Category Archives: Security

Windows firewall adventures

1 Reply

At work, I needed to block outgoing IP connections in order to inspect the behavior of our product.

I thought: why not use the native, Windows Firewall for that? Oh. Controlling outgoing connections is not supported by windows firewall (w2k3, at least). lame.

So I went on and searched the net for free windows firewalls. And.. I couldn't find anything good which is really free. So I've started looking for less-free firewalls, and found the Kerio firewall which is a trial version which expires if you don't pay them $$s.

It was pretty good actually, and satisfied my needs.

[30 days later]

Why is this VM so slow?? Remote desktop doesn't work.. After chasing the wrong error message problem, I've tried logging in through the vmware console. Then I've noticed this little balloon on the systray saying something like "Kerio firewall trial has expired; limiting bandwidth to 4kb/sec". OHHH that's just a great attitude!

Don't let them make you stupid

Leave a reply

I've encountered few posts about a security expert claiming he can easily steal gmail sessions. Very interesting and frightening, eh?

A little more reading reveals that he just got the Session ID by sniffing an unencrypted WiFi network. Same thing can probably be done on any non-ssl web application. I wonder how this boring and misleading article got even into Slashdot.