Re: [Full-Disclosure] Unsecure file permission of ZoneAlarm pro.

From: Birl (sbirl_at_temple.edu)
Date: 08/20/04

  • Next message: Florian Weimer: "Re: [Full-Disclosure] The 'good worm' from HP" 
    To: full-disclosure@lists.netsys.com
Date: Fri, 20 Aug 2004 13:54:33 -0400 (EDT)

    On Aug 20, bipin gautam (nospam-visitbipin@yahoo.com.ns) typed:

    bipin: > On Friday 20 August 2004 12:40, John LaCour wrote:
    bipin: > > There is absolutely no security issue here.
    bipin: > >
    bipin: > > ZoneAlarm does not rely on file permissions to protect
    bipin: > > any configuration files. Configuration files are protected
    bipin: > > by our TrueVector(r) driver in the kernel.
    bipin: >
    bipin: > Which is, of course, completely utterly infallible
    bipin: > so any additional means are
    bipin: > not only unneccessary, but even unwanted.
    bipin:
    bipin: In my part of globe, 90% of dialup users just turn on
    bipin: zone alarm pro. JUST before connecting to the
    bipin: internet... cauz its too annoying cauz zap pop's up
    bipin: with bla...bla...bla quit often and use resources
    bipin: etc...
    bipin:
    bipin: bipin

    Aye. ZA Pro does consume quite a bit of the CPU at times.
    Im consdering a hardware fw just for that reason.

    There are other things about logging that concern me as well.
    But that's different topic.

     Scott Birl http://concept.temple.edu/sysadmin/
     Senior Systems Administrator Computer Services Temple University
    ====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Florian Weimer: "Re: [Full-Disclosure] The 'good worm' from HP"

    Relevant Pages