Re: What does a firewall do?
From: Casey (Casey_at_notspecified.net)
Date: 01/20/05
- Next message: abspc: "Re: 2 routers connected to one lan question"
- Previous message: Duane Arnold: "Re: What does a firewall do?"
- In reply to: Nick Roberts: "Re: What does a firewall do?"
- Next in thread: Casey: "Re: What does a firewall do?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 20 Jan 2005 00:32:36 GMT
In article <gemini.ial42l00dznle01u4.nick.roberts@acm.org>,
nick.roberts@acm.org says...
> Casey <Casey@nosuch.net> wrote:
>
> > Check here for firewall features. (see whats inside)
> > http://smb.sygate.com/products/spf/comparison_spf.htm
>
> Thanks, this is excellent.
Your welcome! You might also find the following helpful,
especially the users guide.
Unofficial Help:
http://bellsouthpwp.net/i/k/ikpe/SygateBasics.html
Sygate Forums:
http://forums.sygate.com/vb/
Users Guide and Quick Start Guide:
http://smb.sygate.com/support/documents/pspf/default.htm
Compare SPF Pro and SPF Free (See what's inside each one)
http://smb.sygate.com/products/spf/comparison_spf.htm
d/l
http://soho.sygate.com/free/default.php
>
> One of the functions mentioned is an Attacker Tracing System. Is this,
> perhaps, a touch of marketing hype? I would have thought that the software
> required by a practical tracing system (e.g. a high-power database engine)
> would be a little bit beyond a firewall? Are these products (Sygate Personal
> Firewall Pro & Sygate Personal Firewall) very expensive? How many customers
> would, in reality, be likely to use this function?
This is probably the trace route and Whois check on an attacking
site. For personal use, there is a pro version ($39.00) and a
free version.
>
> How useful is the Instrusion Alarm System, in reality? Is it useful for a
> pop-up window to inform you that "Your computer has just been hacked, all
> your data files have been corrupted, and the computer will reboot in five
> seconds. Haha."? I suspect the hacker would delight in popping up a window
> of this sort for you anyway. :-)
>
This feature is optional and can be turned on/off. Many users
prefer know what is happening with their computer. These alarms
and the traffic log keeps one informed about what has been Blocked.
> The Evidence Logging System raises a few questions. I know (from reading the
> literature) that auditing can be useful for analysis (usually after an
> 'event' [i.e. an attack]). But I also know that case studies show how hard
> it is to get the balance right between usefulness of information and mass of
> information (too little and it's useless, too much and the audit storage
> space overflows, resulting in partial data that is also usually useless). I
> am a little dubious that this function will be useful to most firewall
> users, except, perhaps, for use by an outside consultancy after an event.
>
> Security Policy Customization sounds good, but, in practice, who's going to
> use it, how easily, and how effectively?
>
> That these products can penetrate VPNs is superb (if it really works).
>
> The Active Response feature says "By dynamically stealthing open ports and
> temporarily blocking the intruders' IP address." The sentence seems cut off.
> What it mean, please? (What does "dynamically stealthing open ports" mean?
> :-)
When Sygate recoginizes a attack (4 hits), the attacking IP is
blocked for 600-sec.
>
> How does the MAC and IP address spoofing protection work, please?
>
> One feature is to "Prevent Internet browsers from revealing the OS, browser
> version and the browser history information, which can be stored or used by
> the web server to exploit known security vulnerabilities." Surely this is
> going to cause a variety of web sites (badly designed ones, admittedly) to
> fail, since they (their pages) detect the browser (version) in order to
> conform their Javascript etc.?
>
There are some who would prefer not to reveal their software type.
If they are very concerned about computer security, they will not
allow java script.
> Finally, I note that these products are software firewalls. Would I be right
> in assuming that the main advantage of using a hardware firewall is to do
> with the vulnerabilities inherent: in Windows due to its lack of security in
> default installations; in Unix (et al) due to the fact that many programs
> are compelled to run as the root user (to get special functionality only
> available to the root user)?
>
>
-- micro..........Who?
- Next message: abspc: "Re: 2 routers connected to one lan question"
- Previous message: Duane Arnold: "Re: What does a firewall do?"
- In reply to: Nick Roberts: "Re: What does a firewall do?"
- Next in thread: Casey: "Re: What does a firewall do?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
