Switching from ZoneAlarm to Jetico

[Guest]

Archived from groups: comp.security.firewalls (More info?)

After seeing the latest ZoneAlarm update (it has an even larger "mind
of its own" when it comes to the safe-list safePrograms.xml, which I
really don't like) I'm seriously considering switching to another
personal firewall.
I came across Jetico which seems like a nice no-bloatware thing. Any
thoughts, suggestions, recommendations...?

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

level13@gmail.com wrote:
> After seeing the latest ZoneAlarm update (it has an even larger "mind
> of its own" when it comes to the safe-list safePrograms.xml, which I
> really don't like) I'm seriously considering switching to another
> personal firewall.

Better idea: forget "Personal Firewalls". Just use the Windows-Firewall.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Volker Birk, 9/15/2005, 1:24:56 PM, <4329ae68@news.uni-ulm.de> wrote:

> level13@gmail.com wrote:
> > After seeing the latest ZoneAlarm update (it has an even larger
> > "mind of its own" when it comes to the safe-list safePrograms.xml,
> > which I really don't like) I'm seriously considering switching to
> > another personal firewall.
>
> Better idea: forget "Personal Firewalls". Just use the
> Windows-Firewall.
>
> Yours,
> VB.

What if you do not have WXP?

--
"They call it golf because all of the other four-letter words were
taken." -- Raymond Floyd

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
> > Better idea: forget "Personal Firewalls". Just use the
> > Windows-Firewall.
> What if you do not have WXP?

Then there are other options. It is a good idea not to run any servers,
which listen() to the wild, of course. Unfortunately, Windows in it's
default configuration runs many such servers. Nobody knows why, of course,
because usually no-one needs or even wants them (most people even don't
know).

But these servers are the reason, why one will need filtering software
on a Windows box.

Switching off this software programs will result in not needing any
port filter software any more.

Unfortunately, Microsoft makes it difficult for Windows 2000 and Windows XP
users to switch them all off. This is why Torsten Mann created this very
useful script:

http://www.ntsvcfg.de/ntsvcfg_eng.html

If you're not used to deal with scripts, I hacked a small Windows program,
which does just the same:

http://www.dingens.org/index.html.en

If you're running Windows 9x, i.e. Windows 95, Windows 98 or Windows ME,
then it's very easy for you to switch those servers off: just unbind them
from the TCP/IP network protocol in the network settings.

Please test with:

C:\> netstat -an

wether there is no process LISTENING any more, which is not bound to
localhost 127.0.0.1, _before_ you connect to the Internet again.

If you're doing so, and if you're PC is nothing offering to the Internet
any more, then you don't need a packet filter any more.

If you want a packet filter, also Windows 2000 has one. It's a little bit
hidden, because Microsoft calles the user interface for it "IPSec" (which
of course usually is somewhat completely different ;-)

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On 15 Sep 2005 20:59:51 +0200, Volker Birk <bumens@dingens.org> wrote:

>Unfortunately, Microsoft makes it difficult for Windows 2000 and Windows XP
>users to switch them all off. This is why Torsten Mann created this very
>useful script:
>
>http://www.ntsvcfg.de/ntsvcfg_eng.html
>
>If you're not used to deal with scripts, I hacked a small Windows program,
>which does just the same:
>
>http://www.dingens.org/index.html.en
>
>If you're running Windows 9x, i.e. Windows 95, Windows 98 or Windows ME,
>then it's very easy for you to switch those servers off: just unbind them
>from the TCP/IP network protocol in the network settings.

Of course, anyone who runs such scripts from untrusted/unverified
sources such as those above has much more to worry about than which
software firewall to use.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Volker Birk" <bumens@dingens.org> wrote in message
news:4329ae68@news.uni-ulm.de...
> Better idea: forget "Personal Firewalls". Just use the Windows-Firewall.

That's something of a mantra from you, so I looked up old messages for an
explanation of your opinion. I've wondered how a fw would prevent reaching
out and touching someone via http, and you demonstrate the answer: it can't
(though I suppose an opsys hook could prevent it). And maybe I didn't look
hard enough, but I didn't find anyone offering a technical argument why you
are wrong.

Of course, Gibson says ZoneAlarm is the cat's ass; perhaps that's enough.
And there are testimonials like "I've used 'Impregnable' for 50 years and
never got infected." (Never mind that this is like the person who, when told
that Homeland Security Dept. is a bureaucratic boondoggle, says that can't
be true because we've had no attacks since it was created.) But all that
aside, it's just general knowledge that anything included in Windows must
have some serious flaws.

nf

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Eamon Santiago <esantiago@polyhedraltech.edu.invalid> wrote:
> Of course, anyone who runs such scripts from untrusted/unverified
> sources such as those above has much more to worry about than which
> software firewall to use.

Torsten's and my site are as trusted or as untrusted as any "Personal
Firewall" manufacturor's homepage.

But: in contrast to most of the "Personal Firewalls", Torsten's script
and my small program are Free Software.

You can get the source code, and check yourself, what it's doing.
Please feel free to do so.

Torsten's script is in source code (as every script), you can find the
source code for my small program here:

http://www.dingens.org/win32sec-en-src.zip

You can compile this with Microsoft Visual C++, or with MinGW.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

nutso fasst <no.replies@no.where> wrote:
> "Volker Birk" <bumens@dingens.org> wrote in message
> news:4329ae68@news.uni-ulm.de...
> > Better idea: forget "Personal Firewalls". Just use the Windows-Firewall.
> That's something of a mantra from you, so I looked up old messages for an
> explanation of your opinion.

If there are any questions, of course I'm happy to explain.

> I've wondered how a fw would prevent reaching
> out and touching someone via http, and you demonstrate the answer: it can't
> (though I suppose an opsys hook could prevent it).

Yes, this simple approach I chose could be prevented by having a message
hook, and filtering out those messages to the webbrowser.

But this only is the easiest way I found, and it already worked.
There are many other ways, too, to do the same.

> And maybe I didn't look
> hard enough, but I didn't find anyone offering a technical argument why you
> are wrong.

I cannot see that either.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"