Jeff Deitz wrote:
>> At the very least they should be checking execution path! c:\Program
>> Files\Internet Exploder\iexplore.exe should be allowed, while
>> c:\temp\iexplore.exe should be recognized as a seperate application. If
>> windows will not report the execution path somehow (Which I would have
>> trouble believing, even from microsoft) then yes, they should checksum.
>> It's a reasonable approach.
>
> I don't believe that this is what a firewall is suppose to do. A firewall
> checks packets based on rules and has nothing to do with checking programs
> that are generating those packets. It seems that author of this ZDnet
> article had not a clue about what a firewall is or how it works and that is
> how the public gets mislead, poor journalism. Basically this article had
> nothing to do with firewalls.
The "personal firewalls" are not exactly firewalls; It's kind of like a
cross between Mac's "Gatekeeper" and a firewall; It's an application
firewall, I suppose you could say. The idea is that it protects you in
both directions. It doesn't handle virii or anything.
> He is a example of using the Author's logic:
>
> I have a lock(firewall) on my door that requires a key(firewall rules) to go
> in both directions. I leave my keys laying around the house when I am home
> because I feel secure. Someone gets in a window(trojan) of the house and
> uses that key to exit the front door. According to Scott Berinato this
> lock(firewall) is broke because it allowed someone other then me to exit. Is
> it the locks job to check who is using the key? That is exactly what Scott
> Berinato is saying in this article.
The thing is, it's not really like keys at all. It's more like there's a
door keeper, and the other program is wearing a mask with your face
printed on it, and he waves them through after seeing them through the
corner of the eye. Using the corner of the eye is looking at the name of
the application; Using the whole eye (or even both eyes, which would be
amazing) would be to inspect more data.
All such metaphors are flawed, however, as ALL metaphors are flawed.
We're all smart enough here to examine the issue without hiding it
inside of other language, so I think we should stick to examining the
issues at hand. The fact is that the personal firewall products lend a
false sense of security, which may actually make someone LESS secure in
some ways, through complacence. If you're going to do a job, there's no
sense in doing it any way but right.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
