[OFFTOPIC] Zone Alarm

["Kurt Seifried" <listuser () seifried org>]

Increased complexity is not a good thing. Think about it folks:

Solution A) PC with zonealarm, relatively easy to configure (it's what I
reccomend to most users).

Solution B) Hardware firewall with potential security flaws such as web
interface, firmware flaws, etc. Difficult for user to update, if firmware
update fails product is largely "Dead". None of these systems I have seen
have automated updates or even prompt the user to check for new software
versions/etc. Result: firmware falls out of date, web interface/etc possibly
exposed, increased exposure for user.

Solution C) a PC with some form of UNIX installed to act as a firewall. User
needs to learn to become UNIX administrator, configure and update system.
You are kidding right? This opens up a HUGE number of potential
vulnerabilities, increases complexity hugely, and costs quite a bit as well.

This is insane.

NOW PLEASE LET'S KILL THIS THREAD.  DO NOT REPLY TO THIS PUBLICLY.

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html