Forums Últimos mensajes - Powered by IBM
 
Tags Palabras claves

Firewall de Xp tiene una puerta atras????

27/02/2005 - 22:01 por yudego | Informe spam
Ayuda Hacer una pregunta
Windows Firewall Has A Backdoor
Posted at 2005-02-19 20:00:00 GMT
http://habaneronetworks.com/viewArticle.php?ID4

I was just poking around with the Windows Firewall on my system. When
I went to look at the exceptions, I was confronted with an entry that
I couldn't recognize, rk.exe. Rk.exe was allowed full access to and
from my computer. I did a quick search for rk.exe on the internet and
came across ProcessLibrary's website which stated the following about
rk.exe:

rk.exe is a process that belongs to a software from RelevantKnowledge.
The software monitors how you use the Internet as well as displays
various surveys in popup windows. This process should be removed to
protect your personal privacy. For more information visit their
privacy policy agreement at
http://www.relevantknowledge.com/Agreement.htm

Let's see, RelevantKnowledge, um, never heard of them, I know what
software I have installed, and none is from this company. Anyway, what
else does it say? Um, 'The software monitors how you use the
Internet', well, this can't be too good, ok then, how about 'displays
various surveys in popup windows'. so let's add it up:

Never heard of the company Bad
Monitors My Internet Activity Bad
Displays Popups Bad


Well, to me, this does look like spyware and adware. It is spyware
because it is monitoring and probably recording information about
where I am going and what I am doing on the Internet. It is also
adware because of the nice popups it will provide me.

Well, I actually have never seen any activity from rk.exe on my
system, and infact, the file doesn't even exist. I must have cleaned
it out with a spyware remover like, AdAware or Webroot's Spysweeper.
The point of the matter is that this entry has found it's way into my
Windows Internet Connection Firewall Exceptions list without my
knowledge. And as it turns out, isn't that hard to do.

As long as the person currently logged into the computer has
Administrative privileges, an application can easily add an entry into
the
HKEY_LOCAL_MACHINE/SYSTEM/Services/.../FirewallPolicy/StandardProfile/AuthorizedApplications/List/
key that will allow any application full rights to and from the
computer without the user's interaction or knowledge.


Just because you think that Microsoft and their supposedly secure
Windows Firewall is running doesn't mean that you're safe. You must
check the settings of the firewall regularily. Always scan your system
at the minimum once a week with the anti-spyware tools and ensure that
you run SpywareBlaster everytime you use your computer.

For more information about SpywareBlaster please visit here, for more
information about anti-spyware and anti-adware products, please read a
full review of the top 5 ad / spyware fighters at:
http://habaneronetworks.com/viewArticle.php?ID•.


If you are currently using Window's own firewall to protect you,
either ensure that there are no unknown exceptions or find a better
firewall.


PS. If you are ever unsure about a process, head on over to Process
Library and search for the running processes name.


I have added another article that explains that Microsoft's
AntiSpyware Beta also ignores any changes to the registry for this
key.
You can read the article here
http://habaneronetworks.com/viewArticle.php?ID6
email Siga el debateRespuesta 3 respuestasRespuesta Tengo una respuesta
DRAGON AGE™: INQUISITION – Matadragones
 

Leer las respuestas

#1 yudego
27/02/2005 - 22:10 | Informe spam
SemiP, no por falsificarme ahora, va a desmerecer mi
mensaje de acusacion inferior.

Y con respecto a ese tema, ya lo planteaste el otro dia y
te lo rebatieron los tecnicos. Sigue pareciendome que te
gusta la prensa amarilla pero no la entiendes. Ni la
respuesta de los tecnicos y solo quieres menospreciar a
Microsoft.



Windows Firewall Has A Backdoor
Posted at 2005-02-19 20:00:00 GMT
http://habaneronetworks.com/viewArticle.php?ID4

I was just poking around with the Windows Firewall on my


system. When
I went to look at the exceptions, I was confronted with


an entry that
I couldn't recognize, rk.exe. Rk.exe was allowed full


access to and
from my computer. I did a quick search for rk.exe on the


internet and
came across ProcessLibrary's website which stated the


following about
rk.exe:

rk.exe is a process that belongs to a software from


RelevantKnowledge.
The software monitors how you use the Internet as well


as displays
various surveys in popup windows. This process should be


removed to
protect your personal privacy. For more information


visit their
privacy policy agreement at
http://www.relevantknowledge.com/Agreement.htm

Let's see, RelevantKnowledge, um, never heard of them, I


know what
software I have installed, and none is from this


company. Anyway, what
else does it say? Um, 'The software monitors how you use


the
Internet', well, this can't be too good, ok then, how


about 'displays
various surveys in popup windows'. so let's add it up:

Never heard of the company Bad
Monitors My Internet Activity Bad
Displays Popups Bad


Well, to me, this does look like spyware and adware. It


is spyware
because it is monitoring and probably recording


information about
where I am going and what I am doing on the Internet. It


is also
adware because of the nice popups it will provide me.

Well, I actually have never seen any activity from


rk.exe on my
system, and infact, the file doesn't even exist. I must


have cleaned
it out with a spyware remover like, AdAware or Webroot's


Spysweeper.
The point of the matter is that this entry has found


it's way into my
Windows Internet Connection Firewall Exceptions list


without my
knowledge. And as it turns out, isn't that hard to do.

As long as the person currently logged into the computer


has
Administrative privileges, an application can easily add


an entry into
the
HKEY_LOCAL_MACHINE/SYSTEM/Services/.../FirewallPolicy/Sta


ndardProfile/AuthorizedApplications/List/
key that will allow any application full rights to and


from the
computer without the user's interaction or knowledge.


Just because you think that Microsoft and their


supposedly secure
Windows Firewall is running doesn't mean that you're


safe. You must
check the settings of the firewall regularily. Always


scan your system
at the minimum once a week with the anti-spyware tools


and ensure that
you run SpywareBlaster everytime you use your computer.

For more information about SpywareBlaster please visit


here, for more
information about anti-spyware and anti-adware products,


please read a
full review of the top 5 ad / spyware fighters at:
http://habaneronetworks.com/viewArticle.php?ID•.


If you are currently using Window's own firewall to


protect you,
either ensure that there are no unknown exceptions or


find a better
firewall.


PS. If you are ever unsure about a process, head on over


to Process
Library and search for the running processes name.


I have added another article that explains that


Microsoft's
AntiSpyware Beta also ignores any changes to the


registry for this
key.
You can read the article here
http://habaneronetworks.com/viewArticle.php?ID6
.

Preguntas similares

 

Busqueda sugerida :