Re: firewall opinions
From: JW (JustPostYourReply_at_ToThisNewsGroup.pls)
Date: 02/21/05
- Next message: Malke: "Re: audio cd burning"
- Previous message: Malke: "Re: After restore problems with Old Data Files"
- In reply to: Van: "firewall opinions"
- Next in thread: Leythos: "Re: firewall opinions"
- Reply:(deleted message) Leythos: "Re: firewall opinions"
- Reply: Van: "Re: firewall opinions"
- Reply: Bruce Chambers: "Re: firewall opinions"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 21 Feb 2005 03:19:33 GMT
Hey Van, whenever you see conflicting advice on firewalls
(such as, (a) software firewalls are an important addition to a complete
multi-layer security system VS. (b) software firewalls are unnecessary
because hardware firewalls do everything that software firewalls do,
plus no Trojan can ever open a port on a hardware firewall), you really
have to go to a higher authority. Opinions are like armpits.
Last year, PC World Labs partnered with German security firm AV-Test to
test, evaluate and compare many firewall, antivirus, and anti-spyware
products. Included in the test was one of Linksys' best hardware
firewall/router/NAT devices. Their conclusion on page 3 was that two
software firewalls deserved the Editors Best Buy award, but neither of
two hardware firewall/router devices deserved the award. Furthermore,
the final recommendations on page 9 stressed the importance of using a
combination of defenses (not any one product that is good at only one
specialty), including Both a software firewall and a hardware firewall.
you can see their article at
http://www.pcworld.com/reviews/article/0,aid,115939,pg,1,00.asp
after reading this article, you will see that the test results prove
that (a) a hardware firewall/router does things that a software firewall
does not, and (b) a software firewall does things that a hardware
firewall does not. this is clearly why you need Both. For example, see
page 2 of the above article that states the following facts:
Consider the Bagle worm, which hides its identity by injecting itself
into the Windows Explorer application. When AV-Test infected a system
with this worm, the McAfee, Norton, Sygate, and ZoneAlarm firewalls
asked if Windows Explorer could access the Internet.
by comparison, a hardware firewall would not stop to ask the user for
approval of this outbound transmission of who knows what (maybe your
personal credit card or bank account number/password captured by a
keystroke logging program?), but would simply allow this outbound
transmission to go through unchecked.
another source of facts you can go to, when facing conflicting advice
from those who offer nothing but opinions, is an authoritative web site
such as the Gibson Research Corp web site. at www.grc.com, the section
named LeakTest describes another vulnerability that hardware
firewall/router devices are Helpless to defend against.
take the test for yourself. download their program named LeakTest.exe.
rename a legitimate program like IExplore.exe to IExplore.old. then
rename LeakTest.exe to IExplore.exe and launch it. the results are
clear and indisputable. a hardware router/firewall will not even stop
to ask you if this outbound leak of information is OK, but will allow
this outbound communication to pass through unchecked. ZoneAlarm will
stop it and ask for your approval. besides the fact that hardware
firewalls are inherently clueless to this vulnerability, what this also
means is that any kid who has read a book like Windows 101 can rename
any file from something like KeystrokeLoggerThatAlsoLaunchesIE.exe to
IExplore.exe with two simple commands.
Van wrote:
> I've been running Zone Alarm free version on my XP home SP2 system. The ONLY
> thing I don't like about it, is the time it takes to load on bootup. Besides
> ZA, what are some of the firewalls that you folks use and recommend??
> Thanks ....
- Next message: Malke: "Re: audio cd burning"
- Previous message: Malke: "Re: After restore problems with Old Data Files"
- In reply to: Van: "firewall opinions"
- Next in thread: Leythos: "Re: firewall opinions"
- Reply:(deleted message) Leythos: "Re: firewall opinions"
- Reply: Van: "Re: firewall opinions"
- Reply: Bruce Chambers: "Re: firewall opinions"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
