After speaking with an engineer from ISS while evaluating their IcePac 3.0; this is apparently true. ZoneLabs and McAfee's Wintel host-based FW's will block outgoing traffic.
-----Original Message----- From: Paul Leroy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 30, 2002 5:07 AM To: 'garren'; [EMAIL PROTECTED] Subject: RE: Feedback on BlackICE... Hi, One comment I have heard is that Black ICE Defender does not stop outgoing connections. I'll have to find the reference, but it was to do with a trojan that openned a control connection to an IRC server. This means that Black ICE Defender will not stop you from participating as a zombie in a DoS attack. This was about a year ago, so I don't know if this has been fixed/added in a later version. Paul Leroy. -----Original Message----- From: garren [mailto:[EMAIL PROTECTED]] Sent: 29 January 2002 08:41 To: [EMAIL PROTECTED] Subject: Feedback on BlackICE... Hi all, I am looking at BlackICE and wondering if anyone has good/bad feedback on the tool. Do you think it does a good job of the combined Firewall/IDS/etc security that it claims it does? I have it installed and running and it has caught a few port scans and a DoS on my system but that could be just window dressing. Feedback is a good think... looking forward to yours. Cheers... "This e-mail may contain confidential information and may be legally privileged and is intended only for the person to whom it is addressed. If you are not the intended recipient, you are notified that you may not use, distribute or copy this document in any manner whatsoever. Kindly also notify the sender immediately by telephone, and delete the e-mail. When addressed to clients of the company from where this e-mail originates ("the sending company ") any opinion or advice contained in this e-mail is subject to the terms and conditions expressed in any applicable terms of business or client engagement letter . The sending company does not accept liability for any damage, loss or expense arising from this e-mail and/or from the accessing of any files attached to this e-mail." *****This information may be confidential and/or privileged. Use of this information by anyone other than the intended recipient is prohibited. If you received this in error, please inform the sender and remove any record of this message.*****
