your other layers of protection set for real time checking. ;)
     
  5. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    It can get turned off during "the window of opportunity"...
    try using Kazaa with moderate security for 24 hours... my kerio was blasted off my pc, and I had to do a system restore. Point to note: Kerio runs as a service.
    Firewalls which claim to block this window: Sygate and Outpost amongst the more popular.
     
Thread Status:
Not open for further replies.