Closed Thread Icon

Preserved Topic: Allewyn, maX, Jetah Pages that link to <a href="https://ozoneasylum.com/backlink?for=20622" title="Pages that link to Preserved Topic: Allewyn, maX, Jetah" rel="nofollow" >Preserved Topic: Allewyn, maX, Jetah\

 
Author Thread
Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-20-2001 10:45

I just found a interesting article on the Network Black Ice site about Zone alarm. btw- I did download Zone alarm and I like it for one thing, "full" stealth, but then I can't go on the internet or my network folders. So I guess it is cool to lock everything up and all.

Read this article


Previous topic here





[This message has been edited by Dark (edited 10-20-2001).]

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted posted 10-20-2001 12:07

IMHO Things said in that article are plain bullshit. Why are they bullshit, you may ask. First reason is that that article is written by NetworkICE and they made BlackICE (you didn't expect them to say good things about ZA). Second reason is the date when that article was written (february 2000, ZA has been updated many times since then). Now, let me briefly explain how ZA now works...

ZA has two layers of security (I'll explain them below). In addition to that, they are divided into two zones (Local Zone for LAN & Internet Zone for internet). Besides those two layers of security, ZA also has option to completely lock all network access (when you don't use your computer) and can quarantine suspicious e-mail attachments (which you can later check with your AV program). Now, about those security layers. First layer of security monitors all incoming & outgoing traffic. With this layer of security you can control which requests should be allowed / disallowed and you can also fine tune this by blocking specific ports used by trojans. Second layer controls which application can access internet. ZA will ask you whether to allow access or not. And you can make it remember you decision (and let's not forget two different settings for Local & Internet zones), so it's not like NetworkICE said in that article that you'll have to always be near your computer and confirm your decision each time. Oh, and I almost forgot, you can also decide whether to allow acting as server for some specific application (and as we all know, trojans all act like servers to which hackers connect using client part of the trojan). The second layer that controls which applications can access internet is very useful, because you can easily determinate whether some application is spyware (i.e. it will try to connect to internet without you knowing it), and BlackICE can't control this (it will allow this traffic since it theoretically isn't invalid). And I can like this forever, heh...

And let's not forget one other thing. In that article NetworkICE said that BlackICE monitors traffic for any malicious things that go through. Personally, I think that that's not firewall's job. Here's why. For example, if firewall blocks common exploits of ISS (MS web server), person running ISS will never apply necessary security patches and since new exploits appear practically every day, firewall won't be able to block those new exploits (it would have to be updated frequently like AV programs) and they will go through to server that haven?t been patched. So, let's not mix AV programs & necessary security patches with firewalls...

Also, if we really want to take about firewall, the best software firewall comes with *BSD operating system. And when tuned properly (by person that knows what to do) it performs rock solid...

Uh, this should be all that I had to say...


Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-20-2001 12:12

whoa........



[This message has been edited by Dark (edited 10-20-2001).]

Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-20-2001 12:19

actually, don't get me wrong in saying that I have beefs with Black Ice as well as Zonealarm, I don't like BlackIce cause it will not currenly work under XP, as Zonealarm already has a updated driver that can be downloaded. I don't like zonealarm, or we should say there are somethings that I don't know how to configure to make me happy about zonealarm. Im sure that if I can somehow configure these, I will use ZA more. This is my deal.....I think that NBI is more of a "network" tool, hence the name. Zonealarm is more of a "true" firewall. Even NBI's websites says that BlackIce is NOT a firewall. So I think that I can run NBI, ZA, and Norton Anti-Virus 2001 all at the same time and be happy, right?

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted posted 10-20-2001 20:07

so most of you guys are using zonealarm?
well, i just downloaded the free version and im very confident with it. easy to use. nice interface....
cool thing!

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-20-2001 20:20

*heep!* (sound shemp makes, deep in the throat, while inhaling, kinda like a hiccup)



GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted posted 10-20-2001 20:24

by allewyn

now here's a question on ZA(free): is it possible to grant specified IPs access to my machine and/or can i open specified ports? if yes, how?

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-20-2001 20:25

What really impresses me here is the depth of feeling people can generate about one SW app over another. You've made some good points above and it's beginning to be clear that it's not just a matter of preference. ZA is free and I think that works into the psych of some people; they want to back a company that cares enough to provide free protection.

The advantage to ZA as I understand it now is it's configurability. Is that right? NIB doesn't have many settings and I thought that was good. Do I have to learn all about firewalls to use ZA effectively, or can I just turn it on and have the same or better protection that I do with NIB? IF the things you mention Max, are really that needed then maybe I'll DL and give it a spin. I need to work against this programming that retailware is better than freeware, created by all the crap that *is* freeware.

edit: new sig not loading, back to prior F2S



[This message has been edited by Allewyn (edited 10-20-2001).]

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted posted 10-20-2001 21:21

GRUMBLE, go to Security tab and then click on Advanced. From there you can control which ports you want to allow / disallow (on Local & Internet Zone Custom Settings tabs) and you can also grant specific IPs access to your computer by adding them to the Local Zone Contents.

Allewyn, you should at least try ZoneAlarm. If you don't like it you can always uninstall it, heh...


GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted posted 10-20-2001 22:03

ahhhh! thank you max.

this is very cool!
im running it now for about 2 hours and i get an alert every 15minutes that someone is trying to connect to my IP using some strange port. if i do a nslookup then, i see they are coming from france and belgium.

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-20-2001 23:34

Yeah, now that I have some disk space heh, I can try installing it there!

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-20-2001 23:38

Grumble: I've been getting tests from there too. Also quite a few from florida.

--------------------
I'm convinced the next attack will come through the internet.
--------------------

However, none them are getting through NIB. Got *all* kindsof crap trojans and other stuff that's recognized by the software, safely blocked for all time. I'm gonna test ZA tho...

Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-20-2001 23:45

Ok maX tell me if I'm wrong here.......

Allewyn-

Zone alarmA is not "freeware"
The trial version is free
The full program costs $19.95
And Zone Alarm Pro cost $39.95.
And don't forget Allewyn you have the "full" version of BlackIce

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted posted 10-21-2001 00:05

Dark, you're wrong... ZoneAlarm comes in two different flavors:

1. ZoneAlarm which is completely *free* for personal / non-commercial use (no trial, no bullshit) and $19.95 for business users
2. ZoneAlarm Pro which has a few more options (firewall system is the same, though) and costs $39.95


Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-21-2001 00:07

Ok my bad maX, what is the link for it then? I found a link for ZA and then I donwloaded it and it said it was a trial and was going to end in 30 days. I believe you...I jsut need to know where to download it from



[This message has been edited by Dark (edited 10-21-2001).]

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted posted 10-21-2001 00:11

http://www.zonelabs.com/zlpromo/zagrid.htm


Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-21-2001 00:47

Ok I must say that I am starting ot love ZA, when somone attacks my computer, i follow a link to a full description of waht happned and why, the only thing that I don't like is the fact that it won't give me anyting except a IP and Port number, Black Ice gives me everything about the, I can always use LANguard and ping thier IP to get NETBIOS and location, OS, and everything else. Another thing I like is that ZA can block AIM and any other program that uses the internet or server. I locked AIM, then unlocked it after 10min to see all these IM's flying at me. It was cool that it actually blocked these messages. This is funny ZA is blocking all the attacks and BlackIce isn't even getting a change to do anything , heh.



[This message has been edited by Dark (edited 10-21-2001).]

Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-21-2001 00:55

YES! I configured it where BlackIce could run next to ZoneAlarm, ZA is providing the best protection and I leave BlackIce on for the information at so I can see the Network Traffic. This is VERY good. Will take awile to get used to though.


GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted posted 10-21-2001 01:02

i dont know about blackice, but if its for measuring transfer etc. i recommend DUMeter.
: small, easy to configure, lots of features
: not free

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-21-2001 01:25

Dark - are you saying you just installed ZA and it runs at the same time as NIB?

Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-21-2001 01:35

Yes, I closed NBI and then started it back up, and then ZA asked me if I wanted to allow it to connect to the internet, and if so on what port. It works fantastic!




[This message has been edited by Dark (edited 10-21-2001).]

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-21-2001 02:11

OK, I gonna go get it now...brb

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-21-2001 02:21

Well, OK! Got it running "next" to NBI and we'll see what's what! heh heh

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-21-2001 02:28

Max, you there? (prolly sleepin, heh)

Dark? How do I set all the neat stuff you guys were talkin about? I don't even see a way to add programs to the list...

Encrypto
Obsessive-Compulsive (I) Inmate

From: Chicago USA
Insane since: Jan 2001

posted posted 10-21-2001 02:51

ZA usually asks you if you want to allow that a program to connect once you start it. That's how all my programs got on the list.

~Dreams of FTP access~

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

posted posted 10-21-2001 04:49

Yep, I see that now. One thing, I noticed that ZA shows an alert about inbound traffic but NBI doesn't. Is ZA catching it before NBI can? Dark? didn't you say both are useable together?

Oh, another neat thing: ZA gives you the option to find more info about the intruder by taking you to a website that has info on it. Tha's pretty cool However, in order to do a WhoIs, they want me to buy the pay-for version. I just go to another site and do the WhoIs for free.

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted posted 10-21-2001 20:29

Yep, I was sleeping... I live in CET time zone (the same as Doc and OZONE Asylum), so when it says 12 AM (or later) I'm probably in bed (I'm also human, you know?)...

Anyway, to answer your question, ZA catches everything before any other application can. And as far as WhoIs service is concerned, Zone Labs has to make money somewhere, but as you've said there are a lot of free WhoIs services on the net...


meathook
Bipolar (III) Inmate

From: USA
Insane since: Jun 2001

posted posted 10-21-2001 20:39

i've ran za for awhile now but when i first ran it, i was surprised how many peeps are trying to hammer you that you never know about.

Dark
Neurotic (0) Inmate
Newly admitted
posted posted 10-21-2001 22:48

You can add programs to the list in ZA, by simply starting them up while ZA is on. If the program has to connect to the internet it will show up in ZA asking if you want to allow it to connect or not. When I started NBI up while ZA was on, it still blocked things for me, and actually as long as I didn't lock everything off in ZA, BlackIce would still give me information (whois) while ZA did it's job of blocking the attack. So I guess you could say they are both doing a great job of protection for my computer

« BackwardsOnwards »

Show Forum Drop Down Menu