Confused, really confused...
From: sponge (firstname.lastname@example.org)
From: email@example.com (sponge) Date: 16 Mar 2003 22:48:58 -0800
On 16 Mar 2003 21:50:07 -0800, VaKo@minley2.demon.co.uk (VaKo) wrote:
>I've been running Zone Alarm in various forms now for over a year,
>thought it was doing a good job. But i've been told that is crap
>compared to BlackICE, but I've also read that BlackICE is not a
>firewall, its more of a intrusion detector. Which to be honest i
>really understand. Whats the difference?
>At the moment i'm running Zone Alarm Pro and BlackICE together (i
>read that this is a good idea) but i've heard that Tiny Personal
>Firewall 4.5 is better.
TPF is apparently good albeit a bit buggy. It's sandboxing features
>Other things i've noticed. If i run zone alarm or blackice or both,
>IP can be seen on a port scanner (this is me scanning myself). But if
>i run Tiny Personal Firewall 4.5 it can't be seen. Is TPF better? Or
>is it doing something else?
I'm not sure what you mean. Your IP can ALWAYS be seen unless you are
using some kind of web proxy (in which case the proxy sees it.) The
question is, can any ports be seen to be open to TCP or UDP? If so,
then something's not right. Try the tests at pcflank.com or sygate.com
>If i run TPF Kazaa Lite cannot connect. I think this is because i
>don't know enough to set the rules correctly. Is there a guide to
>setting them up somewhere?
Create a rule to allow KL access to the net. Then, set a remote port
of 1214 or your choosing. Depending on the version of KL, you may be
able to assign it another port than 1214. Whatever you do, make sure
KL's allowed remote port and the on in the Tiny rule match. You
generally have to allow KL to use any local port between 1024 and
49151 (actually, 10000 will do.) I'm not sure if KaZaa needs UDP, so
try setting it to allow TCP out only.
>Where can i read up on PC sercuity so i understand more about this
www.pcflank.com has some good firewall configuration into along the
left side of the page. Pardon me for plugging my own site, but if you
are a noob, it can help. It's in my sig line.
>And finaly, for someone who just wants to be sure that his PC is safe
>from bored computer studies students and your mate with portscanners
>scanning you all day what out of BlackICE, Zone Alarm Pro and Tiny
>Personal Firewall would stop them.
Mainly, they stealth your presence and also disallow many kinds of
network-based attacks. They also protect against some kinds of spyware
running on your system, which is probably a far more significant
threat. Firewalls don't help much against spyware that embeds itself
in IE or other trusted applications, so you need to use cleaners like
SpyBot and Ad-Aware 6 (both) and just be very careful about both what
you download and what info you give out on the net. I do have a list
of filters than prevents spyware from phoning home, but they are set
up for Kerio and might not be importable into TPF 4.5 (although since
Kerio started out as Tiny, TPF 4.5 may still be backwards compatible).
Firewalls will also not protect against many of the various browser
exploits, as these occur at a higher level than where the firewall is
There are a few things you can do to harden your operating system to
make it immune from certain attacks, like turning off File & Print
Sharing (Universal Plug N Play in XP).
A lot of the worst stuff can be prevented by simply not using Internet
Explorer and Outlook or minimized by properly securing them.
Sponge's Anti-Spyware Source