Re: Blackice Firewall

From: Duane Arnold (notme_at_notme.com)
Date: 04/03/05


Date: Sun, 03 Apr 2005 19:00:32 GMT

Redmond du Barrymond <redmond@STUFFIT.invalid> wrote in
news:ibb051lifjg2v92364udsdsf1v07t810fq@4ax.com:

>
> http://www.grc.com/lt/leaktest.htm
> NetworkICE's BlackICE Defender Update
> Apparently Designed to Mislead its Users
>
> Eleven Months after the release of our first, simple, but effective
> and popular (4,340,641 downloads) LeakTest firewall testing utility,
> BlackICE Defender (BID) continues to "leak" as defined by LeakTest.
> But a recent update to BID (version 2.9cai) was hiding this fact from
> its users by effectively cheating the LeakTest.
>
> Rather than enhancing BlackICE Defender by adding the sort of
> application-level controls that are available even from many
> completely free personal firewalls, BID's publisher, NetworkICE,
> apparently chose to prevent LeakTest's intended operation by adding
> specific awareness to BID of LeakTest's remote testing IP.
>
> http://www.zdnet.com.au/reviews/software/security/0,39023452,20264708,0
> 0.htm
> BlackIce PC Protection: Dark and slippery
>
>
> PC protection is a must, but many users will find BlackIce PC
> Protection's interface and rules baffling.
>
> Waves apps through the blockade
>
> Confusing, cluttered interface
>
> Diligent but bothersome
>
> Not everything is in stealth mode
>
> http://www.informationweek.com/841/langa.htm
> Good And Bad Online Security Check-Ups
>
> You might think this a harmless prank, but I don't. That's because the
> site is using this ruse to scare users into buying a copy of Black Ice
> Defender, a personal firewall, supposedly to prevent this
> "vulnerability." (If you examine the site's sales URL, you'll see that
> the site owner is an "affiliate" of Network Ice, the publishers of
> Black Ice Defender.
> ------------------------------------------------
>
> You people seen enough or do I have to beat you around the head some
> more?
>

This is even more outrageous than that other poster who didn't know
anything.

And we have another one running around in the NG. It seems like once a
year someone shows up that's hit the Gibson site. ;-)

The notion of stealth is crap and as long as the port is closed it is
closed and stealth means nothing. I didn't get the expected response back
from the FW when I did the prob. So I know that you're there for sure.

This is old an outdated stuff you're posting here about BI and Gibson's
Leakiest. BI was configured to detect the LeakTest with the LeakTest
signature being detected along with Application Control that was placed
in the application to prevent LeakTest.exe or any other type of program
from phoning home if the user's so chooses to stop the Leaktest.exe from
communicating or executing.

LeakTest is crap an is by no means the marker of a FW solution's ability
to stop traffic. Even FW solutions that cost $,$$$$.$$ cannot stop
Leattest. If a program running on the machine makes a solicitation for
input from a remote site or IP like the Leaktest client program making
contact with the Leaktest server program, then the FW is going to allow
that traffic back to the machine -- period that's any FW solution. The
only way to truly stop traffic is to block that IP with a FW rule to
block inbound or outbound traffic for the IP.

You need to settle down and stop running around in the NG with this non-
sense.

Could it be that you're using ZA? ;-)

Duane :)



Relevant Pages

  • Re: Need old BlackICE software
    ... version of BlackICE Defender hot off the Internet. ... The Sub7 Trojan sent off its eMail containing the ... I took a lot of grief after my LeakTest utility cut right through BlackICE ... Well, see if ZA can stop anything at system boot and logon, when the PFW has not been started first before the O/S can make a TCP/IP connection and the malware can start and get there before the PFW can be started, since any 3rd party PFW is NOT and integrated part of the O/S. ...
    (comp.security.firewalls)
  • Re: Blackice Firewall
    ... NetworkICE's BlackICE Defender Update ... BlackICE Defender continues to "leak" as defined by LeakTest. ... Defender, a personal firewall, supposedly to prevent this ...
    (comp.security.firewalls)
  • black ice defender
    ... popular LeakTest firewall testing utility, BlackICE ... Defender (BID) continues to "leak" as defined by LeakTest. ... personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent ... This IP address-specific blocking could have falsely lead BID's users into ...
    (comp.security.firewalls)