How Hackers Defeat Personal Firewalls

Ever get annoyed cause you wanted to place a trojan or a virus somwhere and a firewall wouldnt let you? Well if this firewall is one of the commercially made and distributed types such as Norton personal firewall, or Blackice Defender, and most any other comercially available firewalls it is very simple to exploit it and put anything you want behind it. Most personal firewalls work by having a preset rules database that has a listing of trusted applications that it will allow access to and from your computer. A simple modification of a rogue application such as a trojan horse or virus will allow the rogue application to have trusted access to your system. The modification requires no programming knowledge and can be done by anyone very easily. All you have to do is rename the rogue application to a name that the personal firewall knows is a trusted application.
For example if I take BackOrifice, the stealth remote control application, and rename it iexplore.exe, most personal firewalls will allow it to run without complaint. The same is true for any other trojan horse or virus.
Kinda neat huh?
There is only one readily available firewall that I cant use this with and thats zonealarm from zonelabs. http://zonelabs.com/
BTW my handle is natas and I look forward to upcoming issues of your newsletter. I haven't been hacking maliciously for years now, actually since i got caught in highschool and lost my priviliges to use a computer till i was 18. Please visit my homepage if youd like http://www.geocities.com/mystykalsystym/natas.html.
In-depth Information on Personal Firewalls

• Learn about them at the PC-Help web site, http://pc-help.org/
• See tests of personal firewalls at SecurityPortal.com. Many of those tested here are free and easy to use. They highly recommend the free Tiny Firewall.
• Sébastien Sauvage (sebsauvage@bigfoot.com, http://www.bigfoot.com/~sebsauvage,) recommends ZoneAlarm, "A free and very effective firewall. It can filter either incoming and outgoing network traffic. Latest version can even stop VBscripts (like the ILoveYou virus)." Carolyn Meinel also points out that ZoneAlarm tells you what kind of attacks are hitting you, and what computers are being used to attack. Great if you like to fight back, heh, heh. http://www.zonelabs.com
• Sybergen Secure Desktop is a free (to personal users) firewall with considerable power to customize. Read a review of this product.
• Another free firewall: eSafe Desktop.
• Click here for a review of Zone Alarm, Norton Personal Firewall and McAfee Personal Firewall.
• Reviews of F-Secure Corp., InfoExpress, Network ICE Corp. and Sybergen Networks personal firewalls.
• Vendor descriptions of 15 personal firewalls
• NeoWatch firewall and intrusion detection system, with free trial version. According to Leslie Kirsch <leona153@earthlink.net>, " Thought I'd let you know about a great firewall called NeoWatch 2.0 this program is the best I've had so far effectively it makes you invisible I mean all of your ports are in stealth and all netbios, telnet, ftp, http, finger, smtp, pop3, Ident, Imap, https. I know don't break out the champagne but I gotta tell you I've tried Blackice, Atgaurd, neotrace, zonealarm. This one tops them all. I've had other people I know scan all the way to 65,000 ports and up. They know what they are doing and can't find me. Effectively It looks like I'm disconnected. All you have to do is configure it properly. For some newbies that could be tricky. But any regular user of firewalls will figure it out no time flat"