Full Disclosure mailing list archives
RE: [OFFTOPIC] Zone Alarm
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Thu, 5 Jun 2003 13:37:26 -0500
Here's a question for you. Which would you prefer? 1) An uninformed user plugs in a router and thinks they are now safe from any and all exploits without having to do anything else - ever. 2) An uninformed user who downloads and installs a PFW and then discovers that all sorts of applications he's been running want to "contact" the Internet. Now he has to decide what's good and what's bad. Oh, and he's also being notified when something tries to access his machine, which *might* make him paranoid but will *certainly* increase his awareness. I'd rather have number 2. At least he will learn something. You seem to think that routers are plug and forget. That's a dangerous assumption. Others have indicated that they think that being NAT'd is the answer to security. That's another dangerous assumption. At least with the PFW the user is going to be exposed to the bad stuff that goes on all the time. Perhaps then, when they *do* get a router, they'll realize that they can't just plug it in and forget it exists. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ -----Original Message----- From: JT [mailto:ptourvi1 () twcny rr com] Sent: Thursday, June 05, 2003 9:13 AM To: 'Shawn McMahon'; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] [OFFTOPIC] Zone Alarm This is a lame basis for your argument. You provide 2 vulnerabilities that are old. Everything has vulnerabilities, I will not waste my time search ZA for one, it's in there, it's a proven statistic. Now, explain to me how having one of your uninformed users make a decision for every app that wants to access the internet is better than plugging a router in and being done for the most part. Which is easier? Right, the router is easier because they just plug it in and go. You would have us believe that these "inept" users WITHOUT ANY computer person are going to be smart enough to FIND zone alarm, INSTALL it, CONFIGURE it, and then decide each time anything wants to hit the net. Please, spend 30 more seconds and show me some CURRENT vulnerabilities. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [OFFTOPIC] Zone Alarm, (continued)
- RE: [OFFTOPIC] Zone Alarm Schmehl, Paul L (Jun 05)
- Re: [OFFTOPIC] Zone Alarm Valdis . Kletnieks (Jun 05)
- RE: [OFFTOPIC] Zone Alarm John Ruppert (Jun 05)
- Re: [OFFTOPIC] Zone Alarm Robert J. Liebsch (Jun 05)
- Re: [OFFTOPIC] Zone Alarm Valdis . Kletnieks (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Ben Tyson-Norrman (Jun 05)
- RE: [OFFTOPIC] Zone Alarm eddie (Jun 05)
- Re: [OFFTOPIC] Zone Alarm John Ruppert (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Robert J. Liebsch (Jun 05)
- RE: [OFFTOPIC] Zone Alarm tstowell (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Schmehl, Paul L (Jun 05)
- RE: [OFFTOPIC] Zone Alarm tstowell (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Schmehl, Paul L (Jun 05)
- Re: [OFFTOPIC] Zone Alarm yossarian (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Brad Bemis (Jun 05)
- RE: [OFFTOPIC] Zone Alarm David Vincent (Jun 05)
- RE: [OFFTOPIC] Zone Alarm eddie (Jun 05)
- Re: [OFFTOPIC] Zone Alarm morning_wood (Jun 05)
- RE: [OFFTOPIC] Zone Alarm eddie (Jun 05)
- RE: [OFFTOPIC] Zone Alarm Schmehl, Paul L (Jun 05)