[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nufw-users] application control
|
From: |
Eric Leblond |
|
Subject: |
Re: [Nufw-users] application control |
|
Date: |
Wed, 26 Oct 2005 13:05:33 +0200 |
Le mercredi 26 octobre 2005 à 12:34 +0330, Muhammad a écrit :
> Hi
>
> I wonder how NuFW performs application control. The only piece of
> software that can decide the application name is a NuFW client. But
> the client side is under user's control, so he/she can install a
> client of his/her choice: perhaps a cracked version of the client that
> sends bogus information about the application being used. For example,
> he/she wants to use "/usr/local/bin/rsh" but finds out that only
> "/bin/ssh" is admitted. A custom client can replace the application
> name with "/bin/ssh" for all the packets. The imprtant point is that
> the user need not be aware of such a forgery as a malware can do all
> the work. Any remarks?
No, this is a well known issue and I thought it was documented somewhere
on the nufw website. I put it on my TODO list.
BR,
--
Eric Leblond <address@hidden>