I'm not trying to start a firewall war, but as you say, ZoneAlarm must be
set up to allow each program to communicate over the network. This seems
entirely to much work to me, plus AFAIK when you install a new program on
the box you have to click on a little box to let the program have access
unless you do so before. I don't want to rely on a software firewall to
block anything, just to give me immidiate access to information on who is
attacking. Also having to configure all of the programs that need access to
the network to be allowed in ZoneAlarm seems to me like a major pia...I
dont even want to count every single program that needs network access on
one of our webservers...
Steve Gibson though, is a flaming moron though. They do say that ignorance
is bliss, so you have a nice day too.
jon
At 10:24 AM 7/31/2001, you wrote:
>Hi Jon;
>
>We have put Zone Alarm on a typical server and it works fine. Takes a
>little bit of work getting it configured, but at least it works. And it
>does BLOCK more than your BlackIce. We have had both installed and your
>BlackIce let entirely TOO MUCH stuff through. I too agree with Steve
>Gibson, so your statement is entirely incorrect also, as there is someone
>else who feels the way that Steve does.
>
>Thank you and good day.
>
>Larry Juncker
>Cold Fusion Developer
>Heartland Communications Group, Inc.
>[EMAIL PROTECTED]
>
>-----Original Message-----
>From: Jon Hall [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, July 31, 2001 9:19 AM
>To: CF-Talk
>Subject: RE: Got the fellow, but....
>
>
>The only person that I know who feels that way is Steve Gibson... The man
>gets under my skin and I disagree with everything he says including his
>opinion that ZoneAlarm is better than BlackIce. I'd like to see someone put
>ZoneAlarm on a typical web server..hehe.
>
>jon
>
>At 05:57 AM 7/31/2001, you wrote:
> >I heard BlackIce was useless. ZoneAlarm does a better job apparently.
> >
> >-----Original Message-----
> >From: [EMAIL PROTECTED]
> >[mailto:[EMAIL PROTECTED]]On Behalf Of Jon Hall
> >Sent: Tuesday, 31 July 2001 5:41 AM
> >To: CF-Talk
> >Subject: Re: Got the fellow, but....
> >
> >
> >This is why we keep BlackIce on all of our servers, and set it to accept
> >everything. It will still give you a heads up on potential bad guys and
> >allow you to block the ip address very quickly.
> >With all of the recent worm stuff going around, we decided to invest in
> >Cisco's IDS, and have it logging live to a SQL server database...very cool
> >stuff. IDS actually inspects every packet going across the wire and flags
> >suspicious traffic, which you can set custom actions to happen if a certain
> >flag goes up, like blocking the ip at the router. It even detects Sircam...
> >
> >jon
> >
> >At 03:14 PM 7/30/2001, you wrote:
> > >I'm doing a pretty intensive watch on my server stastics and log files
> > >in real-time. sometimes I see people who try stupid stuff like:
> > >
> > >/winnt/system32/cmd.exe and trying to url hack (with ;drop tables) .
> > >
> > >my question is: when I'm seeing the guy's IP address in the stas server
> > >or log files, and the guy is still causing problem (i,e - trying to hack)
> > >what can I do to him? can I throw him, and only him away?
> > >will adding him to the banned IP in IIS helps immediatly?
> > >
> > >any other alternatives?
> > >
> > >Michael.
> > >
> > >
> > >
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
