Re: Need old BlackICE software
- From: bassbag <bassbag@xxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 29 Dec 2006 11:11:39 -0000
In article <45949C64.352BF332@xxxxxxxxxxxxxxxx>, Tony@xxxxxxxxxxxxxxxx
You talk a lot like the guy on this web site. The men in the white coats tookWhile im not a user of blackice
this guy to the mental asylum after he spoke to the FBI.
http://www.grc.com/dos/grcdos.htm Note what the lunatic says about black
ice defender. BlackICE Defender v2.5 ($39.95) ?
I did not have a current copy of BlackICE Defender around, but I felt that
this was an important test. So I laid out $39.95 through Network ICE's
connection to the Digital River eCommerce retailer and purchased the latest
version (v2.5) of BlackICE Defender hot off the Internet. I had already
removed all traces of ZoneAlarm and restarted the machine, so I installed
BlackICE Defender, let everything settle down, and restarted the machine with
my packet sniffer running on an adjacent PC.
As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER
on the dialogs being held by the Zombies and Trojans running inside the poor
"Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal
firewall, but this even surprised me.
The Zombie/Bot happily connected without a hitch to its IRC chat server to
await further instructions. The Sub7 Trojan sent off its eMail containing the
machine's IP and the port where it was listening. Then it connected and logged
itself into the Sub7 IRC server, repeating the disclosure of the machine's IP
address and awaiting port number. No alerts were raised, nothing was flashing
in the system tray. The Trojans were not hampered and I received no indication
that anything wrong or dangerous was going on.
I took a lot of grief after my LeakTest utility cut right through BlackICE
Defender. Network ICE told everyone that LeakTest was "being allowed through"
because it was a completely benign Trojan. I knew that was a load of bull (and
they must have too), but it didn't really matter to me, and I had no
affirmative means of proving otherwise.
Well . . . I have that now, and so do you.
I performed one final test: As I had with ZoneAlarm, I attempted to connect to
the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and
listening port number the Trojan was advertising all over the Internet . . .
and it worked perfectly. I received Sub7's "PWD" prompt asking me to login.
Anyone want an "only used once"
copy of BlackICE Defender?
I certainly have no use for it.
To anyone who is still stubborn enough to insist that BlackICE Defender is
actually good for something: PLEASE do not write to me. I don't want to hear
it. I'm a scientist who will not find your mystic beliefs to be compelling. I
respect your right to your own opinions, no matter how blatantly they fly in
the face of logic and reality. That is, after all, the nature of faith. Happy
computing. I suggest prayer.
Doesnt blackices application control feature recommend that it be
virus/trojan free before application control is run though?.
"For example, if you install BlackICE after a Trojan application has been
installed on your machine, BlackICE assumes the application is known to
you and does not block it from launching or contacting a network.
Important: To get the full benefit of Application Protection, make sure
your system is free of dangerous applications before installing BlackICE
by scanning your system for viruses with an anti-virus program."
- Prev by Date: Re: outbound filtering
- Next by Date: Re: outbound filtering
- Previous by thread: Re: Need old BlackICE software
- Next by thread: Re: Need old BlackICE software