On Thu, 2003-08-28 at 14:24, HaywireMac wrote: > On Thu, 28 Aug 2003 20:13:45 +0100 > Anne Wilson <[EMAIL PROTECTED]> uttered: > > > I fail to see the joke, too. When I used to run it I used the on-line > > > > checkers, and got nothing back but my router address. What joke? > > Because it is *on* the machine it is trying to protect. You > compromise the machine with a trojan, you compromise ZoneAlarm. > > Sorry, maybe joke was too harsh a word, but as I've stated, ZoneAlarm > will not protect you as well as a dedicated firewall, or even as well as > Shorewall, simply because it is not designed to deal with sophisticated > attacks like trojans that can execute code on your system, thereby > negating any protection ZoneAlarm would have presumably offered. > > Shorewall/IPTables offers a far more robust and subtle level of > protection because it can actually read the header info of incoming and > outgoing packets. AFAIK, ZoneAlarm cannot.
it is designed against trojans. it blocks all traffic in & out by default..and writes a signature for each app. if the apps compromised & tries to connect again, the sig is different. Won't let it out automatically, it stops it & asks if you want to let it. Usually thats good enough to alert a user to look twice at it. is it the best out there? no. Is it still good against trojans & Shit? IMO Yes. Try an compromise a ZA'ed system. You won't get far w/out alot of effort...and that keeps out the majority of the crackers. Femme
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com