lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <016401c32b0a$66356af0$6e01a8c0@tekwiz>
From: ptourvi1 at twcny.rr.com (JT)
Subject: AW: Zone Alarm

I always thought it was illogical to let packets reach the machine I'm
trying to protect. I'd rather pass through a dedicated machine. Are there
any advantages TO using a production machine as a firewall?? 


-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Nick FitzGerald
Sent: Wednesday, June 04, 2003 8:12 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: AW: [Full-Disclosure] Zone Alarm


"Michael Linke" <ml@...ract.org> wrote:

> There is one big benefit, ...

Correction -- it used to be a benefit (I'll let others quibble over 
how good a benefit, as it is now largely gone so its former value is 
pretty much moot...).

> ... which no hardware router can bring you. Zone alarm
> and other Windows based Software Firewalls can block network access for
> programs. A HW firewall can only block a whole machine but can't denied
> access for one software and allow access for another software on the same
> machine. 

And for the last six months, what is (almost) the first thing nearly 
every new virus and trojan of any consequence does?

Yep -- troll the process list for process names matching a _huge_ 
(and ever growing) list of personal firewall, antivirus, anti-Trojan, 
anti-adware, etc programs and kill all processes with a match.

The "integrity management (of network-connecting software) on the 
cheap" advantage of PFWs has now passed on, so please do not tout it 
as if it is something really useful.


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ