At 02:02 AM 2/27/00 -0500, [EMAIL PROTECTED] wrote:
>If i somehow get infected with a trojan such as Netbus or BO2k
>which opens a backdoor in my computer and allows access for
>others, will BlackIce stop the attacker from getting into my
>computer using that backdoor?
BID is not really a firewall, so no, it won't. It does monitor TCP and UDP
ports and will tell you if and when someone is portscanning you (though
often unnecessarily alarming the inexperienced), but that's about it. One
thing I noticed about it was that before I installed it on my test Windows
box, I portscanned the box from one of my Linux servers with nmap, and
found no open ports. Once I installed BID and portscanned again, there were
over 1400 ports open (mostly UDP). The BlackIce "support team" (meaning,
read the website's pages and forget about calling) says that this is
because portscanners often misread what BID is doing and that the ports
aren't really open. When I asked "support" by email to further explain
this, and gave all my relevant info, they turned around and asked me for
the details of the "problem" and for my license number, etc. (and this was
all quoted back to me at the bottom of their email, so they already had it
all). Great support, eh?
Anyway, "ports open" are ports open as far as I am concerned. I switched
over to ZoneAlarm and I've been fairly happy with it since, although it
does cause some Windows machines to suddenly freeze without warning,
needing a cold boot. It happens to me in DOS sessions (compiling, running
large programs, etc.). Hopefully subsequent versions will take care of that
problem. And the ZoneAlarm folks are willing to deal with their
"customers", unlike the BID folks.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
