I finally found something about SPI, ZA does have it but...

Discussion in 'other firewalls' started by CoolWebSearch, Mar 28, 2008.

Thread Status:
Not open for further replies.
  1. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,191
  2. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    It appears that someone there is keeping track of what is discussed here. :D
     
  3. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    ZoneAlarm was one of the earliest firewalls to implement SPI, IIRC. It basically made a name for itself as a truly excellent firewall back in the old days before it was purchased by... whatever company it was, I don't care and can't remember.

    Leaktesting has always been useless, save for the most basic flagging of programs that request network access. The time and effort that vendors spend trying to prevent malware from calling home, would be much better spent on figuring out how to prevent malware in the first place.
     
  4. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    FWIW- I think most of the firewalls I have used that have good leak prevention have flagged "legitimate" programs from phoning home without the user's knowledge or consent. It seems that many "legitimate" softwares are as bad as some malware. I set my Dell computer to not send in my tracking info. But does it matter? Nope, it tries it anyway.
     
  5. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    There are plenty of members at Wilders with similarly "vast knowledge."
    Some with even "vaster" knowledge, I'll bet!
     
  6. KOS2006

    KOS2006 Registered Member

    Joined:
    Oct 29, 2006
    Posts:
    2
    Leaktests are very useful to evaluate a HIPS instead of a "pure" firewall. Trojans can use the same technologies represented by Leaktests. :D
     
  7. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    lmao. It is funny how he phrazes this sentence.
    Stateful inspection for UDP and ICMP will always be "limited" (interesting term), as these are conectionless protocols. What on earth did he mean by "outdated" SPI I do not know (nothing has changed in the structure of IPv4) and I would like to hear his ideas on implementation of stateful inspection for... um... "outbound" lol. Oh yes and it is CHX-I, not CHX-1.

    I agree with this, leaktests are not firewall tests.

    iirc, Oldsod is a member here as well, he had a dog as his avatar.
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408


    I agree fully. A pure firewall will not do well in Leaktests, yet a HIPS or FW with HIPS will.
     
  9. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I belive he tried to say that CHX-I is outdated and just for inbound, not SPI :)
     
  10. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    That makes sense, I obviously misunderstood him. Still, I don't think abandoned is the same as outdated. For IPv4 CHX will work just fine, if not better than others.
     
Loading...
Thread Status:
Not open for further replies.