Bugtraq mailing list archives
Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible
From: Jim Hill <bgtq () jhc org uk>
Date: Tue, 30 Apr 2002 15:43:47 +0100
BlueScreen in <014401c1ef8d$1bb66510$0100a8c0@BlueScreenPrimary>:
ATGuard can be fooled to think that a disallowed program is allowed to connect to the internet.
This is a well known problem and has been discussed at length on <http://grc.com/lt/scoreboard.htm>. A.M Janssen has written utility which monitors the hashes (SHA1, Ripe MD-160 or Haval) for the applications in AtGuard's ruleset <http://www.capimonitor.nl/nisfilecheck11.zip>. It has to be separately scheduled so it's not as good as real time checks by the firewall but very useful nonetheless.
Current thread:
- ITCP Advisory 13: Bypassing of ATGuard Firewall possible BlueScreen (Apr 29)
- AW: ITCP Advisory 13: Bypassing of ATGuard Firewall possible Jonas Koch (Apr 30)
- Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible BlueScreen (Apr 30)
- Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible Jim Hill (Apr 30)
- <Possible follow-ups>
- Re: ITCP Advisory 13: Bypassing of ATGuard Firewall possible UMusBKidN (Apr 30)
- AW: ITCP Advisory 13: Bypassing of ATGuard Firewall possible Jonas Koch (Apr 30)