Re: Black Ice, Zone Alarm vulnerabilities spotted
From: Markus Kraus (mkr_at_gmxpro.de)
Date: Sun, 15 Feb 2004 10:48:40 -0800
On Sun, 15 Feb 2004 17:44:14 GMT, Duane Arnold wrote:
>"\"Crash\" Dummy" <email@example.com> wrote in
>> eeye has issued preliminary alerts about Black Ice and Zone Alarm:
>> A remotely-exploitable vulnerability that allows anonymous attackers
>> to compromise default installations of the affected software and gain
>> the highest possible level of access (SYSTEM).
>> Black Ice: http://www.eeye.com/html/Research/Upcoming/20040213.html
>> Zone Alarm: http://www.eeye.com/html/Research/Upcoming/20040213-2.html
>That's why one should not use the default out of the box settings on any
>security software and configure the software to provide the protection.
A lot of people argue that it is possible to harden the OS by using
OS-builtin capabilities to make it less vulnerable to attackers, but
they also argue that this is a difficult thing to do and requires lots
My point is that it very often requires at least as much knowledge to
configure the personal firewall right, and I wonder if the time
required to learn the personal firewall is probably better spent to
learn about those built-in OS capabilities, and learn to understand
TCP/IP and networking and stuff.
As the original posting shows, personal firewalls are not error free.
There is this theorem: Software has errors. Ergo: more software has
more errors. So the attempt to try and fix errors in the software (OS)
by installing even more software is a wong approach, at least to some