|
Posted by Mr. Arnold on April 8, 2008, 8:24 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Apr 2008 18:50:56 -0400 says...
>
>> What? The traffic travels from the WAN to the LAN. That is traffic that's
>> let through the firewall, the trusted and untrusted zone. Whether it be
>> two
>> NICS doing a (WAN/LAN) or the WAN/LAN on a FW appliance, traffic is
>> controlled between the interfaces, inbound and outbound, the trusted and
>> untrusted zones with a FW solution.
>
> Why is so hard to understand I do know all that stuff ? BTW you forgot
> to mention DMZ. Just pointing you not to be so much IT focused as being
> a human being. I am expecting some abstraction ability at you :-)
We are not talking about the DMZ, and besides, no PFW has one, and it is not
a FW, period. That's what we are talking about. The junk being called a FW,
when it's not that.
>
>> Look man, I was contacting my ISP's NNTP server on TCP 119 and POP3 TCP
>> .......
>> setting FW rules.
>
> I was not saying anywere they cannot stop my activity.
> What I was trying to say it is easy to hide unwanted activity within
> legitimate one.
>
>
>> It never was a FW functionality. It's a snake-oil personal FW solution.
>
> A Snake is your favorite animal, I see :-)
When did oil become an animal? I'll put it to you another way. You have
been took. You have been bamboozled into thinking that something like
Commando is a FW solution.
>> > There is no need to compromise or even attack FW ( where HW/SW ones are
>> > strong ), if you can persuade him.
>>
>> We are talking about something like Commando that runs with the O/S. The
>> O/S
>> can be fooled and so can the snake-oil PFW solution if malware can get
>> there
>> and can be executed. It can punceh right through it.
>
> You have twice mentioned Commando - I do not know such PFW.
> Every software can be fooled, even such running on FWs,
> no matter if in DRAM or NOR Flash.
One can call it Commando, Comodo or Commode it doesn't make any difference
to me about a PFW solution. They are all junk. You see any of that trash
running on the Linux platform?
> BTW tests shows malware have hard time to get through PFWs.
> And there is very huge difference between packet filter,
> as you said PFW are at the best, and today PFWs.
No, they don't, when the user is running with admin rights and the malware
is running under those rights, which they can and do manipulate the FW rules
or some of that, toilet bowl, application control junk in them, punch right
through it. And beside, there is the fallible human being factor too. It's
not that hard to circumvent them.
>>
>> So, what happens at the boot and login process when malware can beat the
>> PFW, run and communicate, before the PFW can run to protect the
>> connection? The O/S is not waiting for the PFW before the connection is
>> make
>> available? The 3rd patry PFW is not an intergrated solution.
>
> Well, You made me little dissappointed at this moment.
> I have thought you have better idea about how they work.
> Their low level drivers are blocking all connection activity
> until PFW application is running.
Thst's BS, because I have tested the 3rd party PFW(s) for this, and they
CANNOT get to the connection first, because they are not an integrated part
of the Windows O/S platform. No Windows NT service is dependent upon or is
made to wait on the PFW service, none of them. If the PFW service is not up
and running, then how is it stopping anything that's gotten to the
connection first? It can't do it. The ones that can do it are the Windows XP
and the Vista FW(s), that's is, they get to the connection first and protect
the network connection, before anything else can use the connection.
You can put it to the test. You install Gator on that machine, and you set
all the rules you want to stop Gator form connecting outbound to one of its
many sites with your PFW solution, and you see if that PFW you hold in such
high regards can stop Gator at boot and logon. You can use Active Ports or
Currpotrs, and the best you might see is the connections being closed after
Gator has done its thing.
>
> You may know Perfectdisk as one of leading defragmenting programs,
> able to perform "offline" defrag of all system files.
> Well It has hard time today, not able to do it.
> Latest PFW denies exclusive access for it.
It's doing everything that it's not suppose to be doing. It's doing
everything but acting like a packet filter stopping unsolicited inbound
traffic from reaching the computer. It's a jack of all trades master of none
trying to protect *you* from *you*. If I don't want something to
communicate, then I stop with the O/S, or better yet, I don't install the
software at all.
| 
XML site map