Re: OT: Which firewall is best?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
nobody@mixmaster.it says...
Quoted text here. Click to load it

George, that's why I'm not playing the game. All of the problems with
running a personal firewall, as well as Windows XP Firewall have been
documented many times, I'm not going to rehash them when you could spend
YOUR OWN TIME doing a google search.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?


wrote:

Quoted text here. Click to load it

You blurt out crap and can't substantiate it.


Jim.


Re: OT: Which firewall is best?

James Egan wrote:
Quoted text here. Click to load it

Reminiscent of that fellow in Elgin IL that was a router salesman,
also shilled for Black Ice FW, that's why he was called buckwheat.

Re: OT: Which firewall is best?

Quoted text here. Click to load it

LOL - and now you're trolling.

Google will prove your claim wrong.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?


wrote:

Quoted text here. Click to load it

We've already done the googling earlier in the thread.  It didn't
substantiate anything you said yet you continue to ramble on about non
existent "holes" in the windiws firewall.


Jim


Re: OT: Which firewall is best?


| We've already done the googling earlier in the thread.  It didn't
| substantiate anything you said yet you continue to ramble on about non
| existent "holes" in the windiws firewall.

| Jim

There are holes in the Windows XP FireWall as it is EASY for a given trojan to
program and
overide the XP FireWall.

I just went through a bunch of dissections and found a bunch.
For example the Win32.vtub or PSW.FirePass will issue the command...

cmd.exe /c netsh firewall set opmode disable

Some trojans such as Vundo, Banker variants, TR/Delphi.Downloader.Gen,
Trojan-Downloader.Win32.BHO.al , and Goldun will modify...

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\

Here is a command once such trojan issued...

netsh firewall set allowedprogram "C:\WINDOWS\ntfyapp.exe" enable

This behaviour is less or not viable in Vista.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: OT: Which firewall is best?

On Sun, 22 Feb 2009 14:58:49 -0500, "David H. Lipman"

Quoted text here. Click to load it

If someone allows shit like that to run on their PC then the firewall is
the least of their worries.
It would not matter what firewall they run. They would be owned because
you can guarantee their PC security fails in more places than just a
meaningless software firewall. Running day-to-day as an administrator
for one thing.

Re: OT: Which firewall is best?



| If someone allows shit like that to run on their PC then the firewall is
| the least of their worries.
| It would not matter what firewall they run. They would be owned because
| you can guarantee their PC security fails in more places than just a
| meaningless software firewall. Running day-to-day as an administrator
| for one thing.

That would depend on many factors.

If it was NOT the WinXP FW then the 3rd party FW or FW appliance may have
blocked the
outboud communication/download or exfiltration of data.

Their PC may be "owned" but it would limit the extent of the damage.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: OT: Which firewall is best?

On Sun, 22 Feb 2009 17:06:52 -0500, "David H. Lipman"

Quoted text here. Click to load it

Glad you used the word "may" here.

Quoted text here. Click to load it

You should have used it again,  ^^^^^, here.

Re: OT: Which firewall is best?


| On Sun, 22 Feb 2009 17:06:52 -0500, "David H. Lipman"



Quoted text here. Click to load it



| Glad you used the word "may" here.

Quoted text here. Click to load it

| You should have used it again,  ^^^^^, here.

I didn't need to qualify everything.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: OT: Which firewall is best?

On Sun, 22 Feb 2009 17:50:14 -0500, "David H. Lipman"

Quoted text here. Click to load it

I agree. I would do the same if wishing to paint a biased picture.

Re: OT: Which firewall is best?

only.invalid says...
Quoted text here. Click to load it
>HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts
Quoted text here. Click to load it
>HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\
Quoted text here. Click to load it

Some firewall appliances, not the NAT routers sold to home users, can
detect compromised systems and block outbound from the source. Quality
firewalls with additional services can actually strip out malicious
content from browsing/email before it reaches the users machine.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

On 02/22/2009 04:36 PM, Leythos sent:
Quoted text here. Click to load it

Hello Leythos:

I am rather surprised that David Lipman was not the recipient of more
opposing opinions last Sunday when he agreed with you here and made his
posts to this thread.

In the land of the blind...

Best wishes to you,

Pete
--
1PW  @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]

Re: OT: Which firewall is best?


On Sun, 22 Feb 2009 14:58:49 -0500, "David H. Lipman"

Quoted text here. Click to load it

O gawd. Not you too!

Quoted text here. Click to load it

That's an internal command. It's not a "hole" in the firewall. You
should know better.

You can close anything down if you have access to an administrative
command shell. What has that got to do with firewalls? Last time I
tried it a simple wm_destroy signal to the process called zonealarm
was enough to despatch that to oblivion. What does that prove?
Nothing. Because the windows firewall's job is to filter
incoming/outgoing packets which it does without getting it's knickers
in a twist all the time. It doesn't claim to be the complete security
system.


Jim.


Re: OT: Which firewall is best?



| On Sun, 22 Feb 2009 14:58:49 -0500, "David H. Lipman"

Quoted text here. Click to load it

| O gawd. Not you too!


Quoted text here. Click to load it



| That's an internal command. It's not a "hole" in the firewall. You
| should know better.

| You can close anything down if you have access to an administrative
| command shell. What has that got to do with firewalls? Last time I
| tried it a simple wm_destroy signal to the process called zonealarm
| was enough to despatch that to oblivion. What does that prove?
| Nothing. Because the windows firewall's job is to filter
| incoming/outgoing packets which it does without getting it's knickers
| in a twist all the time. It doesn't claim to be the complete security
| system.


| Jim.


It is a hole and is easily exploited.  This is not the case with the FireWall in
Vista.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: OT: Which firewall is best?


On Sun, 22 Feb 2009 17:51:16 -0500, "David H. Lipman"

Quoted text here. Click to load it

It isn't a hole unless you can explain where the firewall failed and
you can't because it hasn't.


Jim.


Re: OT: Which firewall is best?

Quoted text here. Click to load it

I have to agree here. It isn't the job of an application to protect
itself from the consequences of carrying out the users wishes. A program
running with requisite permissions to disable the firewall should be
able to do so - it is not a hole.

Vista has implemented MIC which segregates actions within a users' space
so that some programs' actions cannot be performed even when running
with the users full administrators rights. Access permissions based on
integrity level are checked (and perhaps denied) *before* the user
permissions are even checked. So maybe Vista's firewall is somewhat
protected by relying on this mechanism? If so, this is an OS mechanism
and not a "firewall" protecting itself.

Anyway, this MIC thing is what frustrates many administrator account
users who think they should be all powerful.

...and the firewall's exceptions list is modified through an API . Also
not a hole - a feature.



Re: OT: Which firewall is best?

erratic@nomail.afraid.org says...
Quoted text here. Click to load it

If the user doesn't understand or approve of the HOLE then it's not
desirable.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: OT: Which firewall is best?

Comodo's firewall  is top-rated in three leading computer magazines as
the best free firewall -- ranking only slightly behind two others in
the most comprehensive tests. Comodo also=85  fares best among free
programs in user reviews. Although not flawless in leak tests (malware
programs that try to enable your computer for use by hackers), version
2.4 is one of four firewalls rated excellent by Matousec.com (of 42
tested). Reviewers like the basic and advanced operation options. With
the basic setting, the firewall isn't intrusive, but the advanced
setting allows more control and professional-level protection.

get herehttp://www.iyogi.net/firewall-configure.html
Quoted text here. Click to load it


Re: OT: Which firewall is best?

wrote:

Quoted text here. Click to load it

You stupid person.

Site Timeline