Does anyone know of any Vulnerabilities for the NeoWatch firewall? I've tested it out many times on http://scan.sygatetech.com and it passed every test they have. If you know of any known problems with this firewall, please tell me. Thanks.

I recently downloaded NeoTrace and NeoWatch.......I am thoroughly confused. The only thing I know is I get alerts all the time for port 80. Makes me nervous. Probably because I dont' know what I am doing yet.:confused: Just learning all about this stuff. :D Does anyone know a source of good information to find out about Ports on my computer .....so I can have a better understanding of what these probes are doing. Thanks :confused: :what:

Here's a link (http://advice.networkice.com/Advice/Exploits/Ports/default.htm) Kapperdog came up with in another thread.

The port 80 alerts could be the result of Code Red worm knocking on the door. If you're not running a server, I wouldn't worry about it.

So far I have came up with no vulnerabilities for this firewall. Seems pretty secure to me. I think I'll stick with it for now. Negative, check out this link (http://www.neoworx.com/products/specter) and tell me what you think of it.

The port 80 alerts could be the result of Code Red worm knocking on the door. If you're not running a server, I wouldn't worry about it.

Thanks..that settled a question for me too...
Had been getting about 8 probes on port 80 a day and thought zonealarm had got a bug...If i think back to when alerts started ,it was when code red was released.

A little reading makes things more clearer :cool:

Negative, check out this link (http://www.neoworx.com/products/specter/) and tell me what you think of it.

Honey Pot! I love honey pots!

A few remarks, though...

- Honey pots aren't that interesting if you're a home user. (Well, maybe they are if you like to play around).
- They eat memory.
- This one's rather expensive!
- It needs to be installed OUTSIDE your firewall (or in your Demilitarized Zone --> doesn't apply to ZoneAlarm).

There's some free honey pots out there, too!

Netbuster (http://surf.to/netbuster) to fool Netbus-users.

Tambu (http://www.xploiter.com/tambu/) UDP Scrambler (don't know if this one's still supported - there's some other usefull stuff on Xploiter, too): to flood hackers.

I can't stress this enough: honey pots do not provide actual protection, there only aim is to fool hackers who try to fool you.

There's some free honey pots out there, too!

Netbuster (http://surf.to/netbuster) to fool Netbus-users.


Uhm... Don't use that. I'm not sure of the truthfulness of this information, but I believe it... The Netbuster creator put in two special functions. Someone can wipe your drive with it, or just shut down your computer. This was from some #NoHack (Dalnet) guys, when I used to help out there. (It was painful. "<IDIOTUSER> ithink i have a vrus, what cann i do to make it go away?")

This is what the author of Netbus says:

'Rumours says that NetBuster is a fake and that is has a backdoor so that people can access your computer. These rumours are nothing but rumours. However, the error-handling in NetBuster is far from bug-free so it is possible to crash using the right program.'

Don't know what to believe anymore... ;-)

Anyway, here's a link from SANS (http://www.sans.org/infosecFAQ/attack/deception.htm) dealing with honey pots...

Alltough I wouldn't ever change from my own private little firewall "ATGuard" just to see what's gooing on. I advise everyone to let a little proggy named Retina (http://www.eeye.com/html/) do a scan on your system and fix what turns up; you'll be more than Hack-proof!
:cool: