BlackIce Pc Security.

I received a free copy of BlackIce Pc Security and would like to know if anyone uses this program or knows if it is any good at what it does. I appreciate any responses you may post about this app.







- removed unnecessary attachment.

 

It's reporteclly an excellent IDS (Intrusion Detection System) and particularly good for those who run servers. As far as outbound monitoring and blocking, although BI has program component control some users indicate it's still less than an ideal implementation and other software firewalls are preferable for the outbound stuff. It depends on your needs.

 

I appreciate your response on this . I installed BI but I could not get it to stealth so I took it out. I wanted to know if maybe I was doing something wrong, but I beleive there are better apps for my needs. Thanks sig for your input , it is appreciated.

 

Is it ok to use it with ZA Pro? Ususally BlackICE will explain in more detail something that ZA stopped.

 

I wouldn't think it would be a good idea to run two firewalls at the same time. They usually don't play nice together.

 

mvdu: Both BI and ZAP have changed so much I don't know how it is running them together. In the past ZA and BID frequently were used together without problems. I don't know how both "get along" with each other now. It they work OK together and you don't mind the additional resources used I'd figure it's up to you if you want to use them both.

bigc: The stealth thing may just be a matter of tweaking the settings. Although for those running servers stealth is not that big of a deal since the whole point is to be visible and reachable. An actual user could provide much more helpful info and assistance for anyone considering BI or just giving it a try. A number of BI users occasionally post at the Security Forum at dslr.com, but don't recall if some post here also or if ISS (BI's vendor) has a forum of their own.

While BI is considered a very good IDS the average user might just prefer a regular software firewall like ZA, Outpost, etc. YMMV

 

sorry for just popping in here... but is kerio2X ok...?? i am only using that though i hav ZA pro and Ez firewall in kitty but notusing more than one firewall at a time... so i din install them... i am ok with kerio??

 

That is the reason I didn't keep it. I prefer to have a firewall that is less of a chore to config, I use this comp. for fun the one at work is enough trouble without having it at home to.Since ISS bought Black Ice I under stood that it had changed the program is why I didn't think it would run with another firewall. But it wouldn't hurt to try. Now my only problem is trying to figure out who to give the BlackIce to





- removed unnecessary attachment.

 

Thanks - yes, they seem to be working fine together, but sometimes you don't notice a conflict. That's why I want feedback.

 

mvdu: yeah that's why you're often told not to run two firewalls together, but that's also the only way you'll find out if it works out ok or not on your specific set up.

 

subratam: this is a thread about Black Ice, not Kerio. You really should not just drop into someone else's thread and ask about off topic issues. That's considered rude and is the kind of thing that moderators discourage in order to keep discussions on track. Manners aside, looking at it from a practical perspective, let's say someone is looking for a Kerio discussion: logically they would look for a Kerio thread, not a Black Ice thread. It's considered bad form to "hijack" a thread to another issue entirely.

As for your question, as I seem to recall you've already have had at least two discussions, certainly at least one thread specifically regarding the Kerio firewall. If you have any more questions, consider posting them on those preexisting threads since your question is not new material. But I will respond here for expediency's sake:

Kerio 2 is a good rules based firewall but, as BlitzenZeus I believe told you before, it is not for people who are newbies and don't understand how rules based firewalls work. It takes more than just casual study to learn, understand and apply what one has learned to bulid a secure rules set. I concur with Blitz's previous recommendation that you instead use ZA or ZAP rather than a rules based firewall like Kerio. But you evidently did not care to take the considered advice Blitz gave you.

So I will add that when using a rules based firewall like Kerio the question should be not how good is the firewall, but how skilled and capable is the user at setting up a secure rules set? Since it is the user who determines how well the rules based firewall is able to protect the PC it is on.

After actually having used Kerio, if you still think that your protection primarily is provided by the firewall software, then IMO you've missed the point of a rules based firewall. You really should then use software that is designed to protect you without much if any effort on your part. And that would be a primarily application based firewall such as ZA or others, but not Kerio.

 

Just out of curiosity, what was not stealth with BI?
As sig mentions, it could be just a configuration issue. I have not looked at BI in some time, but in the past changing some settings involved modifying some files. The backtracing options selected could also affect your system being stealth (if stealth is what you are after).

Regards,

CrazyM

 

So would you recommend I keep using BlackICE with it and just be attentive? I have a router, so I don't really need an IDS for inbound very much if at all - but IDSs give more detail as to what is affecting you. That's why I like it. I have a license for NPF 2004, and that has an IDS integrated, but I like ZAP more as a firewall. So I've been running BI with it.

 

BTW, BlackICE does not block pings. But you can learn how to block them here:

KB Article: How do I tell BlackICE to block Pings (ICMP)?

Edit: edited link/tags

 

I tested BI at grc and PcFlank and it had quite a few ports open Not closed or stealth I tried a few settings but It didn't change much. It is probably just my inexperiance with BI. I will probably never know if it was me or the program because I don't plan to try it anymore. I am very happy with EZ armor Av and firewall that I am useing now. It has a lot of settings if I really want to get that deep in it The best part is that it didn't cost anything to try it anyway.






- removed unnecessary attachment.

 

would just want to say....
i am sorry for posting off-track topic... and i would have liked to answer sig for his questions... but again i dont want to carry it on.. and moreover this isnt the thread to go on... cya frm here...
take care yall

 

BI will give you complete stealth on nervous and paranoid settings except ping icmp which can also be stealthed by editing the firewall.ini file (with notepad)...with this line
This statement will block all ICMP Echo traffic for all IP addresses.put underneath [MANUAL ICMP ACCEPT]


REJECT, 8:0, ICMP, 2001-10-15 00:01:00, PERPETUAL, 1000, unknown

 

Forgot to mention that port 113 ident is enabled by default but can be stealthed by opening advanced firewall settings and modyfying the rule to reject rather than accept.

 

I have used BlackICE for several years as my only firewall and love it.

Set it to paranoid and make the modifications to port 113 and you will be safe.

Even if you set it to trusting or cautious you should be OK as on these settings it closes the ports with any services running on them - and if it detects any hacker activity on other ports it will detect it and close them also.

Note: even if you modify the ini file as detailed earlier to reject pings, it will fail the test at pcflank - as the request for ping will have come from your PC - but if you get someone else to ping you it will be stealthed.

I personally dont care about stealth.

I love BlackICE as it is easy to configure and works well with windows messenger - set it to trusting (you are safe in this setting) - and you can send and recieve files and video etc.

You can also set trusted IPs - but if it detects any hacker activity in this trusted port range it wil block it also. Cool!

Have a look at the usenet group for firewalls. A guy who posts there "Duane Arnold" knows loads about BlackICE and will help you out with any problems - a nice guy.

Hope this helps

ChrisP

 

Thanks for the info. ChrisP

 

I ran BI for a couple of weeks and removed it. I can't say that anything was wrong with it; I just didn't feel comfortable with it. I know that isn't much of a reason, but it's all I can give.

It was stealth on all the tests I ran and seemed to do the job. I guess it's a case of, the product just isn't for me.

 

Don't intend 2 wreak any havoc here among BID fans, but I reckon they should be made aware of a most interesting (and alarming) piece of news by following this link.

I know, this must have occurred aeons ago, but the point is, if they could do this once to their customers, they could do it again...

 

I use BID once and a while when I get ticked at ZAP on my XP machine. Believe me, version 3.6cbz will drive you nuts if the aplication that wants out has'nt been okayed. Just don't have a trojan on board when you do a baseline scan.

 

Well it has been a while since My last reply on this post. But I did some research on BlackIce and went ahead and installed it again. This time I was a little more prepared to tweak it. I am sure it is stealth now but I really can't confirm that because since the last time I had it installed I have added a wireless router and that alone has a one hundred percent stealth hardware firewall. But I wanted the protection of the application protection app and the intrusion detection system. It seems to be working better with the right tweaks this time.