Norton vs Zone Alarm firewalls
in [Firewalls]
|
From: Sam Hobbs on 1 Dec 2007 01:02 "Ansgar -59cobalt- Wiechers" <usenet-2007(a)planetcobalt.net> wrote in message news:fika9uUka3L1(a)news.in-ulm.de... > In comp.security.firewalls RalfG <itsnotme(a)la-de-da.deda> wrote: >> "Gerald Vogt" <vogt(a)spamcop.net> wrote: >>> RalfG wrote: >> >> One of the >> reasons for monitoring outbound traffic is precisely to stop >> unrecognized processes from making connections, either to the internet >> or to other nodes on a LAN. > > Instead of restricting the communication of unrecognized processes you > want to prevent unrecognized processes from being started in the first > place. That's what AV software and SRP do. I think you are both correct. Doing both makes it more difficult for malicious software to work. Doing one without the other can be a vulnerability. Note: I am sorry that I had to add the other newsgroups back into the list of recipients of this, but I am unable to send to just comp.security.firewalls.
From: Sam Hobbs on 1 Dec 2007 01:23
"Gerald Vogt" <vogt(a)spamcop.net> wrote in message news:eN$4UbhMIHA.4476(a)TK2MSFTNGP06.phx.gbl... > > It cannot prevent some malware to put some mails into the outbox which is > send out the next time the user sends something out. Outlook Express won't send anything without some user involvement. In the past, it was possible for unauthorized software to spread themselves in the manner you describe but now Microsoft does not allow it. Certainly there is potential for sophisticated software to bypass such things, but if it were as easy as you say, we would sure hear about it. Windows, at least prior to Vista, is surprisingly vulnerable to software that is allowed to execute in a system. It is so vulnerable that it is nearly impossible to make a system totally safe from software running in a system. There are many ways for software to inject a DLL or other code into another process. Good antivirus software will catch most of those, and detection of injection is a critical way to catch most malicious software and that is how antivirus software might also catch many valid utility software. Regardlous, use of OE in the manner you describe is not as easy as you indicate. |