Page 8 of 14 FirstFirst ... 567891011 ... LastLast
Results 71 to 80 of 140

Thread: Will Your Firewall Stop This?

  1. #71
    @ balamm..noob ya self..a failures a failure...
    if it was a real trojan then just about everyone was fucked...lol

    Bring your self over to the virus thread and lets see what else you got please..id like ya opinion on it..cough cough

  2. Internet, Programming and Graphics   -   #72
    Originally posted by balamm+--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (balamm)</td></tr><tr><td id='QUOTE'>
    Trojans don&#39;t ask you to click buttons so they can take a screen shot while connected to a trusted zone and send it back to a trusted site. No they don&#39;t&#33; [/b]


    Your right they dont. Whats your point?

    Originally posted by balamm+--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (balamm)</td></tr><tr><td id='QUOTE'>
    Just because it said "next" doesn&#39;t mean it&#39;s not an "OK" button.

    You failed the test, not your firewall. [/b]


    eh?

    edit: Ah I see. You think that the only way a trojan could achieve this is by getting the user to click buttons? No my friend. The loading and unloading of DLL&#39;s happens without user interaction all the time.

    Originally posted by balamm

    Hijacked? Hijacked what?

    Hijacked your brains
    right...

    The DLL hijacked a trusted application and the vast majority of firewalls dont notice regardless of their configuration. Do you even know what a DLL is??


    I bet every one of you also has NetBIOS over TCP/IP installed too. "file and printer sharing". This isn&#39;t for "filesharing" with peer to peer programs, this is for allowing others access to your files and printer with no program and very little authorization needed. WISE UP.
    No I dont have it enabled. But thats got nothing to do with this at all. Whos the NOOB now?

    <!--QuoteBegin-balamm
    @

    If you can&#39;t figure out how to disable this crap, then at least check your firewall settings for it.
    [/quote]

    I disabled it and my firewall still failed the test. Whats your point?

    <!--QuoteBegin-balamm

    Or stay stupid and run off and look for some other software to make up for the damage caused by your abuse of illegal substances [/quote]

    I see your wit is matched only by your logic

    btw I&#39;m a 2nd year computer science student with a lot of experience in network programming. Nothing you&#39;ve said is even related to this topic of DLL hijacking. It is you who needs to be educated not us

  3. Internet, Programming and Graphics   -   #73
    I hate know it alls ...lol

    @Balamm...whoever said it was a trojan?
    Have a look at the name on the thread...lol

    Basically this tests your firewalls outgoing connections, and i know your firewall failed..that mustve been a blow to the old ego :helpsmile:
    Please research a little more before misinforming people..you dont know it all so dont pretend to..
    noob? u the only noob here mate... B)

  4. Internet, Programming and Graphics   -   #74
    I failed, maybe thats because I dont have a firewall. Comeone someone hack me, and get pass my NAT



  5. Internet, Programming and Graphics   -   #75
    RGX's Avatar Unstoppable
    Join Date
    Mar 2003
    Posts
    3,012
    Zone Alarm all the way, secure and tight

  6. Internet, Programming and Graphics   -   #76
    wormless's Avatar Beauty
    Join Date
    Aug 2003
    Location
    uk
    Age
    45
    Posts
    1,077
    what about xp&#39;s?

  7. Internet, Programming and Graphics   -   #77
    what about xp&#39;s?
    XP&#39;s firewall? Worse than useless

    It only blocks incoming packets not outgoing.

    Apparently they&#39;re going to release a new implementation of it in service pack 2, but I recommend you stick to one that isnt vulnerable to this DLL hijacking attack.

    I recommend Zone Alarm, but make sure you follow the instruction in this thread and enable component control.

  8. Internet, Programming and Graphics   -   #78
    That component control makes or breaks Zone Alarm...
    Good post on how to get around it with Z/A leftism


    heres some comments from elsewhere that give you a REAL explanation of whats going on, not just some halfwits pathetic excuse for why his/her firewall failed.

    Quote1
    The browser is not the only way pcAudit tries to get out to the internet. My understanding is that it scans all the active processes in your computer, trying to find one which has the ability to connect to the internet. This could be your instant msg, your antivirus live update, your webcam, etc.
    Then pcAudit piggybacks on the component to sneak out of your computer.

    Sygate Personal Pro 5.5.2513: FAILED
    Sygate has intercepted some outbound attempts that I answered "Block". However at the end pcAudit could connect to its home, probably through a component that I previously enabled access to the Internet. I&#39;ve made several tests, shutting down some more resident programs. Each time Sygate fails. It would be ironical if pcAudit could use Sygate itself to get to the Internet.

    ZoneAlarmPro 4.5.538: PASSED
    ZAP asked permission at every outbound attempt. Some of them I don&#39;t even know that could connect to the Internet like CTHelper (SB Live), LVCom Server (Logitech Webcam). I told ZAP to block all of them. At the end, pcAudit is stuck.


    Quote2
    In my understanding this is a test to simulate a hacker attack into your system, so instead of pursuing for another firewall for the 100th time I just installed this app: CODE
    http://maxcomputing.narod.ru/ssme.html?lang=en

    and enable the "Watch App Activity" in it. It catches the dll injection that pcaudit tries to do in your browser. If you try to run pcaudit it will crach and leave a log file. You wonīt see the pcaudit screen saying that your firewall passed, but as its simulates a hackers attack, the fact that it canīt even run, I think is even better.

    And in the pestpatrol website says that it catches pcaudit, but since I donīt have it I donīt know if this information is correct.
    End Quote 2

  9. Internet, Programming and Graphics   -   #79
    Poster
    Join Date
    Mar 2003
    Posts
    3,582
    It failed because I allowed it to fail.

    If you&#39;re stupid enough to accept this "package" and run it, then don&#39;t blame it on your firewall.

    @leftism, It might not be too late to ask for a partial refund. 2 years and still haven&#39;t picked up any common sense.... that&#39;s a real problem.

    According to your logic, every element and every script on a page should be blocked by the firewall... untill you ok it.

    So I sat and watched this program for some time to test your theory that it could do something on it&#39;s own, that a .dll would magically take the initiative.
    Nope, nothing.

    I had to physically press a button, several in fact, allowing it to do what it was coded to do.

    At which point it did what I had allowed it to do. These are the .DLL&#39;s it called -

    The new DLLs have been loaded:
    C:&#092;WINNT&#092;system32&#092;caboview.dll
    C:&#092;WINNT&#092;system32&#092;ws2help.dll
    C:&#092;WINNT&#092;system32&#092;ws2_32.dll
    C:&#092;WINNT&#092;system32&#092;wsock32.dll
    C:&#092;Program Files&#092;TechSmith&#092;SnagIt 7&#092;msvcr71.dll
    C:&#092;WINNT&#092;system32&#092;umdmxfrm.dll
    C:&#092;WINNT&#092;system32&#092;serwvdrv.dll
    C:&#092;WINNT&#092;system32&#092;msvcrt.dll
    C:&#092;WINNT&#092;system32&#092;ADVAPI32.DLL
    C:&#092;WINNT&#092;system32&#092;GDI32.DLL
    C:&#092;WINNT&#092;system32&#092;USER32.DLL
    C:&#092;WINNT&#092;system32&#092;KERNEL32.DLL

    Then, at the continue prompt,

    The new DLLs have been loaded:
    C:&#092;WINNT&#092;system32&#092;mvbscript.dll
    C:&#092;WINNT&#092;system32&#092;msrating.dll

    And if you don&#39;t want these things communicating next time you&#39;re stupid enough to press that button, here&#39;s where you configure that.



    All the software you need is right in front of you and you just can&#39;t see it. All you gotta do is use a bit of logic and common sense to figure it out.

    It&#39;s easier to make excuses though isn&#39;t it.

  10. Internet, Programming and Graphics   -   #80
    youve just proven to the whole board that your the only one thats making excuses..
    what a dickhead B)

    you dont get the part that its simulating an outgoing attack,from maybe running a key gen to installing some dodgy software...
    ever since ive seen you on this board balaam youve got an excuse for everything..
    Youve proven to the board without a doubt your a nothing...

Page 8 of 14 FirstFirst ... 567891011 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •