Re: AW: Zone Alarm

[Michael Reilly <michaelr () cisco com>]

If I understand you correctly I think you mean, for example, to block Outlook/Netscape/Other_mail_client from fetching 
images and sending cookies often found in SPAM by blocking any outgoing access except to smtp/pop/imap on the server 
but letting a web browser use http?

The SW firewall can be useful for this but wouldn't it be better to use a well behaved application instead?

michael
On Wed, 4 Jun 2003 22:37:50 +0200
"Michael Linke" <ml () intract org> wrote:

> There is one big benefit, which no hardware router can bring you. Zone alarm
> and other Windows based Software Firewalls can block network access for
> programs. A HW firewall can only block a whole machine but can't denied
> access for one software and allow access for another software on the same
> machine. 
>
>
>
>
> intract - any business anywhere
> Michael Linke
> Netzwerkadministrator
> Heilbronnerstr. 50
> D-73728 Esslingen
> Germany
> Phone  : +49 384 16297 50
> Fax      : +49 711 35152 89
> mobile  : +49 178 51 52 959
> e-mail   : ml () intract org
> ICQ      : 141033973
> webside:   http://www.intract.org
>
>
> > -----Ursprüngliche Nachricht-----
> > Von: full-disclosure-admin () lists netsys com [mailto:full-disclosure-
> > admin () lists netsys com] Im Auftrag von Jason
> > Gesendet: Mittwoch, 4. Juni 2003 20:53
> > An: morning_wood
> > Cc: Ben Tyson-Norrman; full-disclosure () lists netsys com
> >
> > Unfortunately the $40 'hardware' devices are not either.
> >
> > Please reference the excellent work by Core
> > http://www1.corest.com/common/showdoc.php?idx=276&idxseccion=10
> >
> > and the _much_ more expensive 'hardware' devices are just as prone
> >
> > http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml
> > http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml
> > http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilter-regression-
> > pub.shtml
> > ...
> > http://www.cisco.com/warp/public/707/advisory.html
> >
> > For a personal solution Zone Alarm is quite possibly more adequate and
> > appropriate.
> >
> > morning_wood wrote:
> >
> > > Zone Alarmbuy a $40 hardware router. Software firewalls are not a
> > security solution IMHO.
> > > morning_wood
> > >  ----- Original Message -----
> > >  From: Ben Tyson-Norrman
> > >  To: full-disclosure () lists netsys com
> > >  Sent: Wednesday, June 04, 2003 8:53 AM
> > >  Subject: [Full-disclosure] Zone Alarm
> > >
> > >
> > >  I'm not sure I can ask this question without derision, but here goes...
> > >
> > >  Zone Alarm, is it really as crap as everyone makes out.... or is the
> > usual posturing by ill-informed...?
> > >  Many thanks all
> > >
> > >  Visit our web site @ www.twowaytv.com
> > >  This e-mail and its attachments are intended for the above named
> > recipient(s) only and may be confidential, legally privileged and
> > protected by law. If you are not a named addressee or have received this
> > transmission in error, please notify us immediately at
> > postmaster () twowaytv co uk and then delete this e-mail. As Internet
> > communications are not secure we do not accept legal responsibility for
> > the contents of this message or responsibility for any change made to this
> > message after the original sender sent it.  Save for this legal notice,
> > the contents or opinions contained within this e-mail are solely those of
> > the sender and do not necessarily represent those of Two Way TV Ltd unless
> > otherwise specifically stated.
> > >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
---- ---- ----
Michael Reilly    michaelr () cisco com
    Cisco Systems, Santa Cruz, CA
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html