TIP: Click on subject to list as thread! ANSI
echo: nthelp
to: Paul Ranson
from: Rich
date: 2005-09-14 08:42:06
subject: Re: firewall configuration
From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_007C_01C5B908.302B53F0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   You can't keep out the admin for several reasons.  You can make it =
more tedious but it would be nothing more than window dressing.  The =
admin owns the machine.  Also, if there is any UI to allow a user to =
configure the software, which clearly needs to exist, then there by =
definition is a means to make changes.

   Basically, if malware is already running on a system it can do =
whatever the user account under which it is running can do.

Rich

  "Paul Ranson"  wrote in message =
news:4327067b{at}w3.nls.net...
  So what they're saying is that if they own your machine they can =
disable the=20
  firewall?

  Seems like another statement of the blindingly obvious. When are =
people=20
  going to stop falling for it?

  FWIW is there any firewall that the administrator or root cannot turn =
off?=20
  Would it be sensible software design to disallow the machine's owner =
from=20
  configuring it?

  Paul

  "Geo."  wrote in message =
news:4326e8a9$1{at}w3.nls.net...
  > The following security advisory is sent to the securiteam mailing =
list,=20
  > and
  > can be found at the SecuriTeam web site: http://www.securiteam.com
  .


------=_NextPart_000_007C_01C5B908.302B53F0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   You can't
keep out the =
admin for=20
several reasons.  You can make it more tedious but it would be =
nothing more=20
than window dressing.  The admin owns the machine.  Also,
if = there is=20
any UI to allow a user to configure the software, which clearly needs to = exist,=20
then there by definition is a means to make changes.
 
  
Basically, if malware is =
already=20
running on a system it can do whatever the user account under which it = is=20
running can do.
 
Rich
 

  "Paul Ranson" <paul{at}barkto.com>">mailto:paul{at}barkto.com">paul{at}barkto.com>
wrote in =
message news:4327067b{at}w3.nls.net...So=
 what=20
  they're saying is that if they own your machine they can disable the=20
  firewall?Seems like another statement of
the blindingly =
obvious.=20
  When are people going to stop falling for
it?FWIW is there =
any=20
  firewall that the administrator or root cannot turn off? Would it =
be=20
  sensible software design to disallow the machine's owner from =
configuring=20
  it?Paul"Geo." <fake{at}barkdom.com>">mailto:fake{at}barkdom.com">fake{at}barkdom.com>
wrote in =
message news:4326e8a9$1{at}w3.nls.net...=
>=20
  The following security advisory is sent to the securiteam mailing =
list,=20
  > and> can be found at the SecuriTeam
web site: http://www.securiteam.com.;=">http://www.securiteam.com.http://www.securiteam.com">http://www.securiteam.com.;=


------=_NextPart_000_007C_01C5B908.302B53F0--

--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
SEEN-BY: 633/267 270 5030/786
@PATH: 379/45 1 106/2000 633/267
SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.