lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <F3B5F5076E21DE4EA34F7799688442EC6991@syp-exchange.syp.stoneyamashita.com>
From: rliebsch at stoneyamashita.com (Robert J. Liebsch)
Subject: [OFFTOPIC] Zone Alarm

Zone alarm works, but the free version tends to eat processor and memory
because of the "learning" of the software. So while its not really a hole, it
can be cumbersome and negatively affect performance of the host PC. This is a
known feature/bug and discussed at length on the Zone Alarm message boards.
As soon as you upgrade to the paid product, you get updates and ability to
better control processor and memory usage.
 
I would treat it as a layer of security and supplement it with a simple
Linksys offering NAT...
 
These two layers are effective for home computer users. Like a multivitamin
is better than just taking one.
 
Yes, there is much posturing. And ample digression. And a good dose of
derision. 

-----Original Message-----
From: Ben Tyson-Norrman [mailto:ben@...waytv.co.uk]
Sent: Thursday, June 05, 2003 10:11 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] [OFFTOPIC] Zone Alarm



As I started this one - can I put a stop to it... 

What was it I read the other day, if you call someone a Nazi then officially
that's the end of the thread... 

Okay I'm going to call me, ben@...waytv.co.uk, erstwhile postee in html, user
of Windows 2000 (and BSD and Linux and Solaris, before you start), sending
email via Exchange which attaches a crappy disclaimer - a complete and utter
Nazi....

Yes I've done it - I've called someone a Nazi.... so now we have to start a
new thread and post at least 3 bits of useful information before we can
revert to abuse, slander, mis-reading of posts, mis-understanding of posts,
not trying to hear what the person is saying in voice- rather than just
reading the words and generally taking our stress out on everyone else (who
for the most parts should be our allies)..

What I've learnt is.... 
ZA is okay for homeusers - there are no desperately obvious holes. 
There are other alternatives - I use one of the others at home (not that you
care) - but the person who asked the question of me (who is fairly
technical), is probably doing the best he can.

The negative comments I have seen, viz :- (snip from some or other list)
<<zone alarm (which contrary to popular belief is not a real firewall and a
joke in the IT community as a whole)>> is empty posturing as usual, but then
the same goes for everything else (there are a lot of "experts" out there...)

May your evenings (days, morning or nights - depending on your timezone) be
blessed with happyness... 

Personally I'm going home to get a beer or two.... 



-----Original Message----- 
From: JT [ mailto:ptourvi1@...ny.rr.com] 
Sent: 05 June 2003 16:13 
To: 'Shawn McMahon'; full-disclosure@...ts.netsys.com 
Subject: RE: [Full-Disclosure] [OFFTOPIC] Zone Alarm 


This is a lame basis for your argument. You provide 2 
vulnerabilities that 
are old. Everything has vulnerabilities, I will not waste my 
time search ZA 
for one, it's in there, it's a proven statistic. Now, explain to me how 
having one of your uninformed users make a decision for every 
app that wants 
to access the internet is better than plugging a router in and 
being done 
for the most part. Which is easier? Right, the router is easier 
because they 
just plug it in and go. You would have us believe that these 
"inept" users 
WITHOUT ANY computer person are going to be smart enough to 
FIND zone alarm, 
INSTALL it, CONFIGURE it, and then decide each time anything 
wants to hit 
the net. Please, spend 30 more seconds and show me some CURRENT 
vulnerabilities. 

-----Original Message----- 
From: full-disclosure-admin@...ts.netsys.com 
[ mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
Shawn McMahon 
Sent: Thursday, June 05, 2003 9:23 AM 
To: full-disclosure@...ts.netsys.com 
Subject: Re: [Full-Disclosure] [OFFTOPIC] Zone Alarm 


On Wed, Jun 04, 2003 at 08:35:05PM -0700, morning_wood said: 
> 
> Theres nowhere for the packets to go.. and please, when was 
the last time 
> anyone here had to flash a personal style router / switch 
> within the past 2 years... dont go esoteric on us now.. 

Perhaps you should read security bulletins more often. 

http://www.idefense.com/advisory/10.31.02a.txt 
http://www.opennet.ru/base/netsoft/993631863_204.txt.html 

That's just two.  Should I spend another 30 seconds searching and get 
you some more? 

Or are you going to argue that Linksys and Netgear are "esoteric"? 


-- 
Shawn McMahon     | Let every nation know, whether it wishes us 
well or ill, 
EIV Consulting    | that we shall pay any price, bear any 
burden, meet any 
UNIX and Linux    | hardship, support any friend, oppose any 
foe, to assure 
http://www.eiv.com| the survival and the success of liberty. - JFK 

_______________________________________________ 
Full-Disclosure - We believe in it. 
Charter: http://lists.netsys.com/full-disclosure-charter.html 

Visit our web site @ www.twowaytv.com 
This e-mail and its attachments are intended for the above named recipient(s)
only and may be confidential, legally privileged and protected by law. If you
are not a named addressee or have received this transmission in error, please
notify us immediately at postmaster@...waytv.co.uk and then delete this
e-mail. As Internet communications are not secure we do not accept legal
responsibility for the contents of this message or responsibility for any
change made to this message after the original sender sent it.  Save for this
legal notice, the contents or opinions contained within this e-mail are
solely those of the sender and do not necessarily represent those of Two Way
TV Ltd unless otherwise specifically stated. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030605/53e5bc22/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ