Compare firewall software to spy protection software

[tony@well.com]

On Sun, 20 Jul 2003 23:02:34 GMT, nemo outis@erewhon.com (nemo outis)
wrote:

>However, in actuality, a firewall - and prudence and care by the
>operator! - will only greatly reduce, but not entirely eliminate,
>spyware getting through. And so you will still need to run
>anti-spyware software such as Spybot & Adaware.

Thanks for the clarification.

T.

========================
Tony Roder, speaking his mind....

[tony@well.com]

On Sun, 20 Jul 2003 23:39:43 GMT, "YK" <YKnot@home.invalid> wrote:

>To prevent the intrusion of baddies, there are three things you can do.
>Note: You should keep these up to date as the baddies are always moving.
>
>Install a good HOSTS file.
>http://asp.flaaten.dk/proxo/topic.asp?TOPIC_ID=1311
>http://asp.flaaten.dk/proxo/hosts.zip

I've seen this mentioned here on several occasions, but I don't know
enough to do such an installation (unless these sites have some
instructions).

T.
========================
Tony Roder, speaking his mind....

[mto]

"default" <R75/5@defaulter.net> wrote in message
news:fndmhv86m1ujroelr2utkds367adrcmfoo@4ax.com...
> K-meleon allows one to reject graphics from outside the domain you
> visit. Seems that should cover the little vermin . . . what do you
> think?

Not always. Even though I have anything from third party sites blocked I
still see these come up in the ZA privacy notification (listed as Web Bugs
that have been blocked) on about 30% of the pages I visit.

> Web Washer claims to be able to dump the single pixel gif as well.
> You can configure it to insert the gif of your choice.
>
> Also has a neat mechanism to dump pop-ups that open when one enters
> and leaves a site.

Can't comment there. I use ZA Pro for it's ad blocking capabilities - ALL
the ads. The gif-bot is part of the code that downloads the ad, so no ad,
no gif-bot - and of course no popups either. It used to be just popups that
irritated me, till I noticed that MSNBC took a couple of minutes to load
completely on a dial up connection due to the presence of 6-15 ads from a
third party server for each and every page.

[Aaron]

"mto" <nobody@nowhere.com> wrote in
news:vhp5rfbllmqfd8@corp.supernews.com:

>
> "default" <R75/5@defaulter.net> wrote in message
> news:fndmhv86m1ujroelr2utkds367adrcmfoo@4ax.com...
>> K-meleon allows one to reject graphics from outside the domain you
>> visit. Seems that should cover the little vermin . . . what do you
>> think?
>
> Not always. Even though I have anything from third party sites
> blocked I still see these come up in the ZA privacy notification
> (listed as Web Bugs that have been blocked) on about 30% of the pages
> I visit.

Hmm that sounds strange. The person who owns the site will be able to log
your ip and whatnot directly anyway, he hardly needs a transparent gif to
do it, a web-bug? For him everything is a "web-bug" . Is ZAP doing some
kind of false positive, i.e 1x1 gifs used by the webmaster of the domain
for spacing?



>> Web Washer claims to be able to dump the single pixel gif as well.
>> You can configure it to insert the gif of your choice.

Well how about 3x1 pxels? 2x1?



Aaron
--
Want to learn how to use Winboard and the 150+ free Winboard
Chess engines?Visit http://www.aarontay.per.sg/Winboard/

[Jay T. Blocksom]

On Sun, 20 Jul 2003 16:57:52 -0400, in <alt.privacy.spyware>, "mto"
<nobody@nowhere.com> wrote:
>
[snip]
>
> ZoneAlarm was a pioneer of the idea of firewall protection for home
> computer users and is still recommended by most authorities as the best
> product for the average user.
[snip]

Only by those "authorities" who don't have the first frickin' clue what a
firewall really is, or what it is supposed to do. I point you AGAIN to:

<http://www.samspade.org/d/persfire.html>
<http://www.samspade.org/d/firewalls.html>

Please do try to understand at least some of it.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[tony@well.com]

On Tue, 22 Jul 2003 12:37:19 -0400, Jay T. Blocksom
<usenet01+SPAMBLOCK@appropriate-tech.net> wrote:

> But you'd still be far better off with a
>true hardware-based firewall, provided that you could gain some clue on how
>to use it properly.

Yes, I'd like to learn more about that (and maybe some of the other
readers would too). I'm listening.... particularly since this is one
alternative that's not mentioned very often.

>I would suggest that you start with a visit Sponge's Anti-Spyware
>site at <http://www.geocities.com/yosponge/>, then simply follow the
>(8-step) step-by-step directions you will find there. They're far from
>perfect; but they'll at least get you off Ground Zero.

A suggestion I will certainly follow, thanks.

T.
========================
Tony Roder, speaking his mind....

[mto]

"Aaron" <aarontaycheehsien@yahoo.com> wrote in message
news:Xns93C2F31506D4Bunknown23@203.116.1.193...
> "mto" <nobody@nowhere.com> wrote in
> news:vhq8uu5bu78s33@corp.supernews.com:
>
> >
> > "Aaron" <aarontaycheehsien@yahoo.com> wrote in message
> > news:Xns93C0C099F6E38unknown23@203.116.1.193...
> >> "mto" <nobody@nowhere.com> wrote in
> >> news:vhp5rfbllmqfd8@corp.supernews.com:
> >>
>
> >> >
> >> > Not always. Even though I have anything from third party sites
> >> > blocked I still see these come up in the ZA privacy notification
> >> > (listed as Web Bugs that have been blocked) on about 30% of the
> >> > pages I visit.
> >>
> >> Hmm that sounds strange. The person who owns the site will be able to
> >> log your ip and whatnot directly anyway, he hardly needs a
> >> transparent gif to do it, a web-bug? For him everything is a
> >> "web-bug" . Is ZAP doing some kind of false positive, i.e 1x1 gifs
> >> used by the webmaster of the domain for spacing?
> >
> > No - not a false positive. Otherwise I would see FAR more "web bugs"
> > than I do LOL. I'll take a look at the source code next time one
> > comes up on a page and see if that sheds any light.
> >
>
> Thanks, I would appreciate learning what you find out, how in the world
> could web-bugs work if you prevent remote sites from loading gifs. Other
> active components maybe?
>

Okay, I found two things in the code on the MSNBC front page that might be
the web bug ZA is reporting. One is listed as an <img src but then calls a
cgi script bug.cgi. The other is indeed a 1x1 gif with cookie but it is
served up by c.msnbc.com rather than some third party site. This is a site
that I see web bugs blocked on every page, though I have all ads blocked &
scripts turned off to the point that I have no menu. (akamai happens to
serve the CSS for the msnbc page so if you block akamai to block ads
internet wide you also happen to turn off all the graphics at msnbc.)

I also found a number of 1 pixel wide gifs in the advertisements with
heights that matched the height of the banner ad - those I suspect are also
bugs, since there is no point whatever in making a banner ad 1 pixel
narrower than usual and then adding a "spacer" from a technical or artistic
point of view. No one other than a graphics expert actually looking for the
thing would notice that one pixel difference, particularly at the higher
resolutions that we all use these days.

Used to be web graphics were designed to display at 72 pixels per inch and
600 x 800 or less. Nowadays monitors are set to 96 and over 1000. The 1
pixel becomes so small as to be nearly invisible.

[Aaron]

"mto" <nobody@nowhere.com> wrote in
news:vi02cai7b0fb16@corp.supernews.com:

>
> "Aaron" <aarontaycheehsien@yahoo.com> wrote in message
> news:Xns93C2F31506D4Bunknown23@203.116.1.193...
>> "mto" <nobody@nowhere.com> wrote in
>> news:vhq8uu5bu78s33@corp.supernews.com:
>>
>> >
>> > "Aaron" <aarontaycheehsien@yahoo.com> wrote in message
>> > news:Xns93C0C099F6E38unknown23@203.116.1.193...
>> >> "mto" <nobody@nowhere.com> wrote in
>> >> news:vhp5rfbllmqfd8@corp.supernews.com:
>> >>

>> >> Hmm that sounds strange. The person who owns the site will be able
>> >> to log your ip and whatnot directly anyway, he hardly needs a
>> >> transparent gif to do it, a web-bug? For him everything is a
>> >> "web-bug" . Is ZAP doing some kind of false positive, i.e 1x1
>> >> gifs used by the webmaster of the domain for spacing?
>> >
>> > No - not a false positive. Otherwise I would see FAR more "web
>> > bugs" than I do LOL. I'll take a look at the source code next time
>> > one comes up on a page and see if that sheds any light.
>> >
>>

> Okay, I found two things in the code on the MSNBC front page that
> might be the web bug ZA is reporting.

Hmm, ZAP doesnt tell you for sure?


>One is listed as an <img src
> but then calls a cgi script bug.cgi.

I don't see this anywhere in the html source, but seems to me ZAP is just
keying off on the word "bug". Still it's Probably a remotely hosted cgi
script (on akamai?), I dont think you can switch that off.


The other is indeed a 1x1 gif
> with cookie but it is served up by c.msnbc.com rather than some third
> party site.

Well not sure how this qualifies as a web-bug.
If you are worried about the cookie just block it.

This is a site that I see web bugs blocked on every page,
> though I have all ads blocked & scripts turned off

I don't think you can turn off server side scripts?
So that might be a hole...

to the point that I
> have no menu. (akamai happens to serve the CSS for the msnbc page so
> if you block akamai to block ads internet wide you also happen to turn
> off all the graphics at msnbc.)

Yes, that's the whole point, the web-bug doesnt have to be a 1x1 gif, it
can be anything, any picture, or essential file that resides on another
server. Akamai for example is so integreted with the above site that
if you refuse to connect to it at all, you don't get much from the site.

Does ZAP consider the css file has a web-bug? It should, since everytime
someone logs on, the css file is pulled from akamai's servers, and they
record your ip address.



>
> I also found a number of 1 pixel wide gifs in the advertisements with
> heights that matched the height of the banner ad - those I suspect are
> also bugs, since there is no point whatever in making a banner ad 1
> pixel narrower than usual and then adding a "spacer" from a technical
> or artistic point of view. No one other than a graphics expert
> actually looking for the thing would notice that one pixel difference,
> particularly at the higher resolutions that we all use these days.
>
> Used to be web graphics were designed to display at 72 pixels per inch
> and 600 x 800 or less. Nowadays monitors are set to 96 and over 1000.
> The 1 pixel becomes so small as to be nearly invisible.
>
>



Aaron
--
Want to learn how to use Winboard and the 150+ free Winboard
Chess engines?Visit http://www.aarontay.per.sg/Winboard/

[Jay T. Blocksom]

On Wed, 23 Jul 2003 02:36:27 GMT, in <alt.privacy.spyware>, tony@well.com
wrote:
>
> On Tue, 22 Jul 2003 12:37:19 -0400, Jay T. Blocksom
> <usenet01+SPAMBLOCK@appropriate-tech.net> wrote:
>
> > But you'd still be far better off with a
> >true hardware-based firewall, provided that you could gain some clue on
> >how to use it properly.
>
> Yes, I'd like to learn more about that (and maybe some of the other
> readers would too). I'm listening.... particularly since this is one
> alternative that's not mentioned very often.
>
[snip]

Well first, the single biggest reason you want a hardware-based firewall is
so you can really put your computer(s) *behind* it. That is obviously
impossible with a software-based firwall running on the same box(es) that
it's trying to "protect". Combine that with Windows' legendary inherent
insecurity, and, well... It becomes effectively not much more than a
"tissue-paper wall". A secondary benefit is that this means there is (at
least) one less program running (and thus inevitably sucking up memory,
system resources, CPU cycles, etc. -- not to mention the potential for bugs)
on your "real" system, which is an unmitigated plus -- i.e., there's no down
side to this.

Second... As little as one-two years ago, at least most off-the-shelf
hardware firewalls were either too expensive (the pro gear) or too lame (the
consumer gear) for serious consideration by most users. So the only really
good AND cost-effective alternative was to do a "roll-your-own" based on an
old leftover '486 or somesuch running under *nix (typically Linux), then
place that single-purpose box between your other computer(s) and the 'net
conection. But this approach, while still potentially valid, requires a
fair amount of expertise in not only security issues in general, but also
*nix and the pertinent *nix apps/utilities you'd use for this in particular.
Hence, it has never been a very popular approach.

But things have changed.

Go read up on things like the D-Link DFL-80 and the NetGear FR328S or maybe
even the NetGear FR114P (which is not quite as flexible or as capable as the
other two; but it's still not bad, especially for the buck). The full
User's Guides for each of these is downloadable (in .PDF format) from their
respective manufacturer's web sites, and will give you a good idea of their
capabilities. For something around $200 (or less, perhaps much less), you
now can get a nicely packaged off-the-shelf device which not only rivals (or
perhaps even exceeds, depending) the capabilities of the typical
roll-your-own Linux-based router/firewall, it also fits on a small shelf,
consumes very little power, needs very little maintenance (other than
keeping the DENY tables current, of course), has a factory warranty, and
will in general be MUCH easier to deal with for most typical Windows users.

> >I would suggest that you start with a visit Sponge's Anti-Spyware
> >site at <http://www.geocities.com/yosponge/>, then simply follow the
> >(8-step) step-by-step directions you will find there. They're far from
> >perfect; but they'll at least get you off Ground Zero.
>
> A suggestion I will certainly follow, thanks.
>
[snip]

Good. But remember, that's still really only a stop-gap measure.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[tony@well.com]

On Fri, 25 Jul 2003 14:01:14 -0400, Jay T. Blocksom
<usenet01+SPAMBLOCK@appropriate-tech.net> wrote:

>Go read up on things like the D-Link DFL-80 and the NetGear FR328S

I'm on my way. Thanks.

T.
========================
Tony Roder, speaking his mind....