Re: Zone Alarm (Freeware-) stopped reporting intrustions..



kingthorin@xxxxxxxxx wrote:
Ansgar -59cobalt- Wiechers wrote:
kingthorin@xxxxxxxxx wrote:
"Yes, several attacks may be detected by outbound control. However,
since you have to depend on luck for not getting hit by a smart one
this has nothing to do with security."

So you're saying that because something might get through I
shouldn't care about any of it?

I'm saying that because you can't rely on it it doesn't count as a
security measure. Whether you want to use such measures despite of
that is up to you.

My AV software is completely pointless because while it stops known
attacks it can't/won't stop unknown attacks. (Smart/Dumb, New/Old
same thing).

No, it's not the same thing. AV software is supposed to detect known
malware patterns and block access to files where it detects them.
That it can do reliably.

So because it doesn't protect you from unknown attacks "you can't rely
on it it doesn't count as a security measure."

Wrong. No measure will protect you from unknown attacks, because one
needs to know the attack vector to implement the countermeasure. The
attack vectors malware can use to communicate outbound are well known,
but they can't be mitigated easily without breaking lots of stuff in
Windows because of the way Windows works.

[...]
And will you please learn how to quote sensibly?

Sorry about that, I hate those >>>, but if it makes life easier for you
(everyone else) I'll try to leave them in.

Thank you. It does make life a lot easier.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.



Relevant Pages

  • Re: Zone Alarm (Freeware-) stopped reporting intrustions..
    ... this has nothing to do with security." ... So you're saying that because something might get through I shouldn't ... attacks it can't/won't stop unknown attacks. ... "If a software developer ever believes a rootkit is a necessary part of ...
    (comp.security.firewalls)
  • Re: Zone Alarm (Freeware-) stopped reporting intrustions..
    ... this has nothing to do with security." ... So because it doesn't protect you from unknown attacks "you can't rely ... needs to know the attack vector to implement the countermeasure. ... Windows because of the way Windows works. ...
    (comp.security.firewalls)
  • Re: Zone Alarm (Freeware-) stopped reporting intrustions..
    ... this has nothing to do with security." ... So because it doesn't protect you from unknown attacks "you can't rely ... communicate it can't fulfill it's goal), AV can stop some threats (the ... software may land on your sys but if it is quaruntined or removed it ...
    (comp.security.firewalls)
  • Re: Mac Hack
    ... from a security standpoint by even a semi competent admin. ... I don't think anyone was saying it is not an attack, ... that OS X is as insecure as windows, ...
    (comp.sys.mac.advocacy)
  • Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
    ... >> of measurable security benefit. ... > manage a network which was formed years before UPnP was invented. ... is trustworthy and what makes it one way or another. ... I could try and preempt the entire discussion by saying unless you've ...
    (Firewall-Wizards)