|
Firewall
Information
Dictionary:
"Computer
Science:
Any
of a number of security schemes that prevent unauthorized
users from gaining access to a computer
network or that monitor transfers of information to and
from the network."
LockDown
Corp. has been watching different Trojan writers and hacker
groups for a long time. The current topic that virtually
all of them have in common is, how do you get around the
regular everyday firewall. Mostly everyone is in agreement,
that changing firewall configuration files is an endless
task. Therefore, a large majority has decided that firewall
tunneling should be added as default options in their trojan
servers. For this reason LockDown Corp. has been hard at
work on solutions that surpass the average firewall program.
Firewall
tunneling is now being added to Trojans
Now
that Trojans are tunneling firewall ports, there needs to
be a second line of defense. LockDown Millennium covers
these areas thoroughly.
Another
method that hackers are using to get around current firewall
software, is to embed a trojan server into a trusted program.
We have found while testing the new LockDown Millennium,
legitimate publicly
used programs that have back doors and options
to do that following:
1.Send
an email, ICQ or IRC message when the program is in use.
2.Give
the IP address being used by the program.
3.Allow
a connection to the computer to browse, download and upload
to the computer using the utility.
Regular
firewall protection virtually always stops at this point,
because these programs are trusted by the firewall and the
connections are not reported.
LockDown
Millennium works differently than any other firewall software.
Although
LockDown does have some blocking options, we prefer to monitor
rather than block access.
When
the average user runs the everyday firewall program he often
ends up blocking his normal programs. The average user does
not know how to configure the firewall or what ports to
allow or deny. Messages or data is lost, programs stop working
and then the frustration begins. Regular firewall programs
only block connections to the computer, they do not monitor
configuration areas, neither do they contain trojan signatures
or scan for trojan horse programs. LockDown Millennium protects
you in all of these areas.
A
regular firewall program is similar to a large electric
fence built around a house.
LockDown Millennium is like a trained
dog waiting inside, that stops the bad
guy who tunnels under the fence.
LockDown
Millennium
The
Millennium version of LockDown is for the serious computer
user that wants the ability to know everything about connections
being made to his computer and have maximum control. Every
hacker
trick and every trojan type has been taken into
account during the years that it took to develop the LockDown
Millennium.
LockDown
Millennium Monitoring Includes:
Generics
Monitor
The
generics module in LockDown Millennium will detect Internet
Servers without blocking your Internet connections. You
can view and remove all startup programs from a single window.
This includes programs starting up from the system registry,
configuration files and even third party programs, such
as ICQ. Any trojan infecting your system will need to startup
after you reboot. LockDown Millennium has every startup
method covered with an easy popup window warning message
to undo any changes. The Internet Servers window is provided
and displays all Internet programs in memory. Unknown trojans
can easily be seen by turning off all of your Internet programs
and viewing this window.
If
the user was to execute an unknown / undetectable trojan
on his computer, this is what he would see:
1.
A popup message indicating that a program was added to startup
and an option to undo it.
2.
A second popup warning that a new Internet untrusted server
is running and options to remove it from startup (if it
has a startup method). There are also options to kill the
server, autokill it in the future or add it to the trusted
list.
3.The
Trojan scanner program will also detect and remove it, if
it is a known trojan.
Port
Monitor
You
can monitor your choice of Trojan and known ports or all
65,535 ports on your computer. Users can add their own ports
to monitor or remove any port of their choice. An option
for port range has also been added, so that you can monitor
a range of ports under one description or send an email
notifying of the connection for common programs used on
the machine, such as, PCAnywhere or other remote access
programs. Each connecting IP address is automatically saved
to a connection window, for easy tracing options.
Connection
Monitor
With
the Connection Monitor you can see every connection being
made to your computer. It displays and logs all of the connecting
IP addresses for each port and also lists all listening
ports.
Process
Monitor
The
Process Monitor displays every program running on your computer,
including hidden trojan programs, this is important because
most Trojans hide themselves from Windows and the Windows
close program window. The Process Monitor displays the complete
program path of every program running, every DLL file and
module used by the program. It even identifies whether or
not the program is capable of using the Internet. If you
desire, you can also right click on a program listing of
your choice and "end task" for a clean kill of
the running program.
Trojan
Monitor and Cleaner
The
LockDown Millennium Trojan Scanner is not just a program
that will do a manual scan for trojan files across your
drive, it will automatically scan changed folders and processes
that start or run on your computer. In addition, the
Trojan Scanner allows you to configure email warning messages
that are sent when trojans are detected.
Share
Monitor and Blocker
With
the LockDown Millennium Share Monitor you can allow or deny
access to network shares and report problems that may exist
in your shares configuration. You can configure warning
levels based on the incoming IP address for allowed users
and configure your shares and passwords from the LockDown
Millennium Shares menu. The Share Monitor will also log
accessed files and failed connection attempts.
Net
Utils
The
LockDown Millennium Net Utils allows you to find information
about an IP address or domain name that is attempting to
connect to your computer. The featured programs include:
Trace Route, WhoIs, Finger, Ping and NsLookup.
|
