Hi Michael,
I've found an interesting Program to check firewalls. It demonstrates the ability to connect to internet via other programs which are allowed to connect. (Trojan Horses) Is it possible to block the program from accessing the internet via a stand-alone router ?
--> A router cannot detect which program sent the package. It can deny access to certain IP ranges and/or certain port ranges.
http://www.pcinternetpatrol.com/downloads/pcaudit.exe Is this simply a program to panic users or is there a serious danger ?
--> I think it is to a large extent a program to panic users and promote the selling of their firewall. Once you download a program and install it on your computer, it can use the network. And you do not want to block ALL outgoing connections. If you have a very strict security police though, you can configure the firewall to only let browser "A" access ports 80,443 on the net and only SSH-client B to access port 22. But this will restrict your users and give them problems when using a different browser, an WWW server on a different port a.s.o. The important point IMHO is to teach users not to download programs from the internet without thorough checking of the intention of the program. And of course not to click on suspicious links or open Email Attachments. Regards, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50