-----Original Message-----
From: Jamy Klein
Sent: Friday, June 02, 2000 3:21 PM
To: '[EMAIL PROTECTED]'
Subject: RE: FW: Personal Firewalls Summary
Excellent assesment ont the intrusion/firewall issue. I however prefer the
definition given at www.whatis.com or give in the book "Firewalls: A
Complete Guide"
If false positives are a priority than black ice is definitelly not the
product to use. I used black ice for several months, and most of what I
received was false warnings, for example, black ice will list an icq file
transfer as a trojan port scan. This behavior does nothing other than to
frighten unknowing users.
For a single machine/1 user that wants protection and not alot of
configuration, I reccomend zonealarm, Mcafee firewall(private dekstop), or
Norton Internet security 2000. They provide very solid protection and are
very easy to setup and use. All 3 will ask a user if they want to allow
certain programs to access the internet, and will also block all 65535
ports. If you need more configuration, and logging options, I reccomend
Mcafee Firewall or Norton Internet Security, as they will both allow you to
setup rules in the manner of traditional firewalls, specifying ports,
services allowed on those ports, and what ip's can use those ports/services.
Jamy
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 02, 2000 3:06 PM
To: Jamy Klein
Cc: [EMAIL PROTECTED]
Subject: RE: FW: Personal Firewalls Summary
This issue I see is that many of the trade rags are blurring the
definition of a what a firewall is and what intrusion detection is.
True Intrusion Detection alerts regarding the anomalous activity that may
occur, this is after discarding normal user activity and classifying each
alert in some sort of categorical fashion, and then eliminating the false
positives that may occur. Each product listed below has a number of
alerts that could be classified as a false positives or events that are
normally generated when a user is connected to a network of sorts (i.e.
cable modem, ISDN, DSL, xDSL, T-1) and also the network environment they
are part of (Microsoft, Sun, Novell)..
The definition of a firewall has been explained in many books and many
whitepapers, and each definition I have read is a little bit different.
"Firewalls and Internet Security" by Bellovin and Cheswick has one of the
better definitions of what a firewall is, plus some interesting factoids
regarding "An Evening with Bereford"
Another source of a firewall definition is by listed in the Firewalls FAQ
(originally authored by Marcus Ranum ) and now maintained by Matt Curtin
of Interhack.
The key to the software listed below is to choose the software that
generates the least amount of false positives and has the ability to learn
a particular user's activity, and have the ability to add/delete filters
or events manually.
Each software listed below has been coded with varying logic to have or
display feature rich attributes over the other products in the same space.
It is like installing a Microsoft product, User Beware..
/mark
Jamy Klein <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
06/02/00 12:35 PM
To: [EMAIL PROTECTED]
cc:
Subject: RE: FW: Personal Firewalls Summary
A true firewall is available from www.tinysoftware.com it's called tiny
firewall, and has configurable rules/filtering, port blocking, and loggin.
It's only $29.95. Macafee personal firewall formerly conseal private
desktop
is only $39.95 and is also much better and a true firewall. Zonealarm is
much better than blackice and it's free.
So as for getting what you pay for, I disagree. Clearly, better products
are
available for the same price point or free in the case of zonealarm.
Jamy
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 02, 2000 2:31 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: FW: Personal Firewalls Summary
You can block specific ports with Defender. As for being a true firewall,
no it isn't. But, for the money you get what you pay for.
eric.
On Fri, 02 June 2000, Jamy Klein wrote:
>
>
> Balck Ice defender is not a true firewall.. It's basically intrusion
> detection.
> You can't set access rules, or block specific ports with defender, all
the
> other products listed are true port blockers at the least. In the case
of
> Conseal firewall and winroute tey are even packet filters. Network ice's
> site even states that it is intrusin detection and not a true firewall.
>
> Jamy
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Friday, June 02, 2000 11:41 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re: Personal Firewalls Summary
>
>
> BlackICE Defender is a much more evolved product, than most of them,
plus
> their documentation even with errors is far superior over the other
> products.
>
> The Radio Ads for MacAfee Personal Firewall sounds kindy of cheesy
> though..
>
> You really want something that is simple enough for my cat to install
>
> /m
>
>
>
>
> [EMAIL PROTECTED]
> Sent by: [EMAIL PROTECTED]
> 06/02/00 09:32 AM
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject: Personal Firewalls Summary
>
>
>
>
> If anyone is interested, here is a summary of the responses I received
> after
> requesting suggestions for Personal Firewalls:
>
> ZoneAlarm (3 recommendations) http://www.zonelabs.com/
> McAfee Personal Firewall (Formerly "ConSeal Private Desktop") (3
> recommendations) http://www.mcafee.com/
> BlackICE Defender (2 recommendations) http://www.networkice.com/
> WinRoute (1 recommendation) http://www.tinysoftware.com/
> CyberwallPLUS (1 recommendation) http://www.network-1.com/
> GNAT Box (1 recommendation) http://www.gnatbox.com/
> ConSeal PC Firewall (1 recommendation) http://www.consealfirewall.com/
>
> For the record, I was also pointed to Gibson Research
> (http://grc.com/default.htm) which has an online tool for testing how
secure
> your connection is, and describes a method for adding firewall-like
> protection
> to a Windows computer without actually installing a firewall; and I was
> reminded
> that VPNs and "insecure nodes" are a dangerous combination -- with or
> without
> firewalls.
>
> Thanks again to everyone that responded!
>
> Brant
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
