lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: blancher at cartel-securite.fr (Cedric Blancher)
Subject: [OFFTOPIC] Zone Alarm

Le jeu 05/06/2003 ? 11:09, Lars Duesing a ?crit :
> ZoneAlarm has in my eyes a very interesting feature. As it runs on the
> clients' system it can distinguish which (local) application is allowed
> to send data to the net. In days of gator et al a very nice feature.

This is to me the interest of so called personal firewalls. But I do not
like ZA, because its decisions are only application based. On tools such
as Kerio Personal Firewall, you can add rules to restrict applications
in terms of addresses, protocols and ports. If you consider what it is
possible to do through IE using ActiveX as an example, it could be a
good idea not to authorize this kind of application without network
restriction.

Btw, it makes ZA simple to use, but weak to me.

> So if an user knows how to use this personal firewalls, it is yet
> another step of security.

<metoo>Agree</metoo>

-- 
C?dric Blancher  <blancher@...tel-securite.fr>
IT systems and networks security - Cartel S?curit?
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ