RE: Slashback!

["Skyler King" <SKing () us checkpoint com>]

:)  Yeah, that bugged me for a long time as well.  There are other
things that bug me...For instance, the configuration wizard should give
the user an option to automatically add his DNS servers to the trusted
zone.

sky 

> -----Original Message-----
> From: Dave Korn [mailto:dave.korn () artimi com] 
> Sent: Wednesday, January 18, 2006 12:33 PM
> To: Skyler King; 'Dino A. Dai Zovi'; 'Taylor, Gord'
> Cc: dailydave () lists immunitysec com
> Subject: RE: [Dailydave] Slashback!
>
> Skyler King wrote:
> > > Hello Gord,
> > >
> > > Do you know how the firewall identifies a "friendly" network?  Does
> > > the firewall tap into the wireless layer in Windows to get out the
> > > SSID and base station MAC address, or does it just verify the
> > > subnet?  I don't actually "use" any of my windows boxes, so I have
> > > never used this kind of stuff :).
> >
> > I can't speak for other PFWs, but ZoneAlarm uses a 
> combination of the
> > gateway ip and MAC address to indentify a network (wired 
> and wireless).
> > In
> > addition, unsecured wireless networks are automatically put in the
> > untrusted
> > "Internet" zone.
> >
> > sky
>
>
>   Up until very recently, ZA was sooooo secure that it didn't 
> even place the
> loopback adapter/subnet in the trusted zone by default.
>
> <g>  Needless to say this was responsible for more confusion 
> than security....
>
>
>     cheers,
>       DaveK
> -- 
> Can't think of a witty .sigline today....