Jetico Personal Firewall freeware asks way to many questions

[Sebastian G.]

Maximus the Mad wrote:


> The normal user is running an account with write access.


Then there's no need to discuss security.

>> A real solution: a global non-exec policy enforced by the kernel.
>
> at which point the adverage user would get that glossy look in their
> eyes and say what????


If they decide to ignore the minimum required knowledge to operate their
computers properly, it's their problem, not mine. The computer and the way
computers operate won't change that soon.

> I justify it by the users that keep their systems free from malware.


Oh, no we're talking about empty sets...

> Immunization does not mess anything up.


It clodges the HKLM\Software\Classes\CLSID full of useless entries.

> A multi-layered approach


This has nothing to do with multiple layers (an often misused buzzword) or
with security at all.

> My concept works out here in the trenches.


Expect that it doesn't work at all. And I'd even refrain from calling it a
concept, because there's no logic behind it.

[John Adams]

Sebastian G. wrote:

>
> Aside from that it's the DNS *caching* service, your argument is
> nonsense.

It's called the DNS Client service in the services list, *******.

> http://www.mvps.org/winhelp2002/hosts.htm



> Editors Note: in most cases a large HOSTS file (over 135 kb) tends to slow down the machine. This only occurs in W2000/XP/Vista. Windows 98 and ME are not affected.
>
> To resolve this issue (manually) open the "Services Editor"
>
> * Start | Run (type) "services.msc" (no quotes)
> * Scroll down to "DNS Client", Right-click and select: Properties
> * Click the drop-down arrow for "Startup type"
> * Select: Manual, or Disabled (recommended) click Apply/Ok and restart. [more info]
>
> When set to Manual you can see that the above "Service" is not needed (after a little browsing) by opening the Services Editor again, scroll down to DNS Client and check the "Status" column. It should be blank, if it was needed it would show "Started" in that column. There are several Utilities that can reset the DNS Client for you ... [more info]

I've been using a hosts file to block **** for years now and don't
intend to stop because of what some moronic self-proclaimed "expert" thinks.

[Maximus the Mad]

John Adams <me@none.invalid> after much thought,came up with this
jewel in news:M_3Xi.15339$Nb1.10403@fe01.news.easynews.com:

> Sebastian G. wrote:
>
>>
>> Aside from that it's the DNS *caching* service, your argument is
>> nonsense.
>
> It's called the DNS Client service in the services list, *******.

and there are some other services that should be turned off.

>> http://www.mvps.org/winhelp2002/hosts.htm
>
>
>
>> Editors Note: in most cases a large HOSTS file (over 135 kb)
>> tends to slow down the machine. This only occurs in
>> W2000/XP/Vista. Windows 98 and ME are not affected.
>>
>> To resolve this issue (manually) open the "Services Editor"
>>
>> * Start | Run (type) "services.msc" (no quotes)
>> * Scroll down to "DNS Client", Right-click and select:
>> Properties * Click the drop-down arrow for "Startup type"
>> * Select: Manual, or Disabled (recommended) click
>> Apply/Ok and restart. [more info]
>>
>> When set to Manual you can see that the above "Service" is
>> not needed (after a little browsing) by opening the Services
>> Editor again, scroll down to DNS Client and check the
>> "Status" column. It should be blank, if it was needed it
>> would show "Started" in that column. There are several
>> Utilities that can reset the DNS Client for you ... [more
>> info]
>
> I've been using a hosts file to block **** for years now and don't
> intend to stop because of what some moronic self-proclaimed
> "expert" thinks.

as it should be.......

--
Virus Removal http://max.shplink.com/removal.html
Keep Clean http://max.shplink.com/keepingclean.html
Tools http://max.shplink.com/tools.html
Change nomail.afraid.org to gmail.com to reply by email.

[Sebastian G.]

John Adams wrote:

> Sebastian G. wrote:
>
>> Aside from that it's the DNS *caching* service, your argument is
>> nonsense.
>
> It's called the DNS Client service in the services list, *******.


Its internal name is DnsCache, and it has been well documented that the name
"DNS Client service" is highly misleading.

> I've been using a hosts file to block **** for years now and don't
> intend to stop because of what some moronic self-proclaimed "expert" thinks.


It's really strange that almost any other expert will tell you how flawed
this approach is.
Beside that, there's no need to block anything, since you have to implement
a serious filter at the application anyway.

[Michael J Kingston]

In message <5p4bajFob481U1@mid.dfncis.de>, Sebastian G.
<seppi@seppig.de> writes
>John Adams wrote:
>
>> Sebastian G. wrote:
>>
>>> Aside from that it's the DNS *caching* service, your argument is
>>>nonsense.
>> It's called the DNS Client service in the services list, *******.
>
>
>Its internal name is DnsCache, and it has been well documented that the
>name "DNS Client service" is highly misleading.
>
>> I've been using a hosts file to block **** for years now and don't
>>intend to stop because of what some moronic self-proclaimed "expert"
>>thinks.
>
>
>It's really strange that almost any other expert will tell you how
>flawed this approach is.

OK, how flawed? I'm happy with the effect that I SEE my Hosts file has.
What harm? I'd seriously like to know.

>Beside that, there's no need to block anything, since you have to
>implement a serious filter at the application anyway.

--
Michael J Kingston

[John Adams]

Sebastian G. wrote:

> Its internal name is DnsCache, and it has been well documented that the
> name "DNS Client service" is highly misleading.

I know what it does but why would I call it DNS Cache when it reads DNS
Client in the services list? That would be just confusing to someone who
may be reading this thread and want to implement a hosts file for
blocking malicious sites.


> Beside that, there's no need to block anything, since you have to
> implement a serious filter at the application anyway.

Whatever. All I know is that if I have 127.0.0.1
www.drivebuydownloadsite.com in my hosts file that site could never try
to infect my PC. It works and it works well so I use it.

[John Adams]

Sebastian G. wrote:

> It clodges the HKLM\Software\Classes\CLSID full of useless entries.

And how does that mess anything up? The registry size has no affect on
OS performance under XP and Vista, unlike Win9x.

[John Adams]

Sebastian G. wrote:

> it slows down the resolver

I already told you that disabling DNS Client Service fixes that.

Updating the HOSTS file requires write access that a normal user
> doesn't have there

If you use MVPS Hosts file it comes with a .bat file that takes care of
that for you. And what's the big deal about logging in to admin account
to write to the hosts file and then logging out and back into limited
user after? You are making a mountain out of a molehill.

[Sebastian G.]

John Adams wrote:


>> it slows down the resolver
>
> I already told you that disabling DNS Client Service fixes that.


No, you didn't, and it isn't true either.

>> Updating the HOSTS file requires write access that a normal user
>> doesn't have there
>
> If you use MVPS Hosts file it comes with a .bat file that takes care of
> that for you.


Yes, that's exactly the problem.

> And what's the big deal about logging in to admin account
> to write to the hosts file and then logging out and back into limited
> user after?


It demands me to provide the admin password to the system, which is
something that should be avoided as much as possible. At any rate, I'd never
provide for such an absolute idiotic administrative issue.

[Sebastian G.]

John Adams wrote:

> Sebastian G. wrote:
>
>> Its internal name is DnsCache, and it has been well documented that the
>> name "DNS Client service" is highly misleading.
>
> I know what it does but why would I call it DNS Cache when it reads DNS
> Client in the services list?


Because we're discussing its actual functionality?

> That would be just confusing to someone who
> may be reading this thread and want to implement a hosts file for
> blocking malicious sites.


Which hasn't become any less stupid idea yet. Since almost every website
should be considered malicious and especially truly malicious websites will
simply bypass the filter (by using randomly generated subdomains), this
approach will effectively be nothing else but a self-created DoS condition.

>> Beside that, there's no need to block anything, since you have to
>> implement a serious filter at the application anyway.
>
> Whatever. All I know is that if I have 127.0.0.1
> www.drivebuydownloadsite.com in my hosts file that site could never try
> to infect my PC.


And what about sadofhsajkldhfkjlsagdhfjkghdsaf.drivebuydownloadsi te.com?
Huh, didn't got that entry?

Aside from that, Drive-by-downloads are a well-known myth, supported by the
fools who can't even differ a shell from a webbrowser.

> It works and it works well so I use it.

Sure it seems so to you, since you're too incompetent to judge where it
fails (and it fails so blatantly).