Re: Zone Alarm (Freeware-) stopped reporting intrustions..



kingthorin@xxxxxxxxx wrote:
"And if you think it can block malicious outbound traffic see
Microsofts statement at
http://www.microsoft.com/technet/technetmag/issues/2006/05/SecurityMy...
the chapter "Myth: Host-Based Firewalls Must Filter Outbound Traffic
to be Safe. " "

Did you actually read the informtaion you're referring people to?
Basically some guy at MS deems the need for Outbound Traffic Filtering
as a myth because the majority of users are too stupid to understand
that's going on when prompted to allow/deny the traffic.

Apparently it's you who hasn't read the article. Users not being able to
understand what the firewall tells them is one argument against attempts
to filter outbound traffic. Another argument is that malware can most
easily remotely control applications that are *allowed* to communicate
outbound (e.g. the web browser), thus bypassing the application filter.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.



Relevant Pages