Re: Zone Alarm (Freeware-) stopped reporting intrustions..

From: Ansgar -59cobalt- Wiechers <usenet-2006@xxxxxxxxxxxxxxxx>
Date: 4 Oct 2006 19:51:11 GMT

kingthorin@xxxxxxxxx wrote:

"And if you think it can block malicious outbound traffic see
Microsofts statement at
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMy...
the chapter "Myth: Host-Based Firewalls Must Filter Outbound Traffic
to be Safe. " "

Did you actually read the informtaion you're referring people to?
Basically some guy at MS deems the need for Outbound Traffic Filtering
as a myth because the majority of users are too stupid to understand
that's going on when prompted to allow/deny the traffic.

Apparently it's you who hasn't read the article. Users not being able to
understand what the firewall tells them is one argument against attempts
to filter outbound traffic. Another argument is that malware can most
easily remotely control applications that are *allowed* to communicate
outbound (e.g. the web browser), thus bypassing the application filter.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.

Follow-Ups:
- Re: Zone Alarm (Freeware-) stopped reporting intrustions..
  - From: kingthorin
- Re: Zone Alarm (Freeware-) stopped reporting intrustions..
  - From: bassbag

References:
- Zone Alarm (Freeware-) stopped reporting intrustions..
  - From: Ronald J. Bartle
- Re: Zone Alarm (Freeware-) stopped reporting intrustions..
  - From: Ulf Leichsenring
- Re: Zone Alarm (Freeware-) stopped reporting intrustions..
  - From: kingthorin

Prev by Date: Re: Zone Alarm (Freeware-) stopped reporting intrustions..
Next by Date: Re: Zone Alarm (Freeware-) stopped reporting intrustions..
Previous by thread: Re: Zone Alarm (Freeware-) stopped reporting intrustions..
Next by thread: Re: Zone Alarm (Freeware-) stopped reporting intrustions..
Index(es):
- Date
- Thread

Relevant Pages

Re: Zone Alarm (Freeware-) stopped reporting intrustions..
... the chapter "Myth: Host-Based Firewalls Must Filter Outbound Traffic ... malicious code writters aren't always "SMRT". ... The assumption of stupid users and smart "attackers" is a mistake ...
(comp.security.firewalls)
Re: Zone Alarm (Freeware-) stopped reporting intrustions..
... Microsofts statement at ... the chapter "Myth: Host-Based Firewalls Must Filter Outbound ...
(comp.security.firewalls)
Re: Zone Alarm (Freeware-) stopped reporting intrustions..
... the chapter "Myth: Host-Based Firewalls Must Filter Outbound Traffic to ... be Safe. ... I wonder why microsoft vista firewall has been given the ability to block ...
(comp.security.firewalls)
Re: Zone Alarm (Freeware-) stopped reporting intrustions..
... the chapter "Myth: Host-Based Firewalls Must Filter Outbound Traffic ... to be Safe. ... Most modern firewalls are protected against this kind of circumvention. ...
(comp.security.firewalls)
Re: Zone Alarm (Freeware-) stopped reporting intrustions..
... the chapter "Myth: Host-Based Firewalls Must Filter Outbound Traffic to ... be Safe. ... I wonder why microsoft vista firewall has been given the ability to block ...
(comp.security.firewalls)