Re: Need old BlackICE software



Tony wrote:
You talk a lot like the guy on this web site. The men in the white coats took
this guy to the mental asylum after he spoke to the FBI.
http://www.grc.com/dos/grcdos.htm Note what the lunatic says about black
ice defender. BlackICE Defender v2.5 ($39.95) —

Did I ask you about all this?

I did not have a current copy of BlackICE Defender around, but I felt that
this was an important test. So I laid out $39.95 through Network ICE's
connection to the Digital River eCommerce retailer and purchased the latest
version (v2.5) of BlackICE Defender hot off the Internet. I had already
removed all traces of ZoneAlarm and restarted the machine, so I installed
BlackICE Defender, let everything settle down, and restarted the machine with
my packet sniffer running on an adjacent PC.

I ran the test too when I was into using BI's. It's doing no less than the rest of the pieces of crap PFW's with Application Control.

As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER
on the dialogs being held by the Zombies and Trojans running inside the poor
"Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal
firewall, but this even surprised me.


And neither does the other ones with the worthless App control in them as malware can circumvent and defeat every last one of them, if it hits the machine and is executed.

The Zombie/Bot happily connected without a hitch to its IRC chat server to
await further instructions. The Sub7 Trojan sent off its eMail containing the
machine's IP and the port where it was listening. Then it connected and logged
itself into the Sub7 IRC server, repeating the disclosure of the machine's IP
address and awaiting port number. No alerts were raised, nothing was flashing
in the system tray. The Trojans were not hampered and I received no indication
that anything wrong or dangerous was going on.

I took a lot of grief after my LeakTest utility cut right through BlackICE
Defender. Network ICE told everyone that LeakTest was "being allowed through"
because it was a completely benign Trojan. I knew that was a load of bull (and
they must have too), but it didn't really matter to me, and I had no
affirmative means of proving otherwise.

Well . . . I have that now, and so do you.

If you think that Leaktest and some PFW with Application Control is some kind of savior, then what can I say? And the fact that you even bring up Leaktest and that damn Gibson, tells me just what you know, nothing.


I performed one final test: As I had with ZoneAlarm, I attempted to connect to
the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and
listening port number the Trojan was advertising all over the Internet . . .
and it worked perfectly. I received Sub7's "PWD" prompt asking me to login.

Well, see if ZA can stop anything at system boot and logon, when the PFW has not been started first before the O/S can make a TCP/IP connection and the malware can start and get there before the PFW can be started, since any 3rd party PFW is NOT and integrated part of the O/S.

Install Gator on that machine and set all the little rules with your PFW and see if it can stop Gator from calling home, at system boot and logon. You should install Active Ports (free), set its refresh rate to high, put a short-cut for AP in the Start folder and boot the machine and logon. You see if that PFW can get to the TCP/IP and stop Gator.


Anyone want an "only used once"
copy of BlackICE Defender?

I certainly have no use for it.

The bottom line is BI, ZA and the rest of that crap are not FW(s), period, just machine level packet filters that can be circumvented, and defeated easily.


To anyone who is still stubborn enough to insist that BlackICE Defender is
actually good for something: PLEASE do not write to me. I don't want to hear
it.


I'm a scientist who will not find your mystic beliefs to be compelling. I
respect your right to your own opinions, no matter how blatantly they fly in
the face of logic and reality. That is, after all, the nature of faith. Happy
computing. I suggest prayer.

To anyone that thinks that a PFW is all that, like this person that's a scientist, not in IT as a profession, not in security as a profession, doesn't know anything, went to Leaktest mind you Leaktest and that *clown*, Gibson, well what can I say.

Scientist, you're a dime a dozen and we've have seen your kind before. You you need to get on your scientist big wheel and go play in street traffic.

Here you go scientist, learn about firewalls instead of popping off your mouth about a 3rd party personal packet filter and what you know, you don't know.

http://www.vicomsoft.com/knowledge/reference/firewalls1.html
http://www.more.net/technical/netserv/tcpip/firewalls/
.



Relevant Pages

  • Re: Blackice Firewall
    ... > NetworkICE's BlackICE Defender Update ... > its users by effectively cheating the LeakTest. ... > completely free personal firewalls, BID's publisher, NetworkICE, ... The notion of stealth is crap and as long as the port is closed it is ...
    (comp.security.firewalls)
  • Re: Need old BlackICE software
    ... BlackICE Defender v2.5? ... on the dialogs being held by the Zombies and Trojans running inside the poor ... The Sub7 Trojan sent off its eMail containing the ... machine's IP and the port where it was listening. ...
    (comp.security.firewalls)
  • Re: Blackice Firewall
    ... NetworkICE's BlackICE Defender Update ... BlackICE Defender continues to "leak" as defined by LeakTest. ... Defender, a personal firewall, supposedly to prevent this ...
    (comp.security.firewalls)
  • Re: Need old BlackICE software
    ... BlackICE Defender v2.5? ... The Sub7 Trojan sent off its eMail containing the ... if you install BlackICE after a Trojan application has been ...
    (comp.security.firewalls)