[Dshield] Back to Multiple Firewalls

Neil Richardson neilr at ieee.org
Mon Mar 18 19:11:46 GMT 2002


At 09:18 AM 3/18/2002, you wrote:
>RR> XP does create nice
>RR> black holes and acknowledge the outbound problem - but ZA takes care of
>RR> that.
>
>Hum. Might I ask why you want to control outgoing connection ?? There
>are valid reasons to do so (like filtering anything that goes to the
>double-click domain) but it seems out of focus for a personal firewall
>(if you have been trojanized, it's already too late).

    I use ZA even though I'm currently behind a router precisely for the 
outbound connection control: if a trojan somehow got past my anti-virus, 
it's harder for it to report back to it's master without alerting me.  In 
addition, if I accidentally install something that contains "spyware," I'm 
more likely to find out about it with the firewall ("What do you mean, 
'TextEditor.EXE is trying to be a server?'").  And finally, it allows some 
control over when legitimate programs "phone home" (Real Audio, Windows 
Media Player, etc.)  (However, I admit that in this last case, it is only 
of marginal value: if the program can't phone home when I play local files, 
nothing will stop it from attempting to do so when I play an internet 
stream and have to grant it outgoing permission.)


-Neil R.

-- 
Supreme Lord High Commander and Keeper of the Holy Potato
----------
Random thought for the day:

    Graduation.  Sleep.  Life.  Pick any two.





More information about the list mailing list