Full Disclosure mailing list archives
RE: Zone Alarm
From: "Larry W. Cashdollar" <lwc () vapid ath cx>
Date: Wed, 4 Jun 2003 17:50:11 -0400 (EDT)
you can configure BSD to default to deny in the kernel. IPFILTER_DEFAULT_BLOCK #block all packets I have had my software firewall up since 1998, with no probelms. On Wed, 4 Jun 2003, Joe Hummel wrote:
I would agree with morning_wood - hardware routers are a much better way to go - when the device fails, you fail closed, as opposed to a software solution, where if it fails, you fail open (read - open=vulnerable). In addition, I've found that even the technically savvy get perplexed by some of the alerts generated by personal firewall software.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Zone Alarm Ben Tyson-Norrman (Jun 04)
- Re: Zone Alarm morning_wood (Jun 04)
- RE: Zone Alarm Joe Hummel (Jun 04)
- RE: Zone Alarm Larry W. Cashdollar (Jun 04)
- RE: Zone Alarm Ron DuFresne (Jun 05)
- Re: Zone Alarm Jason (Jun 04)
- AW: Zone Alarm Michael Linke (Jun 04)
- AW: Zone Alarm Michael Osten (Jun 04)
- Re: AW: Zone Alarm Jason (Jun 04)
- Re: AW: Zone Alarm Michael Osten (Jun 04)
- YABBT [1] - Re: Zone Alarm Jason (Jun 04)
- Re: YABBT [1] - Re: Zone Alarm Michael Osten (Jun 04)
- Re: YABBT [1] - Re: Zone Alarm Ron DuFresne (Jun 05)
- Re: YABBT [1] - Re: Zone Alarm Jason (Jun 05)
- RE: Zone Alarm Joe Hummel (Jun 04)
- Re: Zone Alarm morning_wood (Jun 04)