Manual Outpost Firewall Versie 4.0 (page 97 of 100) (English)

46516

Zoom out

Zoom in

1/100

Appendix C: Penetration Techniques

Here the point is program interactivity through the SendMessage, PostMessage API, and so

on. This technique is sometimes used for legitimate inter-process interactivity, but can

likewise be used for nefarious purposes by perpetrators.

Outpost Firewall Pro controls such attempts.

Active Desktop modification

Installing the specific HTML file for Active Desktop, malicious processes can transfer

private data on behalf of Windows Explorer. The example of using this technique is

Breakout leaktest (

http://www.firewallleaktester.com/leaktest16.htm).

Outpost Firewall Pro controls such attempts to steal data by bamboozling the firewall.

DNS query submission

DNS Client service contains potential vulnerability called DNS tunneling. The main point

is that malicious code can transfer and receive any information using correct DNS packets

to the correctly configured operating DNS server. The example of using this technique is

DNSTester leaktest (http://www.klake.org/~jt/dnshell/).

Outpost Firewall Pro performs double verification of access to the DNS Client service,

providing a more secure system. This enables control access to DNS API even with the

DNS Client service on, benefiting users who, out of compatibility concerns, cannot disable

this service themselves. This functionality allows assigning permissions to a specific

process for using the DNS Client service.

Application launch with URL

Malicious processes can launch the default web browser with a pre-configured web address

in a hidden window, making the firewall believe a legitimate action is taking place.

Firewalls that explicitly trust an application without looking beyond on who actually

launched it in the first place and what additional connection parameters are supplied are

unable to challenge the technique, meaning sensitive data could leave the computer past

them. The examples of using this technique are Tooleaky and Ghost leak tests

(

http://www.firewallleak tester.com/leak test2.htm, http://www.firewallleak tester.com/leak

test13.htm).

Outpost Firewall Pro watches every program started on a computer and controls who has

the permission to start a program with a target URL and will prompt a user if such activity

should be permitted for a particular program.

Application launch with command line parameters

Several firewalls are exposed to a vulnerability of a predatory code launching the default

web browser with command-line parameters, allowing to circumvent the existing

protection because the firewall is made to believe the legitimate application is performing

Report abuse

Libble takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Product:

Forumrules

To achieve meaningful questions, we apply the following rules:

First, read the manual;
Check if your question has been asked previously;
Try to ask your question as clearly as possible;
Did you already try to solve the problem? Please mention this;
Is your problem solved by a visitor then let him/her know in this forum;
To give a response to a question or answer, do not use this form but click on the button 'reply to this question';
Your question will be posted here and emailed to our subscribers. Therefore, avoid filling in personal details.

new questions and answers
new manuals

You will receive an email to register for one or both of the options.

Get your user manual by e-mail

Enter your email address to receive the manual of Outpost Firewall Versie 4.0 in the language / languages: English as an attachment in your email.

The manual is 2,59 mb in size.

You will receive the manual in your email within minutes. If you have not received an email, then probably have entered the wrong email address or your mailbox is too full. In addition, it may be that your ISP may have a maximum size for emails to receive.

The manual is sent by email. Check your email

If you have not received an email with the manual within fifteen minutes, it may be that you have a entered a wrong email address or that your ISP has set a maximum size to receive email that is smaller than the size of the manual.

The email address you have provided is not correct.

Please check the email address and correct it.

Your question is posted on this page

Would you like to receive an email when new answers and questions are posted? Please enter your email address.

Info

Outpost Firewall Versie 4.0 Manual

Product: