Page 3 of 3 FirstFirst 123
Results 21 to 27 of 27

Thread: ZoneAlarm Mutex update

  1. #21
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    For the last time. The issue I'm speaking is not a Mutex problem but a problem with the technology the use. Go to www.hackbusters.net and run Outbound on your ZA firewall. It fails miserably.

    By all means continue running ZA but don't come back and complain if you get it in the end. Know what I mean? The only way to approach security is to be paranoid. And don't ever settle on what the vendor or some individual who happens to write for magazine has to say.
    They are usually the ones without backups or virus scanning, etc. etc. etc.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  2. #22
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Well, due to ZA's canned response that does resemble something they'd send to anyone with a problem concerning security, I've gotten rid of it and got Sygate Pro 5.0 and have it configured for both machines. So far, grc.com's leaktest, outbound, and Sygate's own Test-your-firewall all came back negative, which is good. Oh yeah, TooLeaky failed as well (although TooLeaky is hardcoded for IE, and not the default browser).
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  3. #23
    Junior Member
    Join Date
    Feb 2002
    Posts
    26
    where is this test-your-firewall located ?

    Valentino


  4. #24
    Junior Member
    Join Date
    Feb 2002
    Posts
    26
    ok, i now ran the grc.com tests and it said i was totaly stealth ...

    am i on the "safe" side now ?


    Valentino


  5. #25
    Banned
    Join Date
    Oct 2001
    Posts
    1,459
    Nope... No one test can make you 100% safe... I have 4 firewalls running at the same tim (im a bit paranoid), and I still see logs that I am being hacked LOL

  6. #26
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    "Stealth" simply means that grc.com couldn't find any known open ports. This test is bogus if you're running through a 4-port router or whatnot and you have a linux server like I do where services run because it reports them and says I'm vulnerable to a bunch of things when I'm not. This does not mean that there aren't other ways into your machine.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  7. #27
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    ok, i now ran the grc.com tests and it said i was totaly stealth ...

    am i on the "safe" side now ?
    first stealth is your firewall dropping packets without sending a response...basically the scanner says...hey you there...your firewall keeps its mouth shut and hopes the scanner goes away...the other possible responses are....ya i'm here...but my doors are locked and you can't come in...which isn't so good as someone can say...hmmm...they've got somthing to hide in there...maybe i'll go see if a window is open...and lastly...hey come on in...i'll leave the door open...and i'll be out for a couple of hours...make yourself at home...(this is an unfirewalled windows 9x response... )


    be aware that grc doesn't seem to probe with udp ...i was happily sitting behind my linksys at home running grc.com saying that i was invisible...then for some fun (ya ok i need a life...) i went and did the same scan me shtick at dslreports...and i wasn't as invisible as i thought...it detected a closed udp port response...which means it raises a flag that something is sitting there..

    so 3 lessons...

    1 - linksys routers don't drop "all" scans it shows a closed for some udp ports (i replaced it with a watchguard soho which IS stealthed from a dslreports scan and is much much better firewall..a lot more expensive tho...)

    2- grc.com isn't scanning for udp ports

    3- never believe anyone that says you are safe (actually even grc.com does mention this...)
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •