Re: Personal firewall with no user-interaction

From: Johnny Nielsen (DONT.WRITE.THIStrap402_at_megabit.dk)
Date: 09/06/03

  • Next message: Duane Arnold: "Re: Personal firewall with no user-interaction" 
    Date: Sat, 6 Sep 2003 18:14:06 +0200

    Unfortunately we can't manage the standalone computers and we don't have any
    managing servers so I can't push anything out. They are completely
    independent.

    One question: What happens (using Black Ice) when the administrator runs
    Windows Update. I would suspect that at least the first user running a
    program which was updated by Windows Update (say Internet Explorer) would be
    prompted by Black Ice to select if the changed program is allowed to access
    the internet ?

    My experience tells me that there is allways some situations where the
    application-rule based firewalls prompts the users. Because of the nature of
    the applications that we use it would be a REAL problem if a user denied
    access to one of the applications by accident.

    Thanks for your input.
    Johnny Nielsen

    "Duane Arnold" <notme@notme.com> wrote in message
    news:Xns93EE6EE8044E9notmenotmecom@63.240.76.16...
    > "Johnny Nielsen" <DONT.WRITE.THIStrap402@megabit.dk> wrote in
    > news:3f59fd96$0$424$edfadb0f@dread11.news.tele.dk:
    >
    > > Im looking for a Windows 2000 personal firewall that doesn't require
    > > the user to answer any questions regarding it's functionality.
    > >
    > > We have a number of standalone computers connection to the internet
    > > using modem dialup. The users are non-technical personal.
    > >
    > > In order to protect those computers from attacks from the internet I
    > > need to deploy (using a CD-ROM) a personal firewall that installs as
    > > silently as possible and doesn't require the users to make any
    > > decisions after the firewall is installed.
    > >
    > > So far I have looked at Zone Labs Integrity Desktop, Outpost Pro 2,
    > > McaFee Personal Firewall and Tiny Personal Firewall 5, but I don't
    > > think any of those satisfies my requirements.
    > >
    > > None of the testet programs was able to install using a pre-configured
    > > configuration file (and if they can, it isn't documented) in an
    > > environment without a managing server.
    > >
    > > I guess that my requirement that the program can't interact with the
    > > users leaves out the use of application rules since upgrading of the
    > > applications typically would trigger a question about access for a
    > > changed program. Since all the computers has anti-virus software
    > > installed I would therefore compromise on a simple stateful inspection
    > > firewall if that exists in software. That ought to take care of any
    > > worms which I think is the primary threat. Im not worried about
    > > denial-of-service attacks since we are talking about short-time dialup
    > > connections.
    > >
    > > Comments and/or solutions are welcome
    > >
    > >
    > > Best regards
    > > Johnny Nielsen
    > >
    > >
    > >
    >
    > BlackIce uses (.ini) files which rules can be configured and pushed out
    > to workstations. Also BI uses User-Account Security Context. If they are
    > not Admins on the machine, BI will disable the Admin screens.
    >
    > If the users are not allowed to install software, then one Baseline
    > inventory of all program file types will cover any program starting up or
    > communicating back to the Internet. If something does hit the machine and
    > BI starts asking the end-user questions, then it's a clear sign that
    > something may be wrong.
    >
    > All you have to do is set BI on Paranoid *block all unsolicted inbound
    > traffic* -- statefulness, Auto Block, and Notification Level to RED or
    > RED/Orange that pretty much covers it. I got family members using BI on
    > dial-ups with no issues.
    >
    > As far as BI controlling worms, viruses, and Trojans, the link may
    > provide some information. However, BI is not a malware application.
    >
    > http://www.eweek.com/article2/0,4149,1234226,00.asp
    >
    > HTH
    >
    > Duane :)
    >
    > --
    > The protection of the machine is a process and not a given!

  • Next message: Duane Arnold: "Re: Personal firewall with no user-interaction"

    Relevant Pages

    • Re: Browers wont run
      ... You may need to get the applications on another machine and install them ... May also want to try and install/use Firefox Internet Browser. ... Microsoft has these suggestions for Protecting your computer from the ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Pop-ups
      ... > I keep on getting pop-ups even when I'm not using the internet. ... Tip should help you clean up.. ... Microsoft has these suggestions for Protecting your computer from the ... More full function applications for CD/DVD burning would be: ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Problems after updating Service Pack 2
      ... > etc. Warnings that I have too many applications open...when NO ... If you don't wish to follow all of the advice immediately, ... You should also empty your Internet Explorer Temporary Internet ... using Windows XP "prettifications". ...
      (microsoft.public.windowsxp.perform_maintain)
    • Re: Fail to remove adware
      ... Microsoft has these suggestions for Protecting your computer from the ... More full function applications for CD/DVD burning would be: ... Empty your Internet Explorer Temporary Internet Files and make sure the ... using Windows XP "prettifications". ...
      (microsoft.public.windowsxp.security_admin)
    • Re: so slow
      ... Microsoft has these suggestions for Protecting your computer from the ... More full function applications for CD/DVD burning would be: ... Empty your Internet Explorer Temporary Internet Files and make sure the ... are pay - some you can only download if you are registered - but it is best ...
      (microsoft.public.windowsxp.help_and_support)
    • Quantcast