Boot-time protection and risks

Discussion in 'other firewalls' started by nadirah, Nov 21, 2004.

Thread Status:
Not open for further replies.
  1. nadirah

    nadirah Registered Member

    Oct 14, 2003
    I would like to know about whether hackers or trojans are able to get into computers during the boot-up process before the main firewall program actually loads.
    Are the trojans and hackers able to get in before the firewall loads? Somebody please tell me.
    Do all firewalls have boot-time protection?
  2. AJohn

    AJohn Registered Member

    Sep 29, 2004
    I would think that if the firewall/AV/AT was loaded as a service then it would be loaded before the trojan or virus. It depends on what you use. Same goes for hackers, all depends on your protection being loaded as a service. The only exeption I know of is if the trojan or virus was also loaded as a service, or your netbios was somehow infected (unlikely)

    Check out
    Last edited: Nov 21, 2004
  3. TopperID

    TopperID Registered Member

    Oct 1, 2004
    As I understand it, there is a theoretical vulnerability at boot-up before the FW gets active - but of course it's a very short time frame for the hacker to get you. One of the features of the new XP SP2 FW, touted by Microsoft, is the greatly reduced window of opportunity for vulnerability due to it's enhanced speed of initiation.

    Indeed, and correct me if I'm wrong, I believe the SP2 FW gets going before my Zone Alarm and then gets switched off by ZA as soon as the latter is active. Be that as it may, if you're not connected to the internet at boot-up (because you are not on Ethernet) then I don't suppose it matters.
  4. mercurie

    mercurie A Friendly Creature

    Nov 28, 2003
    Sky over the Wilders Forest
    The Window of chance is very small. That is my understanding however, if that is of concern it is just one of several good reasons for that HardWare Firewall I believe in, no matter if protecting your single PC or your network, is a good idea. Downside more $$ to shell out for some who may not have it. Also consider your other layers of protection. It is also my understanding that the "germ" would not live long once it is caught by one of your other layers of protection set for real time checking. ;)
  5. no13

    no13 Retired Major Resident Nutcase

    Sep 28, 2004
    Wouldn't YOU like to know?
    It can get turned off during "the window of opportunity"...
    try using Kazaa with moderate security for 24 hours... my kerio was blasted off my pc, and I had to do a system restore. Point to note: Kerio runs as a service.
    Firewalls which claim to block this window: Sygate and Outpost amongst the more popular.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.