RE: [OFFTOPIC] Zone Alarm

[Cedric Blancher <blancher () cartel-securite fr>]

Le jeu 05/06/2003 à 11:09, Lars Duesing a écrit :
> ZoneAlarm has in my eyes a very interesting feature. As it runs on the
> clients' system it can distinguish which (local) application is allowed
> to send data to the net. In days of gator et al a very nice feature.

This is to me the interest of so called personal firewalls. But I do not
like ZA, because its decisions are only application based. On tools such
as Kerio Personal Firewall, you can add rules to restrict applications
in terms of addresses, protocols and ports. If you consider what it is
possible to do through IE using ActiveX as an example, it could be a
good idea not to authorize this kind of application without network
restriction.

Btw, it makes ZA simple to use, but weak to me.

> So if an user knows how to use this personal firewalls, it is yet
> another step of security.

<metoo>Agree</metoo>

-- 
Cédric Blancher  <blancher () cartel-securite fr>
IT systems and networks security - Cartel Sécurité
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html