On 4 Jun 2001, at 1:30, Russel Brooks wrote:
> After reading about Steve Gibsons recent problems at:
>
> > http://grc.com/dos/grcdos.htm
>
> I decided to install Zone Alarm on my home pc. Does anyone have
> comments on any interactions with Prime95 or any other comments?
Prime95 is likely to want to communicate with the server
occasionally, you will have to configure ZoneAlarm to permit that.
And it's bound to steal a few CPU cycles; probably not enough to be
significant, provided your system's network traffic volume is
reasonably small.
I had ZoneAlarm running on a PC running Windows 95 (at work, and
permanently connected to the 'net). I removed it having had a couple
of incidents where it locked the system up when the network load
became heavy. However people with permanent network connections
definitely should have some sort of firewall in place; ZoneAlarm
looks OK for protecting you provided your link speed is not much
greater than 1 Mbit/sec, i.e. it's just about OK for a DSL
connection, but not for sites with true broadband attatchment.
The system at work is now sheltering behind a firewall running on
another PC running linux. This is beautifully stable. I find the
linux firewall easier to configure than ZoneAlarm, but then this area
of expertise really is my job.
BTW ZoneAlarm, or any other firewall installed at your site, _cannot_
protect you from DoS attacks. You can only filter / reject packets
which have arrived; if you are under serious attack, then most likely
your net access link will be the bottleneck, so rejecting packets
which have already made it through is not much good. You need to get
your ISP to filter out damaging stuff before it gets sent to you.
Even then there is a limit; e.g. if you are running a web server then
you simply can't filter out packets from a DoS attack based on valid
TCP port 80 packets without effectively disabling your web server.
Fortunately the vast majority of the "script kiddies" that launch DoS
attacks have no real understanding of the way in which network
protocols work; they're the equivalent of mindless morons who wander
down the street kicking in automobile doors at random (for the sake
of doing damage) rather than the more sophisticated "joyrider" who
knows exactly how to break the locks on some particular models (for
the sake of enjoying a drive, at someone else's expense).
What ZoneAlarm really _is_ good at is diagnosing software which
(unbeknownst to you, the user) is sending messages from your system
to the outside world; i.e. spyware. This is a privacy issue, not a
network security issue, though I agree it's no less important for
that.
Regards
Brian Beesley
_________________________________________________________________________
Unsubscribe & list info -- http://www.scruz.net/~luke/signup.htm
Mersenne Prime FAQ -- http://www.tasam.com/~lrwiman/FAQ-mers
