comp.security.firewalls archive
Re: Recurrent question
From: Ansgar -59cobalt- Wiechers <usenet-2005@planetcobalt.net>
Date: Tue Dec 13 2005 - 14:04:52 CET
Date: Tue Dec 13 2005 - 14:04:52 CET
Kerodo wrote:
> Ansgar -59cobalt- Wiechers wrote:
>> You can configure and maintain any personal firewall as properly as
>> you like, it still can't prevent applications from communicating
>> outbound, if the applications are smart enough to reconfigure,
>> disable or bypass the personal firewall. Period.
>>
>> http://www.copton.net/vortraege/pfw/en.html
>
> Let's be *practical* though. I would say that in 95% of the cases,
> the personal firewall would prevent the outbound attempt. Well, might
> be 99%, I don't know.
Might be 1% as well. Like you said: you don't know. That's why personal
firewalls can't enforce *security* the way they propose.
cu
59cobalt
-- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on BugtraqReceived on Fri Dec 23 20:07:27 2005