On Mon, 11 Dec 2000, Stephen Gutknecht (firewalls) wrote:
> Someone want to explain to me how a "real firewall" like Checkpoint
> Firewall-1 would prevent such a trojan any better than a personal firewall
> package? What is "new" about this?
Idiots don't generally have FW-1's on their desktops where they can run
code? Nothing is new about it in the least bit.
> case. The point is, the story talks about the trojan programs as if it is
> an unknown one (otherwise even with a personal firewall, wouldn't the virus
> scanner catch the trojan)?
It's a fairly recent thing that AV companies have started going after
popular trojans, and they're still not sure they should be as far as I can
tell. Certainly they won't catch a custom trojan. Worse-yet, the list of
executable content types for Win* is atrociously long, and once you get
that first code to execute, it's pretty much game over, even if it
doesn't make the connection itself..
> or am I overlooking something big here?
Nope, you've hit the proverbial nail on the proverbial head.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
