lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20030604194109.26e847c6.michaelr@cisco.com>
From: michaelr at cisco.com (Michael Reilly)
Subject: AW: Zone Alarm

If I understand you correctly I think you mean, for example, to block Outlook/Netscape/Other_mail_client from fetching images and sending cookies often found in SPAM by blocking any outgoing access except to smtp/pop/imap on the server but letting a web browser use http?

The SW firewall can be useful for this but wouldn't it be better to use a well behaved application instead?

michael
On Wed, 4 Jun 2003 22:37:50 +0200
"Michael Linke" <ml@...ract.org> wrote:

> There is one big benefit, which no hardware router can bring you. Zone alarm
> and other Windows based Software Firewalls can block network access for
> programs. A HW firewall can only block a whole machine but can't denied
> access for one software and allow access for another software on the same
> machine. 
> 
> 
> 
> 
> intract - any business anywhere
> Michael Linke
> Netzwerkadministrator
> Heilbronnerstr. 50
> D-73728 Esslingen
> Germany
> Phone  : +49 384 16297 50
> Fax????  : +49 711 35152 89
> mobile  : +49 178 51 52 959
> e-mail?  : ml@...ract.org
> ICQ      : 141033973
> webside:?? http://www.intract.org
> 
> 
> > -----Urspr?ngliche Nachricht-----
> > Von: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-
> > admin@...ts.netsys.com] Im Auftrag von Jason
> > Gesendet: Mittwoch, 4. Juni 2003 20:53
> > An: morning_wood
> > Cc: Ben Tyson-Norrman; full-disclosure@...ts.netsys.com
> > 
> > Unfortunately the $40 'hardware' devices are not either.
> > 
> > Please reference the excellent work by Core
> > http://www1.corest.com/common/showdoc.php?idx=276&idxseccion=10
> > 
> > and the _much_ more expensive 'hardware' devices are just as prone
> > 
> > http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml
> > http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml
> > http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilter-regression-
> > pub.shtml
> > ...
> > http://www.cisco.com/warp/public/707/advisory.html
> > 
> > For a personal solution Zone Alarm is quite possibly more adequate and
> > appropriate.
> > 
> > morning_wood wrote:
> > 
> > >Zone Alarmbuy a $40 hardware router. Software firewalls are not a
> > security solution IMHO.
> > >
> > >morning_wood
> > >  ----- Original Message -----
> > >  From: Ben Tyson-Norrman
> > >  To: full-disclosure@...ts.netsys.com
> > >  Sent: Wednesday, June 04, 2003 8:53 AM
> > >  Subject: [Full-Disclosure] Zone Alarm
> > >
> > >
> > >  I'm not sure I can ask this question without derision, but here goes...
> > >
> > >  Zone Alarm, is it really as crap as everyone makes out.... or is the
> > usual posturing by ill-informed...?
> > >
> > >  Many thanks all
> > >
> > >  Visit our web site @ www.twowaytv.com
> > >  This e-mail and its attachments are intended for the above named
> > recipient(s) only and may be confidential, legally privileged and
> > protected by law. If you are not a named addressee or have received this
> > transmission in error, please notify us immediately at
> > postmaster@...waytv.co.uk and then delete this e-mail. As Internet
> > communications are not secure we do not accept legal responsibility for
> > the contents of this message or responsibility for any change made to this
> > message after the original sender sent it.  Save for this legal notice,
> > the contents or opinions contained within this e-mail are solely those of
> > the sender and do not necessarily represent those of Two Way TV Ltd unless
> > otherwise specifically stated.
> > >
> > >
> > >
> > 
> > 
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
---- ---- ----
Michael Reilly    michaelr@...co.com
    Cisco Systems, Santa Cruz, CA

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ