Re: Need old BlackICE software



In article <45949C64.352BF332@xxxxxxxxxxxxxxxx>, Tony@xxxxxxxxxxxxxxxx
says...
You talk a lot like the guy on this web site. The men in the white coats took
this guy to the mental asylum after he spoke to the FBI.
http://www.grc.com/dos/grcdos.htm Note what the lunatic says about black
ice defender. BlackICE Defender v2.5 ($39.95) ?

I did not have a current copy of BlackICE Defender around, but I felt that
this was an important test. So I laid out $39.95 through Network ICE's
connection to the Digital River eCommerce retailer and purchased the latest
version (v2.5) of BlackICE Defender hot off the Internet. I had already
removed all traces of ZoneAlarm and restarted the machine, so I installed
BlackICE Defender, let everything settle down, and restarted the machine with
my packet sniffer running on an adjacent PC.

As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER
on the dialogs being held by the Zombies and Trojans running inside the poor
"Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal
firewall, but this even surprised me.

The Zombie/Bot happily connected without a hitch to its IRC chat server to
await further instructions. The Sub7 Trojan sent off its eMail containing the
machine's IP and the port where it was listening. Then it connected and logged
itself into the Sub7 IRC server, repeating the disclosure of the machine's IP
address and awaiting port number. No alerts were raised, nothing was flashing
in the system tray. The Trojans were not hampered and I received no indication
that anything wrong or dangerous was going on.

I took a lot of grief after my LeakTest utility cut right through BlackICE
Defender. Network ICE told everyone that LeakTest was "being allowed through"
because it was a completely benign Trojan. I knew that was a load of bull (and
they must have too), but it didn't really matter to me, and I had no
affirmative means of proving otherwise.

Well . . . I have that now, and so do you.

I performed one final test: As I had with ZoneAlarm, I attempted to connect to
the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and
listening port number the Trojan was advertising all over the Internet . . .
and it worked perfectly. I received Sub7's "PWD" prompt asking me to login.

Anyone want an "only used once"
copy of BlackICE Defender?

I certainly have no use for it.

To anyone who is still stubborn enough to insist that BlackICE Defender is
actually good for something: PLEASE do not write to me. I don't want to hear
it. I'm a scientist who will not find your mystic beliefs to be compelling. I
respect your right to your own opinions, no matter how blatantly they fly in
the face of logic and reality. That is, after all, the nature of faith. Happy
computing. I suggest prayer.





While im not a user of blackice
Doesnt blackices application control feature recommend that it be
virus/trojan free before application control is run though?.


"For example, if you install BlackICE after a Trojan application has been
installed on your machine, BlackICE assumes the application is known to
you and does not block it from launching or contacting a network.

Important: To get the full benefit of Application Protection, make sure
your system is free of dangerous applications before installing BlackICE
by scanning your system for viruses with an anti-virus program."

https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=
1112&p_created=1023938991
&p_sid=YZkWSkqi&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PWRmbHQmcF9ncmlkc29yd
D0mcF9yb3dfY250PTE2MyZwX3Byb2RzPSZwX2NhdHM9JnBfcHY9JnBfY3Y9JnBfc2VhcmNoX3
R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1hcHBsaWNhdGl
vbiBjb250cm9s&p_li=&p_topview=1

me
.



Relevant Pages

  • Re: Need old BlackICE software
    ... version of BlackICE Defender hot off the Internet. ... The Sub7 Trojan sent off its eMail containing the ... I took a lot of grief after my LeakTest utility cut right through BlackICE ... Well, see if ZA can stop anything at system boot and logon, when the PFW has not been started first before the O/S can make a TCP/IP connection and the malware can start and get there before the PFW can be started, since any 3rd party PFW is NOT and integrated part of the O/S. ...
    (comp.security.firewalls)
  • Re: Need old BlackICE software
    ... BlackICE Defender v2.5? ... on the dialogs being held by the Zombies and Trojans running inside the poor ... The Sub7 Trojan sent off its eMail containing the ... machine's IP and the port where it was listening. ...
    (comp.security.firewalls)
  • Re: Strange Findings
    ... | indicated my computer being clean......no infections. ... | Defender, ... Trojan Downloader:Win32/ZLOB.ANN, ... the sav0.dat and sav1.dat are related to SAV.EXE and SAV.CPL which are all found in a Self Extracting archive file that is download by a Zlob trojan downloader. ...
    (alt.comp.anti-virus)
  • Re: Strange Findings
    ... | indicated my computer being clean......no infections. ... | Defender, ... Trojan Downloader:Win32/ZLOB.ANN, ... Extracting archive file that is download by a Zlob trojan downloader. ...
    (alt.comp.anti-virus)
  • Re: Strange Findings
    ... | indicated my computer being clean......no infections. ... | Defender, ... Trojan Downloader:Win32/ZLOB.ANN, ... Extracting archive file that is download by a Zlob trojan downloader. ...
    (alt.comp.anti-virus)