RE: Re[2]: [Full-disclosure] Personal firewalls.
Any self-respecting network administrator, (who knows what he/she is doing), would have planned for that And setup some kind of overideing ruleset, that will allways allow communiction to/from it's own resources. A.K.A, the BLACKHOLE / IP BANNING would be overiden for IP's resources, like that of it's DNS Servers. But, that could, too, be exploited. If Z spoofs packets using the ip of the DNS Server (the one that is not banned because of the overide or 'never ban these ips, etc') Would be allowed to send those packets, SYN Packet, etc, as was stated, ad infinitum. As, they say, no computer or server is ever, *TRULY*, secure - even with a software or hardware firwall, or 'voodoo-like' security measures. Digitalchaos (just my 2 cents) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thierry Zoller Sent: Friday, January 20, 2006 5:58 PM To: full-disclosure@lists.grok.org.uk Subject: Re[2]: [Full-disclosure] Personal firewalls. Dear Eliah Kagan, EK Then Z comes along and sends a EK bunch of SYN packets to X, spoofed to have the source IP of Y, waits EK 10 minutes, and repeats ad infinitum. Z sends spoofed packets coming from the DNS server of X even more interesting.. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.21/236 - Release Date: 1/20/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.21/236 - Release Date: 1/20/2006 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
FW: [Full-disclosure] Re: Re: PC Firewall Choices (an alternative choice)
From: William DeRieux [mailto:[EMAIL PROTECTED] Sent: Thursday, January 19, 2006 10:24 PM To: 'Nancy Kramer' Subject: RE: [Full-disclosure] Re: Re: PC Firewall Choices (an alternative choice) You could try, 8signs firewall (it is designed with servers in mind, but works for home desktops just as well) 8Sings firewall, not free though, has a wizard that walks you through creating a ruleset Asking you what servies you want to run, webserver, emailserver, etc, etc, even things that aren't servers. Plus it is really easy to use, if you inititally tell it to block all traffic, unless there is a rule for that particular traffic, no packets or data That don’t have a corresponding rule will not be able to get throught; You can right-click on that traffic in the programs log window and tell it To make a ruleset for the specific traffic, and choose to block or accepts incoming/outgoing connections or both (as simple as point click), I havent had any trouble with it, and have been running it for about half of a year. It has TCP, UDP, ICMP, ARP, RARP, Mac Address Rules - with different configuration for each network adapter, both ethernet wireless. It also has a configuration wizard for each adapter. And has the following other options *SYN Flood Protection *Port Scan Protection *and Automatic Manual Ban List (for flooding, port scanning, etc) It even has a built-in learning mode You can look them up here: http://www.consealfirewall.com/ William (*note I am not trying to ADVERTISE THIS PRODUCT, I AM just trying to help give someone an alternative, they may not have known about*) FC, ROCKS! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nancy Kramer Sent: Thursday, January 19, 2006 10:30 PM To: Stan Bubrouski; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Re: Re: PC Firewall Choices I admit I know nothing about firewalls but with ZA I have had to shut it down sometimes to go onto the internet. I have no idea why. I just can't get on and when I shut it down I can. Never had the problem with Kaspersky. I do know that configuring a firewall right takes some knowledge and I know I don't know how to do that and ZA did not come with instructions telling me that, but Kaspersky was intuitive. If just popped up and asked if you want to let a certain application get on the internet and you answer yes or no and then it remembers. I think someone who did not even know what a firewall is could use it on their computer without problems like a typical end user. That impresses me. With the proliferation of broadband I think the typical home user should have a software firewall if they have broadband. Naturally a friend of mine had Windows XP and Norton Firewall and his machine on broadband got hacked anyway. But that is consumer Norton and that is another story which would be off topic to this subject. Regards, Nancy Kramer Webmaster http://www.americandreamcars.com Free Color Picture Ads for Collector Cars One of the Ten Best Places To Buy or Sell a Collector Car on the Web -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.21/235 - Release Date: 1/19/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.21/235 - Release Date: 1/19/2006 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
FW: [Full-disclosure] Re: Re: PC Firewall Choices (an alternative choice)
From: William DeRieux [mailto:[EMAIL PROTECTED] Sent: Thursday, January 19, 2006 10:24 PM To: 'Nancy Kramer' Subject: RE: [Full-disclosure] Re: Re: PC Firewall Choices (an alternative choice) You could try, 8signs firewall (it is designed with servers in mind, but works for home desktops just as well) 8Sings firewall, not free though, has a wizard that walks you through creating a ruleset Asking you what servies you want to run, webserver, emailserver, etc, etc, even things that aren't servers. Plus it is really easy to use, if you inititally tell it to block all traffic, unless there is a rule for that particular traffic, no packets or data That don’t have a corresponding rule will not be able to get throught; You can right-click on that traffic in the programs log window and tell it To make a ruleset for the specific traffic, and choose to block or accepts incoming/outgoing connections or both (as simple as point click), I havent had any trouble with it, and have been running it for about half of a year. It has TCP, UDP, ICMP, ARP, RARP, Mac Address Rules - with different configuration for each network adapter, both ethernet wireless. It also has a configuration wizard for each adapter. And has the following other options *SYN Flood Protection *Port Scan Protection *and Automatic Manual Ban List (for flooding, port scanning, etc) It even has a built-in learning mode You can look them up here: http://www.consealfirewall.com/ William (*note I am not trying to ADVERTISE THIS PRODUCT, I AM just trying to help give someone an alternative, they may not have known about*) FC, ROCKS! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nancy Kramer Sent: Thursday, January 19, 2006 10:30 PM To: Stan Bubrouski; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Re: Re: PC Firewall Choices I admit I know nothing about firewalls but with ZA I have had to shut it down sometimes to go onto the internet. I have no idea why. I just can't get on and when I shut it down I can. Never had the problem with Kaspersky. I do know that configuring a firewall right takes some knowledge and I know I don't know how to do that and ZA did not come with instructions telling me that, but Kaspersky was intuitive. If just popped up and asked if you want to let a certain application get on the internet and you answer yes or no and then it remembers. I think someone who did not even know what a firewall is could use it on their computer without problems like a typical end user. That impresses me. With the proliferation of broadband I think the typical home user should have a software firewall if they have broadband. Naturally a friend of mine had Windows XP and Norton Firewall and his machine on broadband got hacked anyway. But that is consumer Norton and that is another story which would be off topic to this subject. Regards, Nancy Kramer Webmaster http://www.americandreamcars.com Free Color Picture Ads for Collector Cars One of the Ten Best Places To Buy or Sell a Collector Car on the Web -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.21/235 - Release Date: 1/19/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.21/235 - Release Date: 1/19/2006 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/