zonealarm vs pc aduit

Discussion in 'other software & services' started by Bethrezen, Jun 28, 2002.

Thread Status:
Not open for further replies.
  1. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    :mad: GRRRR im very anoyed at the people at zone labs because yet again iv been able to by pass zonealarm there saposeadley inpregnable firewall i like it wasnt even there i downloaded this lil applcation pc aduit to test to see if i was vrunable and yet again zonealarn has let me down it didnt even know that there was anythin sus goin on what is the use of havin a firewall if it can be bypassed so easley though admitadley it is the free version im using so ya cant expect the same protection but that could at least close loop holes like this and too leakey fire trap etc

    here is the link http://www.isa-llc.com/downloads/audit.php

    can some others test this on difrent firewalls to see if it is able to bypass them to i just want to know if its just zonealarm or if its able to get round other firewalls to
     
  2. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    PC Audit is nothing more than smoke and mirrors to get you to buy their product.
    I could have you download all kind of files and have you execute them and blast right thru any firewall you had, since you would be working with me.
    I'm not a big ZA fan, but it's better than that.
     
  3. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi root

    ok you might have a point about pc aduit but how am i ment to tell the difrence between a genuine problem and smoke and mirrors and what about vunrabilitys like too leakiy and firetrap etc thay are real vunrabilitys that have not been fixed yet and that was my mager gripe i just dont like fact that loop holes like that have been fixed in the comerical version and not in the free version

    is there a fire wall that is as good or better than zone alarm that is still as easy to use see havin no experance with rule based fire walls i dont think id beable to config it properaly
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Bethrezen,

    It all comes down to voluntary downloading/executing executables here. And doing so (or not!) is one's own individual choice. It's in essence a human vulnerability, rather than a software vulnerability.

    regards,

    paul
     
  5. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi Bethrezen. I happen to think there are several firewalls better than zoneAlarm. Most of them are really not that hard to install and use.
    I know most people find Outpost easy to use out of the box. If you need help with it, it has excellent support at the Agnitum Outpost forum.
    I also think Look N Stop is a good firewall, and there is a ready made ruleset for it that requires minimal tweaking.
    I used Sygate before I switched to Outpost, and it is easy to use.
    Here's the deal from my point of view. A firewall can be a simple thing like ZA and protect you fairly well. Not being highly configurable limits your ability to protect against various situations that will probably be different with each user.
    A really good firewall will not only be a wall, but will have the barbed wire strung across the top and a moat at the base.
    There's no getting around the fact the more effort you put into your security, the better the protection you are going to have.
    As for the first part of your question, how to tell whether a vulnerability test is of concern or not. I usually wait a few days, check what's being said on different boards about it, check with the Register, Sans, maybe a couple of other places and see what the opinion is. If it is a major concern, it is going to be talked about all over the place.
    Of course, you can always ask here. :D
     
  6. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Hi Paul,

    Yes and no ;)

    Let's say PCAudit is a trojan which glue (sorry for my bad English) to IE or Explorer to phone home unnoticed (no masquerading) and that you run it willingly for test purpose, like any leaktest (there are a lot).
    But it could be a "real trojan" which could install itself behind you back like other trojans without you beeing aware of it.

    It REALLY send information to PCAudit, it's no childish script which allow you to see (and only you) your C:\

    I am not aware of such a trojan till now but it surely will exist in one day or one year :(

    AFAIK, only SSM prevents the leak.
    I think any standalone firewall would leak if the test is run with IE open, some would prevent the leak if IE is closed and Explorer access to the W3 deny.

    It's indeed rather a Windows vunerability and not a FW vulnerability, I don't care who is culprit but I bugged Max (SSM) till the leak was prevented :-D

    You know I can make a really nuisance of myself for security products' developpers when I think it 's necessary ;)
    http://smilies.sofrayt.com/1/s/diablo.gif


    JacK
     
  7. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    JacK,

    Grin..like this discussion ;)

    mmm.."behind my back"? Apart from nasties running parallel/beneath the Windows stack, how should this happen, while sufficient counter measures are installed?

    I will not disagree; could well be. Question is, if sec apps will keep up with this (leaving the Windows O/S aside - at least the kernell is a vulnerable issue).

    As soon as SSM is bug-free it might indeed be a solution. TDS4 will have some interesting defense as well in this regard - I'll leave it up to DCS to provide more info.

    Seems we do agree after all! ;)

    Well, IMHO it's a necessaty to at least know who's to blame in order to tackle the issue. Push Max some more; SSM indeed seems to be a promise - but needs to be ironed out. I'm convinced you'll be the one (partly) helping out with this!

    ..just one of your qualities ;)

    regards,

    paul
     
  8. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    But it could be a "real trojan" which could install itself behind you back like other trojans without you beeing aware of it.


    mmm.."behind my back"? Apart from nasties running parallel/beneath the Windows stack, how should this happen, while sufficient counter measures are installed?

    lool : I was no thinking behind "your" back but lambda user's back.

    You know how few people have a good knowledge about security issues :)

    Nite,

    JacK
     
  9. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    A la prochaine, et bonne nuit, JacK ;)

    salutations,

    paul
     
  10. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Goeie nacht en beste groeten, paul ;)

    Tot ziens,

    JacK
     
  11. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    I love multi-language threads! :cool:

    (Good night, see you soon..)

    regards,

    paul
     
Loading...
Thread Status:
Not open for further replies.