I always thought it was illogical to let packets reach the machine I'm trying to protect. I'd rather pass through a dedicated machine. Are there any advantages TO using a production machine as a firewall??
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick FitzGerald Sent: Wednesday, June 04, 2003 8:12 PM To: [EMAIL PROTECTED] Subject: Re: AW: [Full-Disclosure] Zone Alarm "Michael Linke" <[EMAIL PROTECTED]> wrote: > There is one big benefit, ... Correction -- it used to be a benefit (I'll let others quibble over how good a benefit, as it is now largely gone so its former value is pretty much moot...). > ... which no hardware router can bring you. Zone alarm > and other Windows based Software Firewalls can block network access for > programs. A HW firewall can only block a whole machine but can't denied > access for one software and allow access for another software on the same > machine. And for the last six months, what is (almost) the first thing nearly every new virus and trojan of any consequence does? Yep -- troll the process list for process names matching a _huge_ (and ever growing) list of personal firewall, antivirus, anti-Trojan, anti-adware, etc programs and kill all processes with a match. The "integrity management (of network-connecting software) on the cheap" advantage of PFWs has now passed on, so please do not tout it as if it is something really useful. -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
