P
Plato
Will said:
If you dont know than you shouldnt' be posting here.
If you dont know than you shouldnt' be posting here.
W
Will Denny
| Will Denny wrote:
| >
| > What is TechTV? Don't tell me it's one of these 'helpful' PC programs,
that
|
| If you dont know than you shouldnt' be posting here.
US based? Can't receive it here in the UK!!
| >
| > What is TechTV? Don't tell me it's one of these 'helpful' PC programs,
that
|
| If you dont know than you shouldnt' be posting here.
US based? Can't receive it here in the UK!!
C
CZ
[[Q. Should I use both Internet Connection Firewall and a software
firewall
from a different company on my Windows XP computer?
A. No. Running multiple software firewalls is unnecessary for typical home
computers, home networking, and small business networking scenarios. Using
two firewalls on the same connection could cause issues with connectivity to
the Internet or other unexpected behavior. One firewall, whether it is the
Windows XP Internet Connection Firewall or different software firewall, can
provide substantial protection for your computer.]]
Wesley:
I disagree. Firewalls use different technologies (stateless, SPI, stateful,
circuit level, application gate, IDS, proxy, et al.) and therefore can do
firewalling in different ways.
Using two firewalls can be desirable, as it allows one to cover what the
other misses, provided that running two does not cause problems.
Generally, I run ZA free (has weak outbound control as it is an application
gate, and is not IDS) and BlackIce (is IDS, monitors for suspicious
activity).
They run without problems.
firewall
from a different company on my Windows XP computer?
A. No. Running multiple software firewalls is unnecessary for typical home
computers, home networking, and small business networking scenarios. Using
two firewalls on the same connection could cause issues with connectivity to
the Internet or other unexpected behavior. One firewall, whether it is the
Windows XP Internet Connection Firewall or different software firewall, can
provide substantial protection for your computer.]]
Wesley:
I disagree. Firewalls use different technologies (stateless, SPI, stateful,
circuit level, application gate, IDS, proxy, et al.) and therefore can do
firewalling in different ways.
Using two firewalls can be desirable, as it allows one to cover what the
other misses, provided that running two does not cause problems.
Generally, I run ZA free (has weak outbound control as it is an application
gate, and is not IDS) and BlackIce (is IDS, monitors for suspicious
activity).
They run without problems.
W
Will Denny
| >> [[Q. Should I use both Internet Connection Firewall and a software
| firewall
| from a different company on my Windows XP computer?
| A. No. Running multiple software firewalls is unnecessary for typical home
| computers, home networking, and small business networking scenarios. Using
| two firewalls on the same connection could cause issues with connectivity
to
| the Internet or other unexpected behavior. One firewall, whether it is the
| Windows XP Internet Connection Firewall or different software firewall,
can
| provide substantial protection for your computer.]]
|
| Wesley:
|
| I disagree. Firewalls use different technologies (stateless, SPI,
stateful,
| circuit level, application gate, IDS, proxy, et al.) and therefore can do
| firewalling in different ways.
| Using two firewalls can be desirable, as it allows one to cover what the
| other misses, provided that running two does not cause problems.
|
| Generally, I run ZA free (has weak outbound control as it is an
application
| gate, and is not IDS) and BlackIce (is IDS, monitors for suspicious
| activity).
| They run without problems.
BlackIce isn't a Firewall - it thinks it is!!
| firewall
| from a different company on my Windows XP computer?
| A. No. Running multiple software firewalls is unnecessary for typical home
| computers, home networking, and small business networking scenarios. Using
| two firewalls on the same connection could cause issues with connectivity
to
| the Internet or other unexpected behavior. One firewall, whether it is the
| Windows XP Internet Connection Firewall or different software firewall,
can
| provide substantial protection for your computer.]]
|
| Wesley:
|
| I disagree. Firewalls use different technologies (stateless, SPI,
stateful,
| circuit level, application gate, IDS, proxy, et al.) and therefore can do
| firewalling in different ways.
| Using two firewalls can be desirable, as it allows one to cover what the
| other misses, provided that running two does not cause problems.
|
| Generally, I run ZA free (has weak outbound control as it is an
application
| gate, and is not IDS) and BlackIce (is IDS, monitors for suspicious
| activity).
| They run without problems.
BlackIce isn't a Firewall - it thinks it is!!
T
Tom
Will Denny said:
Explain the difference between your definitions of rubbish for a respected
TV PC show, and what goes on here? I watch it from time to time, and they DO
NOT instill anything, they give advice, and many visuals of the effects of
using PCs safely, or security issues, installing programs; they actually do
OS systems a service with these examples by making it easier for some,
something that isn't as easy here.. What is rubbish about that?
T
Tom
Will Denny said:
Exactly!
So why assume rubbish, if your experience is from your rubbish there? Things
happen all over the world, not just yours!
C
CZ
BlackIce isn't a Firewall - it thinks it is!!
Will:
You must be thinking of ZA free.
ZA free does not have strong outbound control, as it only uses application
gate technology, however, ZoneLabs, Steve Gibson, and most end users think
it offers strong protection.
Will:
You must be thinking of ZA free.
ZA free does not have strong outbound control, as it only uses application
gate technology, however, ZoneLabs, Steve Gibson, and most end users think
it offers strong protection.
W
Wesley Vogel
You can do what you want. MS says run one. 
--
Hope this helps. Let us know.
Wes
In
--
Hope this helps. Let us know.
Wes
In
CZ said:
N
NoNoBadDog!
So what you are saying is that ZoneLabs, Steve Gibson, and most endusers are
wrong? Would you please provide a link to your source that indicates that
it does (not) do what you indicate?
Bobby
wrong? Would you please provide a link to your source that indicates that
it does (not) do what you indicate?
Bobby
C
CZ
CZ posted: ZA free does not have strong outbound control, as it only uses
application
gate technology, however, ZoneLabs, Steve Gibson, and most end users think
it offers strong protection
Bobby posted: So what you are saying is that ZoneLabs, Steve Gibson, and
most endusers are
wrong? Would you please provide a link to your source that indicates that
it does (not) do what you indicate?
Bobby:
Not wrong, just uninformed or misinformed (like Will's comment "BlackIce
isn't a Firewall - it thinks it is").
My info comes from having studied/tested firewalls and TCP/IP, not from any
specific web site.
Several years ago, a very knowledgeable person (Cynthia Melrose) posted
useful info as a response to a NG user's post in alt.computer.security:
OP's post: "Basically, I don't get the distinction between 'application
level filtering' and 'outgoing firewall filtering' that you mention
especially with regard to the statement in the BlackIce does that."
Cynthia Melrose response post: "There is a really big difference.
When an application, like Internet Explorer, communicates with a web site,
it sends packets (or frames) over the network. It does this by submitting
various programmatic requests to application interfaces that open
communications with the network interface.
Lots of applications and even parts of the operating system work in the same
way. They open up communications with the network interface and send and
receive packets via the interface.
Traditional firewalls restrict traffic at the packet level. That is they
block or accept traffic based on the IP address, MAC address, Port, and
Interface being used. This is the most efficient and powerful way to block
traffic because once something is blocked at the packet level - the packets
from the offending system never even enter the computer. They are in essence
stopped at the network interface.
Application gating is an operating system level function. Basically,
ZoneAlarm introduces a "gate" in between the network interface and the
operating system. It controls which applications are permitted to use the
interface. It does not actually block the packets those applications send
or receive. This is why application gates are very susceptible to play-back
attacks and proxy attacks. Once an application gate allows an application to
use the network interface - essentially any other program that can
"disguise" itself as the permitted program can also use the network
interface. BlackICE is more like a true firewall in that it blocks things
at the packet level. It is not an application gate.
If you enter the following IP address block in BlackICE: REJECT,
0.0.0.0-255.255.255.255
Your system would not be able to, nor would any other system, be able to
communicate with your system. In a sense, you would have blocked
EVERYTHING. From coming and going in and out of your computer at the network
level.
Application gates are not "bad" and BlackICE "good" its just a different way
to do them. But I laugh when people call their ZoneAlarm system a firewall.
It really isn't. Its an Application Gate."
application
gate technology, however, ZoneLabs, Steve Gibson, and most end users think
it offers strong protection
Bobby posted: So what you are saying is that ZoneLabs, Steve Gibson, and
most endusers are
wrong? Would you please provide a link to your source that indicates that
it does (not) do what you indicate?
Bobby:
Not wrong, just uninformed or misinformed (like Will's comment "BlackIce
isn't a Firewall - it thinks it is").
My info comes from having studied/tested firewalls and TCP/IP, not from any
specific web site.
Several years ago, a very knowledgeable person (Cynthia Melrose) posted
useful info as a response to a NG user's post in alt.computer.security:
OP's post: "Basically, I don't get the distinction between 'application
level filtering' and 'outgoing firewall filtering' that you mention
especially with regard to the statement in the BlackIce does that."
Cynthia Melrose response post: "There is a really big difference.
When an application, like Internet Explorer, communicates with a web site,
it sends packets (or frames) over the network. It does this by submitting
various programmatic requests to application interfaces that open
communications with the network interface.
Lots of applications and even parts of the operating system work in the same
way. They open up communications with the network interface and send and
receive packets via the interface.
Traditional firewalls restrict traffic at the packet level. That is they
block or accept traffic based on the IP address, MAC address, Port, and
Interface being used. This is the most efficient and powerful way to block
traffic because once something is blocked at the packet level - the packets
from the offending system never even enter the computer. They are in essence
stopped at the network interface.
Application gating is an operating system level function. Basically,
ZoneAlarm introduces a "gate" in between the network interface and the
operating system. It controls which applications are permitted to use the
interface. It does not actually block the packets those applications send
or receive. This is why application gates are very susceptible to play-back
attacks and proxy attacks. Once an application gate allows an application to
use the network interface - essentially any other program that can
"disguise" itself as the permitted program can also use the network
interface. BlackICE is more like a true firewall in that it blocks things
at the packet level. It is not an application gate.
If you enter the following IP address block in BlackICE: REJECT,
0.0.0.0-255.255.255.255
Your system would not be able to, nor would any other system, be able to
communicate with your system. In a sense, you would have blocked
EVERYTHING. From coming and going in and out of your computer at the network
level.
Application gates are not "bad" and BlackICE "good" its just a different way
to do them. But I laugh when people call their ZoneAlarm system a firewall.
It really isn't. Its an Application Gate."
C
CZ
You can do what you want. MS says run one.
Wes:
I try to make decisions based on info from various sources.
MS has made some useless (or erroneous) recommendations, and some
self-serving ones.
Wes:
I try to make decisions based on info from various sources.
MS has made some useless (or erroneous) recommendations, and some
self-serving ones.
W
Wesley Vogel
CZ;
[[Using two firewalls on the same connection _could_ cause issues with
connectivity to the Internet or other unexpected behavior.]]
Could cause ...... is good enough for me.
[[Using two firewalls on the same connection _could_ cause issues with
connectivity to the Internet or other unexpected behavior.]]
Could cause ...... is good enough for me.
B
brushes
I have 5 machines here all running both the xp firewall and zone alarm, allWesley Vogel said:CZ;
[[Using two firewalls on the same connection _could_ cause issues with
connectivity to the Internet or other unexpected behavior.]]
Could cause ...... is good enough for me.
systems I set up for clients also have both and have yet to come across
problems specifically from that.
C
CZ
I have 5 machines here all running both the xp firewall and zone alarm,
all
systems I set up for clients also have both and have yet to come across
problems specifically from that.
brushes:
I am now running ICF, ZA free, and BlackIce (BID) concurrently on this
computer without problems.
(I normally run ZA free and BID on it lately).
I think a user's comments reflect his knowledge and experience: the more of
both that a user has, the less likely he is to claim that more than one
firewall is useless (or necessarily a problem). Also, he is less likely to
only run ZA free (or even run it at all!).
Trying to learn about firewalls and TCP/IP is not a small task, so I
understand why some users claim that more than one firewall is useless.
However, in general, it is not a valid comment.
Note that running two ID systems is not advisable: Sygate recommends not
running Sygate with BID.
OT: the most interesting user post, is to state that all firewalls are the
same (or do the same thing). That comment says a lot about the user's
knowledge (or lack of it).
all
systems I set up for clients also have both and have yet to come across
problems specifically from that.
brushes:
I am now running ICF, ZA free, and BlackIce (BID) concurrently on this
computer without problems.
(I normally run ZA free and BID on it lately).
I think a user's comments reflect his knowledge and experience: the more of
both that a user has, the less likely he is to claim that more than one
firewall is useless (or necessarily a problem). Also, he is less likely to
only run ZA free (or even run it at all!).
Trying to learn about firewalls and TCP/IP is not a small task, so I
understand why some users claim that more than one firewall is useless.
However, in general, it is not a valid comment.
Note that running two ID systems is not advisable: Sygate recommends not
running Sygate with BID.
OT: the most interesting user post, is to state that all firewalls are the
same (or do the same thing). That comment says a lot about the user's
knowledge (or lack of it).