|
Hi
I wonder how NuFW performs application control. The
only piece of software that can decide the application name is a
NuFW client. But the client side is under user's control, so he/she can
install a client of his/her choice: perhaps a cracked version of the client that
sends bogus information about the application being used. For example, he/she
wants to use "/usr/local/bin/rsh" but finds out that only "/bin/ssh" is
admitted. A custom client can replace the application name
with "/bin/ssh" for all the packets. The imprtant point is that the
user need not be aware of such a forgery as a malware can do all the work. Any
remarks?
--Muhammad
|