Full Disclosure mailing list archives
RE: Zone Alarm
From: "Robert J. Liebsch" <rliebsch () stoneyamashita com>
Date: Wed, 4 Jun 2003 13:17:51 -0700
So, Once you PAY for ZoneAlarm, you don't have to worry about CPU and MEM hogs... but my solution: ZoneAlarm on the PC you are using. Get smart, you dont go to a port city have unprotected sex, so when you jack in you should have something covering your ass... LinkSys Wireless Access Point Cable/DSL with 4 Port Switch. This too has a Zone Alarm install on it. But NAT is NAT. Now you can DoS these, and a poorly configured one or default password set is bad. Duh. SnapGearPro if you need VPN and such. They work. They are linux based. Easy to use. Everything has to be done in layers. No services running or installed which aren't being used. Configure your services. Defaults are bad for you. Chroot. Change passwords, use permissions. Check SUID. ipchains/iptables/ipfw is running and filtering every other port, even the ports which are not listening. The switches have to be maintained. You can tell a switch what to do, it'll listen. Then your routers need to be configured properly. How many times do you see in your logs 10.30.40.200 trying access something. There is no reason for RFC1918 addresses to get passed by routers, spoofed or not. Security is easy, but it is time consuming. Sorry about the digression... Zone alarm is good, but it is only 1 layer. (its only good AFTER you pay for it IMO) PS. the URL is fuX0r3d.
---------- From: Jason Sent: Wednesday, June 4, 2003 11:53 AM To: morning_wood Cc: Ben Tyson-Norrman; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Zone Alarm Unfortunately the $40 'hardware' devices are not either. Please reference the excellent work by Core http://www1.corest.com/common/showdoc.php?idx=276&idxseccion=10 and the _much_ more expensive 'hardware' devices are just as prone http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilter-regression-pub.s html ... http://www.cisco.com/warp/public/707/advisory.html For a personal solution Zone Alarm is quite possibly more adequate and appropriate. morning_wood wrote:Zone Alarmbuy a $40 hardware router. Software firewalls are not a securitysolution IMHO.morning_wood ----- Original Message ----- From: Ben Tyson-Norrman To: full-disclosure () lists netsys com Sent: Wednesday, June 04, 2003 8:53 AM Subject: [Full-disclosure] Zone Alarm I'm not sure I can ask this question without derision, but here goes... Zone Alarm, is it really as crap as everyone makes out.... or is theusual posturing by ill-informed...?Many thanks all Visit our web site @ www.twowaytv.com This e-mail and its attachments are intended for the above namedrecipient(s) only and may be confidential, legally privileged and protected by law. If you are not a named addressee or have received this transmission in error, please notify us immediately at postmaster () twowaytv co uk and then delete this e-mail. As Internet communications are not secure we do not accept legal responsibility for the contents of this message or responsibility for any change made to this message after the original sender sent it. Save for this legal notice, the contents or opinions contained within this e-mail are solely those of the sender and do not necessarily represent those of Two Way TV Ltd unless otherwise specifically stated._______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Zone Alarm, (continued)
- Re: Zone Alarm Sven Hoexter (Jun 04)
- Re: Zone Alarm Shawn McMahon (Jun 04)
- Re: Zone Alarm Cedric Blancher (Jun 04)
- Re: Zone Alarm Sven Hoexter (Jun 04)
- Re: Zone Alarm daniel.clemens (Jun 04)
- RE: Zone Alarm Schmehl, Paul L (Jun 04)
- Re: Zone Alarm Michael Reilly (Jun 04)
- [OFFTOPIC] Zone Alarm Kurt Seifried (Jun 04)
- Re: Zone Alarm Michael Reilly (Jun 04)
- RE: Zone Alarm Schmehl, Paul L (Jun 04)
- Re: Zone Alarm Shawn McMahon (Jun 05)
- RE: Zone Alarm JT (Jun 05)
- Re: Zone Alarm Shawn McMahon (Jun 05)
- RE: Zone Alarm Robert J. Liebsch (Jun 04)
- Re: Re: Zone Alarm Eric N. Valor (Jun 04)
- Re: Zone Alarm Michael Reilly (Jun 04)
- RE: Re: Zone Alarm Schmehl, Paul L (Jun 04)
- RE: Zone Alarm Ben Tyson-Norrman (Jun 05)
- AW: Zone Alarm Michael Linke (Jun 05)
- RE: Zone Alarm Myers, Marvin (Jun 05)
- Re: Zone Alarm Stephane Nasdrovisky (Jun 13)
- Re: Zone Alarm Larry W. Cashdollar (Jun 13)
- Re: Zone Alarm Larry W. Cashdollar (Jun 13)
- Re: Zone Alarm Larry W. Cashdollar (Jun 13)