Jetico Personal Firewall freeware asks way to many questions

[Sebastian G.]

goarilla wrote:


> XUL is a big bloated piece of crap


Quite the contrary. It allows for reference safety, type safety and contract
enforcement, and is still very fast due to JIT. One could compare it to
Java, or rather Python (because it allows on-the-fly changes).

>> So what? I'd say my trash can is the most beautiful one in the area. Yet
>> it's full of garbage and stinks.
>>
>
> you may talk all big and mighty but you're probably working with homogenous
> network environments in which ADS,group policy, proxy servers, etc, ...
> can be implemented


I wouldn't call a mixture of SunRay with Solaris and Debian Linux, x86 with
Debian and Windows 2000 + XP homogenous.
But why do you name group policy? This is, by design, not a security measure.

> sadly this isn't the case in 99,99 % of the home LAN environments and in
> which NOD32 is really really nice
> although it's a band-aid


As you say: it's a band-aid. Nothing more. Security starts with addressing
the causing, not cascading the symptoms. Especially since the main problem,
lacking user education, is even further amplified.

[goarilla]

Sebastian G. wrote:
> goarilla wrote:
>
>
>> XUL is a big bloated piece of crap
>
>
> Quite the contrary. It allows for reference safety, type safety and
> contract enforcement, and is still very fast due to JIT. One could
> compare it to Java, or rather Python (because it allows on-the-fly
> changes).
>
>>> So what? I'd say my trash can is the most beautiful one in the area.
>>> Yet it's full of garbage and stinks.
>>>
>>
>> you may talk all big and mighty but you're probably working with
>> homogenous
>> network environments in which ADS,group policy, proxy servers, etc,
>> ... can be implemented
>
>
> I wouldn't call a mixture of SunRay with Solaris and Debian Linux, x86
> with Debian and Windows 2000 + XP homogenous.
> But why do you name group policy? This is, by design, not a security
> measure.
>
>> sadly this isn't the case in 99,99 % of the home LAN environments and
>> in which NOD32 is really really nice
>> although it's a band-aid
>
>
> As you say: it's a band-aid. Nothing more. Security starts with
> addressing the causing, not cascading the symptoms. Especially since the
> main problem, lacking user education, is even further amplified.

ok what would you do when some of your stupid users
gets a virus ? reset a known good image ? that only works
if you have a homogenous windows env.

well not quite but if you have lots of different pc's with windows it's
a lot harder because you have
to manage a lot of different images

and what's the causing of security problems beside the user ?

[s|b]

On Mon, 29 Oct 2007 00:37:01 +0100, Sebastian G. wrote:

> > Anything else?

> Yes. Please flatten and rebuild your system. You broke it.

That's _really_ helpful. Danke!

--
s|b

[s|b]

On Mon, 29 Oct 2007 00:33:41 +0100, Sebastian G. wrote:

> WinIPFW <http://wipfw.sourceforge.net>
> (but only the latest SVN snapshot + some security fixes)

Thanks, I'll take a look at it.

--
s|b

[Sebastian G.]

goarilla wrote:


> ok what would you do when some of your stupid users
> gets a virus?


Depends on which systems. Those with higher security margins have a global
no-exec policy implemented, thus they simply can't anything but the
preinstalled software, and as long as this is up-to-date an in-memory
process compromise of the network is extremely unlikely.

On those with lesser security margin: Delete all programs and
script-relevant setting, if necessary restore their settings and their data
from the latest backup.

> well not quite but if you have lots of different pc's with windows it's
> a lot harder because you have
> to manage a lot of different images


Why are you always coming up with images? A user running malicious software
only compromises all the programs and the data he had access to, which is,
beside some necessarily shared data, only his own data. He can't damage the
data of other user, and neither the system.

> and what's the causing of security problems beside the user ?


Hardware errors. This is what the restore images are intended for: getting
the old system running on the new hardware again as soon as possible.

[Sebastian G.]

s|b wrote:

> On Mon, 29 Oct 2007 00:37:01 +0100, Sebastian G. wrote:
>
>>> Anything else?
>
>> Yes. Please flatten and rebuild your system. You broke it.
>
> That's _really_ helpful. Danke!

According to all the damage that you claimed to have done to your system, I
don't see any reasonable chance to get it up running normally and then even
securing it without a complete reinstall. The next time you should think
very very very careful about every non-user-specific change that you
introduce to the system, at best twice, before you most likely discard it as
a stupid idea.

[goarilla]

Sebastian G. wrote:
> goarilla wrote:
>
>
>> ok what would you do when some of your stupid users
>> gets a virus?
>
>
> Depends on which systems. Those with higher security margins have a
> global no-exec policy implemented, thus they simply can't anything but
> the preinstalled software, and as long as this is up-to-date an
> in-memory process compromise of the network is extremely unlikely.
>

how does one do that ?
have any concrete information pertaining these security measures ?

> On those with lesser security margin: Delete all programs and
> script-relevant setting, if necessary restore their settings and their
> data from the latest backup.
>
>> well not quite but if you have lots of different pc's with windows
>> it's a lot harder because you have
>> to manage a lot of different images
>
>
> Why are you always coming up with images? A user running malicious
> software only compromises all the programs and the data he had access
> to, which is, beside some necessarily shared data, only his own data. He
> can't damage the data of other user, and neither the system.
>

in a perfect world yes
that's how i do it here
and well it's not uncommon for malware to use local (root) exploits
to escalate privilege

>> and what's the causing of security problems beside the user ?
>
>
> Hardware errors. This is what the restore images are intended for:
> getting the old system running on the new hardware again as soon as
> possible.

huh please explain. do you have some information on how to create
'restore images' since when ... i think image i think hardware specific
root filesystem (windows)

[s|b]

On Tue, 30 Oct 2007 01:18:02 +0100, Sebastian G. wrote:

> According to all the damage that you claimed to have done to your system, I
> don't see any reasonable chance to get it up running normally and then even
> securing it without a complete reinstall. The next time you should think
> very very very careful about every non-user-specific change that you
> introduce to the system, at best twice, before you most likely discard it as
> a stupid idea.

I'm quite happy with my system, so there's really no need for you to
sulk about it...

--
s|b

[Dustin Cook]

"Max M.Wachtel III" <maxpro4u@nomail.afraid.org> wrote in
news:Xns99D7A575FF87Ewhatsinaname@207.115.17.102:

> Ansgar -59cobalt- Wiechers <usenet-2007@planetcobalt.net> after much
> thought,came up with this jewel in news:fg2n7nUkp7L2@news.in-ulm.de:
>
>> In comp.security.firewalls Gary <gareth@capecod.net> wrote:
>>> Lord Possum wrote:
>>>> One of the criteria I employ in judging a program's worth is not
>>>> only the installed size, but the amount of Registry entries, and
>>>> the number of functions requiring 'think' power ... a drain on
>>>> RAM resources. Sygate is heavy than many in that respect.
>>>>
>>>> And, as far as installed size ... 12MB compared to 8MB tells me
>>>> immediately that Sygate is 50% bigger, while doing no more or
>>>> any better than what I use. That apparently will not mean much
>>>> to those who don't care how much room a program takes up, but
>>>> the extra 4MB means more of something else for me. And, in the
>>>> end result, NetVeda is faster.
>>>
>>> What version of sygate are you referring too. 5.5.2710 is not
>>> bloated in my opinion.
>>
>> It just has serious design flaws and won't receive any bugfixes
>> anymore. Some qualification for a "security" product.
>>
>> cu
>> 59cobalt
>
> Software "firewall" is not a real firewall and a waste of resources.

I wouldn't outright say a waste of resources, you can use one to keep
some applications from calling home.. for whatever reason.

> A router/harding your system/safe-hex is the way to go.
> max

Agreed.



--
Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
Email.: bughunter.dustin@gmail.com
Web...: http://bughunter.it-mate.co.uk
Pad...: http://bughunter.it-mate.co.uk/pad.xml
PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

[Dustin Cook]

"Sebastian G." <seppi@seppig.de> wrote in
news:5okkncFn7a1hU2@mid.dfncis.de:

> Max M.Wachtel III wrote:
>
>
>> Here is a good start-
>> MVPS hosts file
>
>
> A very bad start for a proposedly good start. What should this **** be
> good for, other than ****ing up the system?
>
>> Firefox with NoScript and AdBlock installed
>
>
> AdBlock is not security relevant. And, of course, what about Firefox?
> Even NoScript can't make it any less broken. If you really like a
> Mozilla core, take Mozilla SeaMonkey.
>
>> a good AV solution(like NOD32)
>
>
> This is not even a solution at all.
>
>> Spyware Blaster
>
>
> Oh please...
>
>> Spybot Search+Destroy immunization
>
>
> OH PLEASE...
>
>> Turn off Windows Messenger
>
>
> Eh... yeah? Of course, intentionally running an insecure-by-design
> software is never a good idea.
>

You've got my curiosity. What problem do you have with the listed
applications?

And, you mentioned most router's these days aren't in fact firewalls. I'm
fairly certain this Linksys router does indeed have a firewall. Can you
elaborate on what specifically you are calling a firewall?


--
Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2d
Email.: bughunter.dustin@gmail.com
Web...: http://bughunter.it-mate.co.uk
Pad...: http://bughunter.it-mate.co.uk/pad.xml
PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt