Re: Re: Re: PC Firewall Choices

[<hummer () domeranger com>]

I have been following this discussion waiting for someone to mention another 
"feature" of Zone Alarm:
Posted January 13, 3:00 a.m. PST Pacific Time,
ROBERT X. CRINGELY                             http://www.infoworld.com/

A Perfect Spy? It seems that ZoneAlarm Security Suite has been phoning
home, even when told not to. Last fall, InfoWorld Senior Contributing
Editor James Borck discovered ZA 6.0 was surreptitiously sending
encrypted data back to four different servers, despite disabling all of
the suite's communications options. Zone Labs denied the flaw for nearly
two months, then eventually chalked it up to a "bug" in the software --
even though instructions to contact the servers were set out in the
program's XML code. A company spokesmodel says a fix for the flaw will
be coming soon and worried users can get around the bug by modifying
their Host file settings. However, there's no truth to the rumor that
the NSA used ZoneAlarm to spy on U.S. citizens.


:)

Hummer
----- Original Message ----- 
From: "Nancy Kramer" <nekramer () mindtheater net>
To: "Greg" <full-disclosure2 () pchandyman com au>; 
<full-disclosure () lists grok org uk>
Sent: Thursday, January 19, 2006 11:27 PM
Subject: RE: [Full-disclosure] Re: Re: PC Firewall Choices


> I have the paid ZA but I heard the free one was better.  Have no idea about 
> that but would never buy the paid version again.  At least now I know what 
> was happening.  Will try to look for that feature and set it to the maximum 
> minutes.  I only have it on my laptop which only goes on the internet 
> sporadically but generally goes on the internet on public wireless networks 
> which I think may not be all that secure.  Lots of times I am meeting with 
> someone there and we talk and then lookup something on the internet.  I 
> could see how time could pass quickly and I might not touch the computer 
> for awhile.  Thanks for the explanation.
>
> Regards,
>
> Nancy Kramer
>
>
>   At 10:10 PM 1/19/2006, Greg wrote:
>
>
>
> > > -----Original Message-----
> > > From: full-disclosure-bounces () lists grok org uk
> > > [mailto:full-disclosure-bounces () lists grok org uk] On Behalf
> > > Of Nancy Kramer
> > > Sent: Friday, 20 January 2006 2:30 PM
> > > To: Stan Bubrouski; full-disclosure () lists grok org uk
> > > Subject: Re: [Full-disclosure] Re: Re: PC Firewall Choices
> > >
> > >
> > > I admit I know nothing about firewalls but with ZA I have had
> > > to shut it
> > > down sometimes to go onto the internet.  I have no idea why.
> > > I just can't
> > > get on and when I shut it down I can.
> > >
> >
> > That'd be a well known and never fixed bug I reported to Zonelabs some 
> > years
> > back now. It has a feature to automatically lock internet connection after
> > so many minutes of inactivity. The length of time can be changed by the
> > user. What it REALLY did was cut off access to internet and any LAN you 
> > were
> > on, isolating you entirely and never actually let go of it when the user 
> > was
> > back at the keyboard. Exiting ZA let that go and internet and lan were
> > restored. You have the option to turn that feature OFF but even that 
> > didn't
> > stop the whole thing happening. So, about the only thing you could do was 
> > to
> > set the auto lock as high as it could go and turn the feature off. It 
> > would
> > still go off after that many minutes had passed (which I believe is 999 in
> > the PRO version and 99 in the free version) and lock you out again but it
> > was delayed by that much, at least.
> >
> > You CAN set certain programs to pass by its' lock, however. So, if you 
> > have
> > some computers almost always chattering away on a distributed project but
> > otherwise not touched, you could allow those programs to pass on even
> > though, should you attempt to get out with a simple web browser (where it
> > wasn't allowed to pass the lock), you cant. Saves some stuffing about on
> > such machines and let's face it - the more "free" some company execs see,
> > the more likely they are to use it. Surprising how many Windows based
> > companies use free ZA.
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> >
> >
> >
> > --
> > No virus found in this incoming message.
> > Checked by AVG Anti-Virus.
> > Version: 7.1.375 / Virus Database: 267.14.19/231 - Release Date: 1/16/2006
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.1.375 / Virus Database: 267.14.19/231 - Release Date: 1/16/2006
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/