![]() Outbound filtering is a feel-good measure only, not proper security, for two reasons.First, if the firewall is catching something malicious it is obvious that the system has already been compromised. Quote:Originally posted by Dilbert:quote:Originally posted by travathian:Wow, so the Windows firewall will stop outgoing connections now? Yes but it doesn't matter. Do you wish to allow this (YES) (NO).OMG a virus!!!! How would the OP reply to that prompt?MS has added outbound filtering in Vista because they got tired of people bitching that they didn't have it, and some of their competitors had it. Take this real-world ZA prompt, for example: "ZA has detected program LSASS attempting to connect to the Internet address 127.0.0.1. The user would need to have an in-depth knowledge of Windows in order to determine the correct course of action. Etc.Second, outbound filtering relies on the user to correctly identify wanted and unwanted apps when presented with the allow/deny prompts. That means that the malware could bypass the firewall, or shut it down, or just wait until the user shuts it down, and then send its data back to its creator. There are unwanted processes running on the machine that have at least the same access level as the user, and perhaps even more (local system). Quote:Originally posted by travathian:Wow, so the Windows firewall will stop outgoing connections now? Yes but it doesn't matter. ![]() Somehow it became popular, though, and people still insist on using it. We eventually made it "standard procedure" to ask people to un-install ZoneAlarm if they were using it and had problems with internet access. Then his internet would break again, and he'd call, and we'd tell him to un-install it.He wasn't the only one. ![]() But then a few weeks later, he'd re-install it, because he thought he needed it. So every month, we'd tell him to uninstall ZoneAlarm. It's awful.I used to work for an ISP, and we had one customer who would call us every other month or so, to say that his internet access was broken. But it CUT OFF YOUR INTERNET ACCESS.That happens all the time with ZoneAlarm. Quote:Until it cut off my internet access I was perfectly happy with it. Any suggestions? IIRC, Zone Alarm messes-up with OS's so-called "LSA Providers", and AFAIK there's even a patch available that fixes such "no Internet access anymore" problems caused by Zone Alarm program installations/upgrades. So far the only way to get my internet back is to disable ZA. I checked all of program accesses, thinking maybe just my browser was cut off, but everything appeared normal there. I checked to make sure its internet lock was not on (not sure about the name, its the button that cuts off your internet) and it wasn't. I recently updated my Zone Alarm free edition and when I rebooted. Quote:Originally posted by EvoBlade:Before I even get started, let me say the disclaimer that I have been running w/o a firewall for a week or two because of this, so some of the details may be a little fuzzy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |