Re: BlackICE & SQL Slammer
From: David (davidwnh@adelphia.net)
Date: 01/31/03
- Next message: David: "Re: Beware of Zone Labs & Zone Alarm Pro"
- Previous message: Johnny Oestergaard: "Re: Which Firewall?"
- Next in thread: Mike: "Re: BlackICE & SQL Slammer"
- Reply:(deleted message) Mike: "Re: BlackICE & SQL Slammer"
- Maybe reply: mhicaoidh: "Re: BlackICE & SQL Slammer"
- Maybe reply: Ric Griffy: "Re: BlackICE & SQL Slammer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David" <davidwnh@adelphia.net> Date: Fri, 31 Jan 2003 09:09:18 GMT
Mike,
I tested BI on a laptop with win2k pro. Worked great and I was actually
surprised at how low it's CPU usage was. It did install smoother than any
other personal firewall I have tested. It is not the easiest that I have
seen to configure, but it is not difficult either. Maybe just a little
different from some others. It is great for someone who wants to allow
services open to the internet because of the IDS, but it lacks some outgoing
protection. It does do MD5 digests on "all" executables,dlls etc which is
also a plus as far as downloading malware from the web,etc. is concerned. I
was using a different MD5 application which you could schedule file checks,
but this one is real time so I may use just the application protection since
it doesn't seem to add much to the CPU usage and the firewall lacks some
outgoing functionality that I desire.
You have very limited control of outbound access with BI. You either allow a
program or not. You cannot control which IP's, DNS addresses, or destination
ports that any specific application uses going outbound. Many people using
personal firewalls don't fine tune their application access to this degree
so it wouldn't be a minus for everyone, but for someone who wants to it
falls short. I like to block certain destination ports overall, ie. IRC,
for programs which I don't use. It is also nice to have content management
in which to block specific DNS and IP addresses overall. Only recently are
the other personal firewalls adding this type of feature and hopefully ISS
will follow suit. If ISS adds this functionality and the ability to control
outbound access for apps on a per port and per IP basis in the next version
then will truly have something far above the rest. In any case though, for
someone opening a server to the internet, that server is their big hole, and
the IDS might make BI a better choice even in light of it's shortcomings.
Many of the IDS signatures are for specific vulnerabilities in specific
servers to start with. Overall this product looks good for a home user who
wants to occasionally have a server open to the internet. Otherwise it may
fall short for someone who wants more control over outgoing access.
"Mike" <spamlessmike@spamcop.net> wrote in message
news:7k2h3vk1fud1lk7k0u82mppbsgilof1046@4ax.com...
> David,
>
> Thank you for your informed response. I ran BI in the past. The
> majority of the time it worked fine. Are there issues to be aware of
> with Windows 2K Pro systems? I'd like to install a PF on my Winproxy
> computer.
>
> Mike
- Next message: David: "Re: Beware of Zone Labs & Zone Alarm Pro"
- Previous message: Johnny Oestergaard: "Re: Which Firewall?"
- Next in thread: Mike: "Re: BlackICE & SQL Slammer"
- Reply:(deleted message) Mike: "Re: BlackICE & SQL Slammer"
- Maybe reply: mhicaoidh: "Re: BlackICE & SQL Slammer"
- Maybe reply: Ric Griffy: "Re: BlackICE & SQL Slammer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
