[Dshield] Back to Multiple Firewalls

Mrcorp mrcorp at yahoo.com
Mon Mar 18 18:07:33 GMT 2002


Zone alarm has it shortcomings too.  Now that I said that, i smell a flame war coming... (again!)

If you use windows XP firewall, and scan against it with nessus, or nmap or any other popular scan
tool, you wont see it.  To me, thats sufficient protection to the average user.  Zonealarm brings
with it complexity.  How many popups do you get upon initial install?  many, and does the average
user, or you for that matter understand each and every popup describing a service?  probably not. 
With complexity, comes the opportunity to make mistakes.

mrcorp

--- Rick Rowerdink <transrep at adelphia.net> wrote:
> O.K., that's one for and one against Multiple Firewalls. XP does create nice
> black holes and acknowledge the outbound problem - but ZA takes care of
> that.  It passed four independent audits and Gibson's Leak Test. If it ain't
> broke - don't fix it they say...just wondered XP or ZA augmented each
> other - no effect, or possible risk effect with both. (I doubt ZA could be
> augmented). A paid SecureSafe audit described a low risk "tracer route"
> vulnerability (I doubt any risk) but don't see a way around that without
> using a proxy or browser like Opera.  Since I have a tie going - need one
> more vote.  Thanks.
> Rick Rowerdink
> 
> 
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list


__________________________________________________
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/




More information about the list mailing list