> -----Original Message-----
> From: Jamy Klein [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, December 19, 2000 1:52 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: your mail: Desktop FW LEAKing
>
>
> this isn't news... every firewall on this planet has this
> problem with the
> exception of zonealarm. It's not just personal firewalls.
>
> Your corporate firewall doesn't care what app goes out port
> 25. Currently
> their is no effective way to block apps going out a corporate
> firewall.
Uhhh, that's not entirely true. Granted there are always ways to
circumvent _ANY_ perimeter security device apart from the Ultimate
Firewall, but you can minimize the risks with a decent network
architecture and some amount of diligence.
The
> only solution thus far is to install zonealarm or something
> similar on each
> workstation.
No; leave that stuff off corporate desktops. There are better ways to
accomplish what they do.
> It amuses me that this problem has been around since the advent of
the
> firewall, and people are just now starting to care.
Well, I wouldn't say that people are just now starting to care. People
have cared for a long time, and there is Much Work being done on this
problem in the world of enterprise level security. However, the world
of "personal firewalls" is new, and hasn't yet matured since these
devices are just now being asked to serve as protection for hosts
permanently connected to the internet. I'm not sure whether there is
anything they can do aside from continually raising the bar.
Henry
>
> Jamy
>
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Bernd Eckenfels
> Sent: Tuesday, December 19, 2000 12:38 PM
> To: Basti Bommel
> Cc: Lee Dana-Renee; [EMAIL PROTECTED]
> Subject: Re: your mail: Desktop FW LEAKing
>
>
> On Tue, Dec 19, 2000 at 03:21:24PM +0100, Basti Bommel wrote:
> > C�mon Bernd! I thin k all of us here read the letter twice
> > during the last three days. We all know about it!
> > I don�t bother whether if it is as "safe" as the marketing says,as
> > lonhg as I got cotrol over the apps connecting to the
> > internet and I got info about who tries to connect to my SOHO
> > ALright?
>
> But it does not. I will not take more than 2 weeks and you
> can read it in
> the next announcement from steve that zonelab will not detect
> the method
> used by the next leaktest.
>
> Greetings
> Bernd
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
