Re: PC Tools Firewall Question



louise <louise@xxxxxxxxxxxxxxx> wrote:
Sebastian Gottschalk wrote:
louise wrote:
So I tried Kerio 2.1.5 which is light and "to the point".

And has known vulnerabilities. I rest my case.

I added the rules you suggested about port blocking and all is
running beautifully and taking minimal resources.

And messing up your network connectivity.

I'm passing the Shields UP tests on both my desktop and my portable.

Ehm... and you don't consider this as a *bad* thing?

What doesn't have "known vulnerabilities" -

Known and unfixed vulnerabilities that are not going to be fixed,
because the product is out of support.

the same applied to Sygate, as I understood it.

Aside from Sygate having a serious design flaw: the same applies to any
software that isn't supported by its vendor anymore.

[...]
Blocking the ports doesn't appear to have messed up my network
connectivity at all - what "mess" are you referring to?

My experience with personal firewalls as well as what I hear from users
of personal firewalls is that many of them will sometimes fsck up the
network connection(s) for no apparent reason.

Why is it a "bad" thing to pass the Shield UP test?

It's not a bad thing per se. However, Steve Gibson doesn't really have a
clue when it comes to network and computer security, so his conclusions
and recommendations usually are misleading, to say the least. "Shields
UP" is okay if you can distinguish between fact and superstition.
However, in that case you'd probably be using something else (like nmap)
anyway.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.



Relevant Pages

  • CERT Advisory CA-2003-04 MS-SQL Server Worm
    ... code that most likely exploits two vulnerabilities in the Resolution ... traffic generated between hosts infected with the worm targeting SQL ... Activity of this worm is readily identifiable on a network by the ... protection whatsoever against the initial infection of systems. ...
    (Cert)
  • RE: Pre-Scanning for Marketing
    ... The controlling interest of the network has to have a inclination to secure ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Cisco CTR
    ... >> addresses, hop data, peer information and so on. ... easy mistake to make seeing as you have no idea what our network looks ... > vulnerabilities we actually think are vulnerabilities). ... Martin Roesch - Founder/CTO, Sourcefire Inc. - 290-1616 ...
    (Focus-IDS)
  • CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations (fwd)
    ... CERT Advisory CA-2002-03 Multiple Vulnerabilities in Many ... Products from a very wide variety of vendors may be affected. ... Many other systems making use of SNMP may also be vulnerable but were ... The Simple Network Management Protocol is a widely deployed ...
    (Focus-Microsoft)
  • Re: Cisco CTR
    ... The list of vulnerabilities ... > create a vulnerability in the context of a network. ... I think that passive discovery ... Sourcefire: ...
    (Focus-IDS)