Re: Best free firewall software Kerio vs. Zone Alarm?
From: Bob Ladbury (rladbury_at_kittymail.com)
Date: 02/12/04
- Next message: bobas007: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Previous message: Wes Groleau: "Can't drop two ports with ipfw"
- In reply to: Markus Kraus: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Next in thread: Markus Kraus: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Reply: Markus Kraus: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Reply: Duane Arnold: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 12 Feb 2004 10:49:44 -0800
Markus Kraus <mkr@gmxpro.de> wrote in message news:<f2qm20huhi09314evva3lhrbf89c4fu479@4ax.com>...
> On Thu, 12 Feb 2004 11:36:38 +0000, Geoff Lane wrote:
>
> >I thought IP tables and Personal FWs were basically different, IP
> >tables will not tell you if a particular application is trying to make
> >an outgoing connection
>
> Personal FWs are not reliably able to tell you that either. They claim
> they can, but that's just marketing blabla. Only applications that use
> the "official, nice way" to talk to the internet (by using the OS's IP
> stack, for example) can be monitored by a PFW.
My ZoneAlarm seems to be able tell me instantly if any application is
trying to make an outgoing connection. Any program that even thinks
about contacting the web is flagged by ZA, which spits out a warning
before I've even fully installed the program or realized its trying to
access the net. Another program I was looking at, Outpost, claims to
monitor at the "lowest level of the OS". So if I'm not mistaken, it
means a program doesn't have to "talk in a nice official way" to be
flagged by Outpost. Here's the blurb:
http://www.agnitum.com/products/outpost/features.html
"Firewall engine resides on the lowest possible level of the operating
system, allowing Outpost filter RAW_SOCKET and direct packet sending
into drivers, thus bypassing the TCP/IP stack."
> Experience shows that the "bad programs" use more subtle approaches to
> talk to the internet, by bypassing PFWs. So PFWs even gives the user a
> false feeling of being secured, because that PFW is able to hinder an
> MS application to connect to the web in order to look for program
> updates, so users think it works with any application.
>
> Best regards,
> Markus
- Next message: bobas007: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Previous message: Wes Groleau: "Can't drop two ports with ipfw"
- In reply to: Markus Kraus: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Next in thread: Markus Kraus: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Reply: Markus Kraus: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Reply: Duane Arnold: "Re: Best free firewall software Kerio vs. Zone Alarm?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
