WOW! I'm so excited to share this with the whole community. Your most disrespcted BlackICE is the best firewall now with Advaced app control. I ran the Firehole and TooLeaky test against it, and guess what, they had totally failed. BlackICE detected them trying to access the internet espically for TooLeaky. Howerver, Firehole was much more complicated, it hooked itself to all running apps and so, I had to terminate all of them. I contacted Kerio regard these hole 2 days ago, and today, they reply saying that TooLeaky will fail to access the internet in their next release, but however, Firehole might still be on the loose. So, this proved that ISS ROCKs! Too bad BlackICE have to kill the program that Firehole was hooking to........ WELL WELL WELL, what the heck are you wait for? Upgrade your BlackICE to version 3.5!

I hate to burst your bubble....but here's a little "cut and paste" from grc (http://www.grc.com).


NetworkICE's BlackICE Defender Update
Apparently Designed to Mislead its Users

Eleven Months after the release of our first, simple, but effective and popular (2,584,291 downloads) LeakTest firewall testing utility, BlackICE Defender (BID) continues to "leak" — as defined by LeakTest. But a recent update to BID (version 2.9cai) was hiding this fact from its users by effectively cheating the LeakTest.

Rather than enhancing BlackICE Defender by adding the sort of application-level controls that are available even from many completely free personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent LeakTest's intended operation by adding specific awareness to BID of LeakTest's remote testing IP.


You can read it for yourself here (http://grc.com/lt/leaktest.htm).


It is a rather old article and perhaps BlackIce have changed their act but they'll always be fraudulent in my eyes....

Um...... that's version 2.9cai. However, with version 3.5, ISS inserted a brand new App. Control. Why can't people actually try things before they even post here? VERSION FREAKING 3.5, NOT THE OLD FREAKING DAME 2.9. DOWNLOAD YOUR DEMO VERSION OF 3.5 AT HTTP://WWW.DOWNLOAD.COM

GREEEEZZZZZZZZZZZ

People people people! Expand your knowledge by trying to accecpt new things. Don't stay in the past where everything basically sucks...

BlackIce has proven itself to be a fraud when it comes to passing the above mentioned test. How can you trust it now? We just had a HUGE thread on the benefits of running two firewalls and your going to leave your security up to a firewall that's a known cheater?


Anyway, lawrence, it's your box and you can do what you like. Like I said, BlackIce may have changed it's tune and that's great. I just wanted people to know that BI has previously cheated on the Leaky test.....so think carefully before you spend your hard earned cash on a software firewall. Especially when there are so many FREE alternatives....

It is true that BID created a "Cheat" in their previous version, and it is true that there are plenty of good free firewalls available.

However, there are many who have been hammering v3.5 to run it through some paces and so far it holding up as a legitimate contender.

Additionally, we must keep our eyes open as the near future will see a decline in "free" firewall software availability. Or, at best, free with minimal capabilities. Most home users on a single station will probably be fairly well covered by the free versions for the next year or two, but most of the producers are already leaning towards "limited free", pay for advanced, in the very near future.

3.5 may work, it may not. The point is, 2.9 appeard to work, but didn't. It looked for the too leaky program, and killed that one program. Anything else could get through.

I think 3.5 may be good, BUT it is still a pay for program. As far as personal firewalls go, I am NOT going to pay for one. If you have an antivirus program on your computer that watches for trojans, then the too leaky and firehole tests are worthless. They are trojan simulators, but if you av doesn't allow you to get a trojan......

I understand your position souleman, many subscribe to the idea that if you have all unecessary services disabled, use an av and an at, and watch your own activities (DLs, allows, have proper browser security, etc.) you are secure enough.

Much of the truth of this, however, rests in how well each knows his system, apps, and connections. ;)

IE users with default settings may or may not know just what lurks behind a craftily designed web page, or that Outlook Express is hooked through their IE settings and find some hostile code in an email that they don't spot, nor their AV/AT componnents spot.

We have helped many a seasoned user find and destroy trojan servers that have slipped past both AV and AT that were identified only by outbound communication attempts through the firewall.

Today's free firewall technology may be sufficient for most of today's exploits, but the advancing sophistication of exploits will require even more granularity in controls and in application sandboxing.

BI 3.5 does, in fact contain application control and outbound protection (though this isn't sandboxing).

ZoneAlarm is moving away from "Free" as has been noted from the fact that the free version is still v2.6.

Kerio is going to be introducing it's next version of it's PFW that will be free with some features disabled without purchasing a license.

Tiny is preparing to introduce v3.0 (in the next couple of days) that will include some sandboxing technology but will not be free (30 day try and buy).

Sygate will only maintain it's free version for a short time longer.

The bottom line is .... for those who feel the need for a firewall (all should IMHO), it is time to keep an eye on what is emerging with an open mind so that decision making will not be biased based on someone elses opinion, but on the true functionality of the product, and the needs of the individual.

Free is always better, but free won't last forever. :)

Oddly enough my linux distro(which is available for free) came with several very good firewall utilities. Also there are several more for it that are available for free.

:) Ah yes, Linux. *nix for that matter!

But as long as Windoze remains the predominent environment, *nix won't help the other 90%+ of the 'Nets population.

And anything I can do to help those who aren't on more secure (MAC) or Open Source *nix, etc., will be better than sitting behind my box and being glad I'm ok.

It is those very same users who may one day be source of aggravation for the rest because the open exploits run on their boxes become a choke and stranglehold on everyone elses 'Net usage.

ThePreacher> Good point. Best firewall is to set up a nix box between you and the outside world. Well, not the best, because CPFW-1 is better, but definatly the best for anyone that isn't rich.

GuardianAngel> You made some very good points, but you forgot one very very important point also. A firewall doesn't work for crap if you don't set it up properly. If I accidently allow the wrong outbout connection, the trojan is still gonna connect. The firewall can give you a false sence of security. I have seen copies of zone alarm installed on computers where the user gave sub 7 access to the internet, then couldn't figure out what was going on with their machine.

It's like the whole "stealth mode" crap that grc has been preaching. I don't care if you computer operates in stealth mode. If someone wants in, they will get in.

Most people in here would die of laughter if you ever saw the security I use on my personal computer. I have an antivirus....thats it. I don't run any firewall, I haven't done 90% or the security updates, and I haven't had a problem with it yet. I figure if someone wants to hack me, let em. I dl programs just to see what they do. I have intentionally run virii on it to see how they work. etc etc. Oh yeah, I have norton ghost with a backup of my system on cd, so its only about an hour to redo it. Remeber, this is my personal computer, not my work system.

As they say, the BIGGEST weakness in any security system is the enduser. I don't even worry about the rest. As long as I know what caused something to happen, then I can make sure it doesn't happen again.

You do realize that with that attitude Souleman you could very well be a liability for someone else? I realize it's your box and you can do with it as you like but maybe you should take the box offline to do those things with it.

Ghost may work for you while runing without a firewall but you could very weel be harming other people.

Just food for thought.

Korp> I do that off line. Laptop with dialup connection. I am not quite that stupid. I don't need to be used as a jumping off point for a hack against the NSA or something ;) If I need to test something on a network, I do it on my own. I don't run something like a virus or trojan while connected to the internet. I also make sure that it is completely gone before I ever reconnect.

Thanks for clarifying. You didn't explain that part. :thumbsup:

souleman > agreed to a few of your points re: endusers and false sense of security.

We spend a lot of time working with people requesting ruleset review, etc. Even then, one wrong click and ..... but, the best you can do is better than doing nothing at all.

I have watched enough incoming code red and nimda scans, and had enough other exploits run at my border box to not want unknowing users to remain unknowing.

I have also spent enough time with people who have had their identities stolen and their lives temporarily trashed because of Trojan Servers.

Sure I download and play with Trojans and with Viruses. But I do that on a trash box (an old 486) and I DC from the network before I let em loose. Before they go back online, a low level format and reinstalled OS are always first.

My point in this whole thread is that new releases are good if they do what they are supposed to do, even if they have had a problematic past, and that the way things are headedd for Windoze users, those that aware at all, should start looking now with an open mind, because the times they are a changin.

GA> I haven't really disagreed with a single thing you said. There are plenty of free firewalls out there. Eventually, someone will find ways to defeat them all, and they will all have to be upgraded. So, as you said, eventually, we will have to pay for them, if you want a personal firewall. If you have an extra machine, I would still suggest a linux/snort box between your computer and the outside world, but that is a LOT more work to configure properly. As for right now, Sygate is the personal firewall that I recommend to people that I know.

Not sure exactly who you are, because you only have posts in the one thread. Anyway, it probably looks like Confirmed_Kill, ThePreacher, and myself are total pains in the ass. Well, a lot of it has to do with the attitude of the original poster.
WELL WELL WELL, what the heck are you wait for? Upgrade your BlackICE to version 3.5!

Why can't people actually try things before they even post here? VERSION FREAKING 3.5, NOT THE OLD FREAKING DAME 2.9. DOWNLOAD YOUR DEMO VERSION OF 3.5 AT...

People people people! Expand your knowledge by trying to accecpt new things. Don't stay in the past where everything basically sucks...


All the caps...sounds like he is trying to order people around. Its like a Heavy Metal singer trying to promote his own product. That is not the attitude of someone trying to help others. I'll admit, lawrence171 is going through some ruff times right now (look at his mood), but he is the one acting "close minded." We NEVER said that the product sucked. We said that it used to suck, and we were suspecious about the newest release. He got defencive, and aggressive. In all honesty, I am somewhat surprised that this didn't become a flame thread after the 4th post....

Nor am I attacking your comments souleman, just making some points.

I understand your concern with such a vociferous promo of a previously dubious product. And yes the original poster could be a little over excited.

I have no quarrel here, I haven't posted here before today because I am involved with so many other things and have just not taken time to post here yet, though you can see I registered a little while back.

As to who I am, really no one important. Some of my interests can be seen in my work at http://www.theguardianangel.com, and at http://www.cyber-hood-watch.org, where I do my best to help all I can.

Hope you didn't read my posts as antagonistic, they were not intended to be. :)