LISTSERV - PCBUILD Archives - LISTSERV.ICORS.ORG

PCBUILD Archives

Personal Computer Hardware discussion List

PCBUILD@LISTSERV.ICORS.ORG

	LISTSERV Archives
	PCBUILD Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: The world of networks
From:	David Gillett <[log in to unmask]>
Reply To:	PCBUILD - Personal Computer Hardware discussion List <[log in to unmask]>
Date:	Sat, 1 May 2004 23:08:33 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (62 lines)

On 1 May 2004 at 11:47, Betti Ann & Preston Smith wrote:

> Will these same laptop settings work when i drop into the local
> coffee shop with my laptap and tap into their wireless network?

  Maybe.  These are the kinds of network services that are handy to have on
your local LAN where you can probably trust most of the other machines, most
of the time.  You probably don't want to extend the same level of trust to
random visitors to the coffeeeshop, or to the Internet in general.
  You need to make sure only your home machines can abuse these services,
and ZA can help.

> Do I need to continue running Zone Alarm Pro 4.0 on both my laptop and
> desktop when in a hardwired or wireless mode?

On 1 May 2004 at 18:22, Bill Cohane wrote:

> I've had a broadband router/firewall for a couple of years now.
> And I've been using Zone Alarm Pro all that time.
>
> Let me tell you a true story.

  Actually, it's possible for a properly-configured (I'll come back to that
in a moment) firewall to block outbound traffic.
  What a host-based firewall like ZA can do, though, that a network firewall
can't, is match the outbound traffic to a specific application, even if it
uses the same network protocol as something you want to allow.

  A firewall is a policy-enforcement device.  That means that it can fail in
at least two ways:

1.  It may not correctly implement the intended policy.

2.  The policy may be inappropriate and/or ineffective.

  The key point is that simply *having* a firewall can never, on its own, be
enough protection.  Having two firewalls is likely to be better.
  Hardware firewalls come with a default policy that the manufacturer hopes
will be good enough for their customers, at the time they design (or, if
you're more lucky, ship) the product.
  A software firewall has two more advantages:

1.  It can be easier for the manufacturer to supply updates to meet new
threats.

2.  It has a third option besides permitting or blocking traffic; it can ask
the user how to handle this specific case, and optionally learn this as a
policy to apply to future incidents.
  This is, on the whole, *much* easier than trying to train every user to
become a security policy and firewall configuration specialist.

  Bottom line:  Each has its place, and most users are probably best off
running both sorts of firewall.

David Gillett

        The NOSPIN Group provides a monthly newsletter with great
       tips, information and ideas: NOSPIN-L, The NOSPIN Magazine
           Visit our web site to signup: http://freepctech.com

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG