Advanced Firewall

Posted on 2007-08-09
Medium Priority
Last Modified: 2013-11-05
I have software that runs on my computer, downloaded from a brokerage firm. I have added scripting to a charting software package from a third party that talks to the brokerage software via their API. My intellectual property is in the scripts I'm running. I have to give the brokerage sofware access to the internet to send orders to the brokerage. I am concerned about backdoors that may have been written into the brokers software that could upload my intellectual property to the brokerage url and then be stolen. In reading up on firewalling I see that it is largely concerned with url blocking and spoofing. I can get a stateful packet inspection box and set it up allow only necessary url but I would like to be able to control the type of information being sent to the brokerage, is that doable? Do I really have cause for concern?
Question by:maxpi
  • 3
  • 2

Expert Comment

ID: 19664202
If its third party then i would think that the scripts would not be "known" by their product and therefore not uploaded.

Also, normally they are just as concerend with Security and performance so the pinhole that they have setup to send/receive is most likely encrypted and only sends data specific elements back and forth.(as I believe you mentioned that it is only sending/receiving orders)

So yea, i wouldn;t worry too much about it, however, without knowing the Brokerage Application or the Scripts you wrote, its hard to say for sure.

Author Comment

ID: 19664648
Ok, they set up a pinhole, that makes sense. My supposition is that the brokerage is not aware of the backdoor a rogue coder put in their software but the coder knows their firewall and can sneak things across it. Maybe I should not be looking at firewalling but just blocking file access.. It's probably not hard to limit access to the script source code to only the third party software environment that it runs in. How difficult would it be to capture my [interpreted, I believe], running, script while it was running, upload it and reverse engineer it? Assume that the thief in the brokerage has access to my account and sees that I make lots of money with this script and therefore it is worth some effort to steal the script..

Author Comment

ID: 19664664
If the brokerage pinhole is encrypted does that frustrate a rogue coder from sneaking stuff across the firewall?

Accepted Solution

Brugh earned 500 total points
ID: 19664769
Normally, especially without highly protected data, such as financials(which I assume is what you mean by brokerage) the communication channel between client and sevrer will be ecrypted and limited as to what types of data is being sent. This is to protect both client and server.

Basically, its an EDI transmission which normally ONLY sends the encrypted "order form" if you will.  The server expects the transmission to be formatted exactly the same way each time.  In doing this, they can parse every packet that comes in the door to make sure its formatted correctly..etc.  

If, howveer, your scripts change the way data is presented to the brokerage, then you may have an issue.

 - Brugh


Expert Comment

ID: 19664851
^ Wow, that's what i get for typing while on the phone...  i got letters transposed all over the place. hehe


Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses
Course of the Month16 days, 12 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question