Re: PC Firewall Choices

[greybrimstone () aim com]

Thats assuming that malware isn't being designed for that firewall. I'm 
sure you already know that software is software regardless of the 
hardware that it is running on. Likewise a vulnerability is still a 
vulnerability...

I suppose you could r/o the system... but you need to write the confs 
somewhere right?

-Adriel

-----Original Message-----
From: Valdis.Kletnieks () vt edu
To: Nick Hyatt <me () n33t org>
Cc: full-disclosure () lists grok org uk
Sent: Tue, 17 Jan 2006 21:08:39 -0500
Subject: Re: [Full-disclosure] PC Firewall Choices

 On Tue, 17 Jan 2006 18:59:52 MST, Nick Hyatt said:
> Given the choice between one of those selections and a standard 
Linksys
> router / firewall combo, wouldn't it be safer to go with the hardware
> firewall? I find the configuration options to be quite a bit more 
in-depth,
> and the hardware firewall doesn't get itself as stuck in the system 
as say,
> ZA does.

Even more important, a hardware firewall can't be compromised as easily
by malware that's on a host behind the firewall.  It's easy for a 
program
on a PC to tell ZA to look the other way.  It's a little harder for it 
to
tell a hardware firewall to look the other way.

Unless of course, the firewall implements the UPnP "Pants Down!" RPC.. 
;)

  _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and 
industry-leading spam and email virus protection.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/