Personal Firewall Products
Paul Brettle
Paul.Brettle at F-SECURE.COM
Thu May 11 11:44:46 EDT 2000
All,
Kind of off-subject but I did notice that the ZoneAlarm product was
mentioned about 1 month ago. It is a Personal Firewall type product and has
some interesting features. However, I have discovered that it has a big
loophole in the protection that it offers. If an attacker simply uses source
port 67 when connecting then it exposes all services on the ZoneAlarm
protected PC..!!
Not sure if it has been fixed, but take a look at :
http://www.nta-monitor.com/newrisks/may2000/zone.htm
I am lead to believe that it has been originally posted on BugTraq.
Hope this helps.
Cheers,
Paul
--
Paul Brettle Office: +44 (0) 1223 257 747
Product Consultant Mobile: +44 (0) 7901 550 625
F-Secure (UK) http://www.F-Secure.com/
(formerly Data Fellows)
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list