[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <016401c32b0a$66356af0$6e01a8c0@tekwiz>
From: ptourvi1 at twcny.rr.com (JT)
Subject: AW: Zone Alarm
I always thought it was illogical to let packets reach the machine I'm
trying to protect. I'd rather pass through a dedicated machine. Are there
any advantages TO using a production machine as a firewall??
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Nick FitzGerald
Sent: Wednesday, June 04, 2003 8:12 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: AW: [Full-Disclosure] Zone Alarm
"Michael Linke" <ml@...ract.org> wrote:
> There is one big benefit, ...
Correction -- it used to be a benefit (I'll let others quibble over
how good a benefit, as it is now largely gone so its former value is
pretty much moot...).
> ... which no hardware router can bring you. Zone alarm
> and other Windows based Software Firewalls can block network access for
> programs. A HW firewall can only block a whole machine but can't denied
> access for one software and allow access for another software on the same
> machine.
And for the last six months, what is (almost) the first thing nearly
every new virus and trojan of any consequence does?
Yep -- troll the process list for process names matching a _huge_
(and ever growing) list of personal firewall, antivirus, anti-Trojan,
anti-adware, etc programs and kill all processes with a match.
The "integrity management (of network-connecting software) on the
cheap" advantage of PFWs has now passed on, so please do not tout it
as if it is something really useful.
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists