Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Firewall Recommendations - Number Six!

  1. #11
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    i stripped it out of the AV package
    Well kinda, you are given the option of only loading the firewall from the PC-cillin Suite. However, if a "Stateful Inspection Firewall" filtering by pre-defined rules and previous packet reception is what you need then good for you!

    Cheers
    Connection refused, try again later.

  2. #12
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    Why is Checkpoint not listed under *nix and appliances? Is it simply because no one mentions them (as *nix or app) in the threads you culled this information from?


    I know that I mention Nokia in one of the threads that I'm sure you culled to get this information

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  3. #13
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Why is Checkpoint not listed under *nix and appliances?
    Originally posted here by Relyt
    Good Evening,

    Checkpoint offers both software and dedicated appliances.
    [/QUOTE]

    and it crosses platform barriers in that they have solutions for NT, Solaris, HP-UX, AIX, etc. So I could list it under all three The primary recommendation was FW-1.


    cheers
    Connection refused, try again later.

  4. #14
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    well I saw that part, but I guess it really /should/ go under all listings (just my personal opinion). We use it on both NT and Solaris and we have four Nokia boxes running NG w/AI.

    I reckon that I should specify which one I'm talking of in the future

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  5. #15
    Well I use Zone Alarm pro. It stuffs up a bit, but I think it does the job in general.
    I havent been hacked yet.

  6. #16
    Banned
    Join Date
    May 2003
    Posts
    1,004
    The problem with low assurance security tools (Like ZA for example) is the fact that you don't know if they have failed to protect you, unless a successful attacker wishes to let you know.

    cheers,

    catch

    PS. Let sleeping posts lie unless you have something significant to contribute.

  7. #17
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    The problem with low assurance security tools (Like ZA for example) is the fact that you don't know if they have failed to protect you, unless a successful attacker wishes to let you know.
    I've always wondered about this... isn't that true for every single security application? I realize that if, for example, you have two antivirus solutions in place and one of them detects a virus that the other didn't, then you can say that the other solution failed... but if neither picks it up, how are you going to know that they failed to protect you? I think this problem falls in the "how do you know if your anti-flu shot worked? Just because you didn't get the flu?" category...

  8. #18
    Banned
    Join Date
    May 2003
    Posts
    1,004
    The higher the assurance the more you can trust those reports of "Everything is a-OK." Nothing appearing broken is a terrible way to check, especially when it is to the threat's benefit to remain hidden.

    Unfortunately very few of us have the kind of non-overlapping, overlayed security architectures (aka good layered security) to check this type of thing.

    With the flushot... if you don't get the flu, everything is good. Doesn't matter if the shot defeated it, your own immune system would have defeated it without the shot, or if you were never sufficiently exposed to catch the flu. At the end of the day you know if you did or did not get the flu.
    With security... you don't know what you don't know. You may think you have not been hacked... but how do you know? Consider that the attacker my wish the compromise to remain covert. Consequently... the statement of never having been hacked fails to imply solid security.

    Until you get into finite state machines where everything is mapped... all you are doing is trusting your system to tell you the truth. With software that is so low assurance to not even have a map of any kind availible, I would say it is deserving of no trust.

    cheers,

    catch

  9. #19
    Senior Member st1mpy's Avatar
    Join Date
    Jun 2003
    Posts
    111
    to add my comment hehe


    im using sygate no problems for over a year now and as for last night i tryd



    Panda Titanium Antivirus Plus Antispyware 2006 v5.00.00



    and i didnt think twice i got my self a liscense and that av + spyware + firewall its great program it doesnt use much ram and to tell ya the truth it found few things that

    spybot ad aware spyware doctor and kaspersky all together didnt find which surprsided me hehe not sure ifi hit right topic but i would reccomed it to everyone
    Un Seen But Well Heard Of

  10. #20
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Well all of those could be part of a layered concept. But what have you done for detection, containment, and isolation? I sure hope you’re not relying solely upon your software firewall for those tasks. It’s a trivial matter to fool that firewall.

    cheers
    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •