Re: Zone Alarm (Freeware-) stopped reporting intrustions..



bassbag <bassbag@xxxxxxxxxxxxxxxxxxxxx> wrote:
usenet-2006@xxxxxxxxxxxxxxxx says...
kingthorin@xxxxxxxxx wrote:
"And if you think it can block malicious outbound traffic see
Microsofts statement at
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMy...
the chapter "Myth: Host-Based Firewalls Must Filter Outbound
Traffic to be Safe. " "

Did you actually read the informtaion you're referring people to?
Basically some guy at MS deems the need for Outbound Traffic
Filtering as a myth because the majority of users are too stupid to
understand that's going on when prompted to allow/deny the traffic.

Apparently it's you who hasn't read the article. Users not being able
to understand what the firewall tells them is one argument against
attempts to filter outbound traffic. Another argument is that malware
can most easily remotely control applications that are *allowed* to
communicate outbound (e.g. the web browser), thus bypassing the
application filter.

Most modern firewalls are protected against this kind of
circumvention.

No.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.