[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Trojans & spyware imitating alowed trafic
Kim, If you use the security servers, they will provide this for you. Also protocols defined in inspect will (atleast to a certain degree) do this. All other protocols that are defined by a tcp/udp port will not do this. ZoneAlarm OTOH is a personal firewall, which works in a totally different way that fw1. As a personal firewall it doesn't care about ports, but rather about applications. It stores each applications identity as a MD5 hash, so if you allow an application to access the internet, Zonealarm will notice if the application change or the executable is replaced. Lars -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Kim S. Lohse Sent: Saturday, July 07, 2001 20:44 To: [email protected] Subject: [FW1] Trojans & spyware imitating alowed trafic Hey all' I was wondering if anybody knows how to prevent programs such as Trojans and spy ware from imitating allowed traffic such as FTP by using the same port? I know that ZoneLabs' free ZoneAlarm prevents this by cryptographically certifying the identity of executable programs. But how do I do some thing similar with FW-1? -------------------------------- Kim S. Lohse Partner ITWorx I/S Rolfs Plads 7, 4. th. 2000 Frederiksberg Denmark Phone: +45 3879 1543 Web: http://www.itworx.dk E-mail: [email protected] -------------------------------- ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|