Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: DES on November 18, 2001, 10:18:00 AM
-
What is an AH friendly firewall? I was running zonealarm but I couldn't give AH permision to connect with the most recent update. Had to keep rebooting and the blind Y didn't work. I have Tiny's personal running now but the thing keeps dropping me to the desktop asking permision for conect when I get port probe's, usaully at the most inopertune times.
DES
-
i haven't had or heard of any problems with 'black ice'
-
Wanted to follow up, I've dowloaded Zonealarm Pro trial version and that seems to work great. I guess you get what you pay for :) I guess I'll be buying the pro version instead of running the free one.
DES
-
ZA Pro is much better than the freebie option, you have much more control on how it handles programs.
Blackice ? last i heard it was a poor exscuse for a firewall.
http://grc.com/lt/leaktest.htm (http://grc.com/lt/leaktest.htm)
-
[ 11-18-2001: Message edited by: capt. apathy ]
-
Blackice ? last i heard it was a poor exscuse for a firewall.
http://grc.com/lt/leaktest.htm (http://grc.com/lt/leaktest.htm)
LOL, grc.com is not execatly the right pace to hear unbiased opinion on BlackICE ...
i'm using BlackICE and it's great ... IMHO of course.
Goner
[ 11-19-2001: Message edited by: Goner ]
-
Goner: BlackIce doesn't control the outgoing data from your computer so it won't protect you from potential backdoors. That's it's biggest downside.
What goes for Tiny Personal Firewall, I've been using it for months now and I'm very pleased with it. I don't get port scan pop-ups probably because I've set netbios off and all printer etc. shares off. If you enable only the necessary data your computer should be more or less invisible to the net. There's also an option to report access attempt to closed ports, you should probably close that if the messages bother you.
-
Goner: BlackIce doesn't control the outgoing data from your computer so it won't protect you from potential backdoors. That's it's biggest downside.
i know it doesn't ; that's why they call BID 'intrusion detection software', not 'firewall' ;)
i am more worried about what tries to come _in_ over the 'Net than what's going _out_ and IMHO BlackICE does a better job at that than ZA & TPF.
for the outgoing stuff i have a virus checker and AdAware ...
Goner
-
Well, I used to run BlackIce and Norton FW at the same time.. And when the firewall was enabled, BlackIce didn't report any intrusion attempts. Why? Because the attackers no longer saw my computer on the net.
I still think Tiny PF controls the net traffic efficiently enough in one simple package. It tells me if some software tries to contact something without me knowing (i.e. because of a built-in backdoor) and lets me block the traffic in two clicks.
BlackIce is perfect if you want to feel paranoid with all the hackers knocking down your door.. But that's only because it intentionally leaves you visible to the attackers, selling itself remarkably since now you see a huge amount of attack reports coming.
Just my observation - you're entitled to your opinnion of course.
<S> whatever works for ya, good enough for me.
-
But that's only because it intentionally leaves you visible to the attackers,
?? that's funny ...
because all the port-checker sites on the net (incl. grc.com) tell me after all their checking, that my PC is invisible to them ...
only thing that i see on BID are the probes that the script-kiddies let loose on whole IP-ranges.
seeing probes doesn't mean im not invisible.
Goner
-
Well for whatever the reason, BlackIce stoped detecting any attempts after I enabled the Norton. It became quiet enough that I finally decided to uninstall it for being useless.
Cut'n paste from grc.com:
'Eleven Months after the release of our first, simple, but effective and popular (1,876,669 downloads) LeakTest firewall testing utility, BlackICE Defender (BID) continues to "leak" — as defined by LeakTest. But a recent update to BID (version 2.9cai) was hiding this fact from its users by effectively cheating the LeakTest.
Rather than enhancing BlackICE Defender by adding the sort of application-level controls that are available even from many completely free personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent LeakTest's intended operation by adding specific awareness to BID of LeakTest's remote testing IP. '
I've read from many sources BID is not a viable choice for a single-solution FW. I have no reason to question them.
[ 11-19-2001: Message edited by: Mr RiplEy ]
-
I don't use a Firewall and I'm pretty much
closed up tight on my home PC. Completely stymies the GDC.org tests :) Here's how:
Go to the <B>c:\windows\system</B> directory (where c:\windows is the=
Windows directory)
Find the file named vnbt.386
Rename the file to vnbt.bak
Reboot the system
This will disable NetBIOS over TCP/IP support, which is the root of the
problem in the first place. The other parts of the NetBIOS subsystem are
left intact, which means that local area networks of which the computer
is a member of will continue to function, provided TCP/IP is not being
used for file sharing. An additional benefit to this procedure is that
no error messages are produced about unloadable registry modules. In the
event that problems are experienced, simply rename the file back to
vnbt.386
-Westy
[ 11-19-2001: Message edited by: O'Westy ]
-
I wish it was that simple westy, but it's not :)
-
Well if you guys feel so safe and happy about having no control over outward bound communications, i guess theres no point advising you to check up on spyware programs.
Commonly built into all those freeware programs available on numerous sites.
There is no limit to the amount of your personal info they could phone home with.
Personally i prefer to have direct control and stop dead any and all attempts at getting info i prefer kept private, and yes that does include my browsing history etc.
But just in case you never considerd it go here http://www.lavasoftusa.com/aaw.html#a3 (http://www.lavasoftusa.com/aaw.html#a3)
and see what if anything it finds.
[ 11-19-2001: Message edited by: 214thCavalier ]
-
Originally posted by 214thCavalier:
Well if you guys feel so safe and happy about having no control over outward bound communications, i guess theres no point advising you to check up on spyware programs.
did you read my post ?!
i specifically mentioned that i'm using AdAware ... <sigh>
Goner
-
Originally posted by Mr RiplEy:
And when the firewall was enabled, BlackIce didn't report any intrusion attempts. Why? Because the attackers no longer saw my computer on the net.
no, because Norton detected the intrusions first ... that it didn't report about it is probably due to the way you set it up ; you can set up BID so that it does not report too and just logs).
this is absolutely normal and is reported by scores of people running 2 or even more firewalls/ids packages ; 1 of them stops the probe and the other of course does not see the probe/intrusion it ...
(and don't ask me how you set it up so that your favourite package gets 1st in line, i never found the answer to that question)
Goner
-
Umm Goner first that reply was not directly at or specifically for you.
It is aimed at hopefully any others who may read this thread and need waking up to the dangers Westy included :)
Your comments however about multiple firewalls and only one detecting problems are to a certain extent correct.
Your secondary firewall will only pick up any threats the first fails to detect hence why some use multiple firewalls.
Btw another page to check out
http://grc.com/lt/scoreboard.htm (http://grc.com/lt/scoreboard.htm)
I realise you seem to have a problem with GRC.com why i fail to understand as he is not trying to sell you anything only reporting any failings in the firewalls he tested, of course i accept that nobody likes having there choice criticised but it is wise to keep an open mind when possible.
If your happy paying for your Black Ice Defender only blocking incoming attacks then fine.
But when theres a choice of another firewall that stops all incoming and outgoing communications unless you specifically allow them and its free for personal use (Zone alarm) then please explain wheres the logic in not using it ?
So far i have not found ONE review that rates BID higher than Zonealarm, if you can find one (other than BID themselves) then I reckon anybody can find at least 10:1 in Zonealarms favour.
Oh btw do me a favour and dont try, i wanna play AH not waste time proving a point :)
Bottom line is your Happy and I am Happy with our choices, and if someone else reads this thread and even thinks about it then its been worthwhile.
[ 11-19-2001: Message edited by: 214thCavalier ]
-
Umm Goner first that reply was not directly at or specifically for you.
ah, OK ... i thought it was because you said 'you guys' and Westy and i were the only ones posting and not agreeing.
I realise you seem to have a problem with GRC.com
only with the anti-BID propaganda there by Steve Gibson, that's all.
i've been visiting that site for years and Steve is very knowlegeable and a great programmer. the funny thing is that he used to be a BlackICE supporter and was very enthusiastic about it, until 1 day he did a 180 degree turn and started slamming it.
what happened is anyone's guess ... overall effect was that a lot of people do not take him as serious as they used to.
why i fail to understand as he is not trying to sell you anything only reporting any failings in the firewalls he tested,
i don't know how long you been visiting GRC but you must have noticed a very pro-ZA atmosphere there ... ;-)
So far i have not found ONE review that rates BID higher than Zonealarm, if you can find one (other than BID themselves) then I reckon anybody can find at least 10:1 in Zonealarms favour.Oh btw do me a favour and dont try, i wanna play AH not waste time proving a point :)
no chance ; not interested in reviews ... i tried Zone Alarm for quite some time - was in the beta when it was first launched on grc.com - and Tiny Personal Firewall and i just like BID better.
Goner
-
OK children - stop slugging each other off :)
Can someone tell me if XP's own firewaal is worth the effort to set it up? Thank you :)
-
Sygate Personal Firewall,i've been using it for 6 months and have had no probs..easy to set up and use,free for personal use,no ads :0
Steely