Bugtraq mailing list archives
Re: Advisory:Multiple Vulnerabilities in ZoneAlarm
From: Ian Bryant <ian () bryant-associates co uk>
Date: Sun, 24 Dec 2000 12:31:38 -0000
I don't agree. The window of opportunity is 1.) Very small and 2.) Undetectable. The unreported port scans while they do not give the user any warning or information, they also do not give the attacker any information so I do not see where the harm is.Where there is a window there is a way. Including the NT permission structure. Very simple. It needs to be fixed. And as the advisory states: Multiple Vulnerabilities in ZoneAlarm
Whereas I agree it would be desirable for ZoneLabs to fix any notified vulnerabilities, I share the view that in terms of RISK the issue is of limited importance until an exploit can be devised that can take advantage of the theoretical weakness. To some extent the NT permissions issue is a red herring, as the main community of use for this product is the home users, who will probably be running one of Microsoft's "Consumer" operating systems (Win9x range - lest we forget WinME is basically "Windows 4.4") which don't have any built in security to speak of anyway. In terms of overall risk, the 80:20 rule suggests products like ZoneAlarm, even if flawed, are to be applauded, as at least it mitigates against the ever growing risk to the rest of the internet community from inexperienced home users with "always on" connections: this large and growing pool is a very tempting target for Black Hat Hackers who want to set up DDOS zombies .... Ian Bryant Senior Partner (ICT) Bryant Associates -- mailto:ian () bryant-associates co uk
Current thread:
- Advisory:Multiple Vulnerabilities in ZoneAlarm alerts (Dec 21)
- <Possible follow-ups>
- Re: Advisory:Multiple Vulnerabilities in ZoneAlarm Steve (Dec 21)
- Re: Advisory:Multiple Vulnerabilities in ZoneAlarm foobar (Dec 22)
- Re: Advisory:Multiple Vulnerabilities in ZoneAlarm Ian Bryant (Dec 26)
- Re: Advisory:Multiple Vulnerabilities in ZoneAlarm Stephen M. Milton (Dec 27)
- Re: Advisory:Multiple Vulnerabilities in ZoneAlarm Ian Bryant (Dec 26)