Part II: calling all hackers/crackers ... which firewall do you use?

Discussion in 'other firewalls' started by liquid8, Jul 13, 2005.

Thread Status:
Not open for further replies.
  1. liquid8

    liquid8 Guest

    I feel guilty because I shredded Part I (although snappy provided some further explanations which is good) ... ;-)

    Here is an answer which is on topic:

    " I want to ask the ones who accually are hackers/Crackers {either color hat} which firewalls they use to protect their Pc's from the "baddy's".

    Real hackers generally use Linux. Moreover, hackers are generally not interested in single user systems protected by personal firewalls (/w application filtering). Their targets are commercial networks which are generally protected by a router (including a port firewall). If possible, the hacker will attack a system far behind the router (e.g., the infection vector may be an e-mail sent to such system).

    Pseudo-hackers also target home users (who protect themselves with personal firewalls running on a Windows OS). Such hackers frequently use reliable trojans (like Bifrost or good 'ol Optix Pro (in connection with a traversal tool)) which can bypass personal firewalls. In addition, a windows rootkit maybe employed. A good firewall like Outpost Pro (assuming that it runs stable on your system) will partially protect you from such threats. However, even an advanced personal firewall like Outpost Pro can be bypassed if it is not running as a part of a layered security scheme.
     
  2. lynchknot

    lynchknot Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    904
    Location:
    SW WA
    He probably does not use windows for his personal in the first place as he probably is much like: ~snipped link - TOS violation~ - A hardware firewall is first and foremost (router). A few probably run smoothwall.
     
    Last edited by a moderator: Jul 13, 2005
  3. mytfastss

    mytfastss Registered Member

    Joined:
    Jul 9, 2005
    Posts:
    6
    Thanks for restarting my Original thread.......

    Is Norton NIS 02/03 weaker then most firewalls, when configured Properly?

    I,ve seen the Leaktests for NIS 2005 and was wondering if Norton is falling behind in their Firewall Technology. Outpost 2.5/S'n'L seem to be my next trek into the firewall wars.

    So, what you're saying is, hackers/Crackers wouldn't even bother with the Commercial off the shelf firewalls we all use on M$ Operating systems??

    I figured, when I started the thead, why not hear it from the ones who break through these firewalls as a hobby/just for fun.

    Again, I use Norton NIS 2003 and it seems to work fine until i apply some of those tests over @ leaktest like ghost/copycat/Ect...and realize im very open to attack..
     
  4. Liquid8

    Liquid8 Guest

    "So, what you're saying is, hackers/Crackers wouldn't even bother with the Commercial off the shelf firewalls we all use on M$ Operating systems??"

    Correct. Why should they? They are not interest in home users' machines but in commercial networks. Such networks are generally not protected with desktop firewalls.

    "Again, I use Norton NIS 2003 and it seems to work fine until i apply some of those tests over @ leaktest like ghost/copycat/Ect...and realize im very open to attack.."

    If you want to perform a realistic test you should do the following: switch off your AV/AT scanner (this simulates that you are infected with an unknown variant of a malware sample), install the Hacker Defender Rootkit, install a DLL trojan like Coldfusion (which must be camouflaged by the rootkit). Establish a connection from another computer. Watch your firewall.

    Please do NOT perform this test before you have made a backup of your harddrive and educated yourself on rootkits, dll trojans and their mode of operation. I may not be available to help you out if you fail to uninstall the malware after you have performed such test ;-)
     
  5. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    lol, I guess this can be achieved like this :D
     
Loading...
Thread Status:
Not open for further replies.