Re: Zone Labs Pro question

From: Rick (blue-nospam@verizon.net)
Date: 03/15/03

Next message: Chris: "Re: Firewall question"
Previous message: The Other Guy: "Re: *RED* ALERT"
In reply to: David: "Re: Zone Labs Pro question"
Next in thread: David: "Re: Zone Labs Pro question"
Reply: David: "Re: Zone Labs Pro question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Rick" <blue-nospam@verizon.net>
Date: Sat, 15 Mar 2003 20:03:44 GMT

David wrote:
> Thanks again mh...I always call that advanced for some reason...One of
> these days I'll
> explicitly remember Custom, but I don't use it anymore so I have nothing
> to refer to except my aging memory. Oldtimers disease setting in at an
> early age or something :)
>
> Anyhow he needs to block them for outbound traffic and they are only
> blocked inbound by the normal security level settings. There is no
> telling whether this guy has already given some obscure IRC trojan rights
> under the application control

You're referring to the 20 or so programs listed in the Program Control
panel, Programs tab -- that one of these might be a disguised trojan? Or
are we talking about potentially one of the 400-some-odd components in the
Components tab? (ouch)

> so he really does need to block those ports
> going out. Everyone who doesn't use IRC should explicitly block these to
> all outbound traffic because this is what most of the trojans use these
> days. So even if they somehow trick the user through the application
> control they are still blocked.

Ah -- now I get what you're saying. You're saying that any program I've
(possibily inadvertently) given access will barrel on through unless I
specifically block these ports. But I don't see any way to specify ports
that I want ~blocked~ -- all I see is a way to specify a range of port
addresses to ~allow~.

Next message: Chris: "Re: Firewall question"
Previous message: The Other Guy: "Re: *RED* ALERT"
In reply to: David: "Re: Zone Labs Pro question"
Next in thread: David: "Re: Zone Labs Pro question"
Reply: David: "Re: Zone Labs Pro question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Usb problems on 7.0 RELEASE
... Earlier I reported usb problems on this list. ... 686-class CPU) ... <Enhanced SpeedStep Frequency Control> on cpu0 ... 2 ports with 2 removable, ...
(freebsd-stable)
pf broken in 7.0-BETA1 ?
... queue traf on xl0 priority 15 priq ... <Enhanced SpeedStep Frequency Control> on cpu0 ... <ACPI PCI bus> on pcib0 ... 2 ports with 2 removable, ...
(freebsd-current)
pf broken in 7.0-BETA1 ?
... queue traf on xl0 priority 15 priq ... <Enhanced SpeedStep Frequency Control> on cpu0 ... <ACPI PCI bus> on pcib0 ... 2 ports with 2 removable, ...
(freebsd-stable)
Re: pf broken in 7.0-BETA1 ?
... pass out on $ext_if proto tcp from any to any tos 0x10 no keep state queue ssh ... <Enhanced SpeedStep Frequency Control> on cpu0 ... <ACPI PCI bus> on pcib0 ... 2 ports with 2 removable, ...
(freebsd-stable)
panic about half the time with WPA+WPI during startup
... <Enhanced SpeedStep Frequency Control> on cpu0 ... pci0: <ACPI PCI bus> on pcib0 ... 2 ports with 2 removable, ...
(freebsd-current)