|
PureBytes Links
Trading Reference Links
|
ZA is probably fine behind the Linksys router, especially with NAT, which
is an excellent shield in itself.
As I mentioned previously, the big problem with ZA is the single-thread
code bringing all network activity to a standstill, if you inadvertently
run a non-permissioned application that tries to access the Internet.
The best defense against Trojans is an up-to-date anti-virus program. If a
Trojan slips through, it sets up shop by listening on a "secret" port for
an external activation code. A stateful filter will note that the
activating packet is not in response to a valid session originating on the
LAN and drop the packet (logging the event). In fact, the firewall won't
even allow a response to a ping. Thus, it's totally invisible except for
LAN-initiated activity.
Allan
At 11:14 AM 6/25/2000, Bob Scott wrote:
>On Friday, June 23, 2000 9:20 AM Allan Kaminsky wrote:
> >Here's the best solution. Use a hardware firewall. I just installed
> >SonicWALL SOHO and it's a dream. None of the problems of the software
> >firewalls. Also, this box is configurable to provide NAT and/or DHCP, as
> >well as stateful packet filtering, content filtering, address list
> >maintenance, etc
>
>I use a Linksys router with ZoneAlarm as a secondary shield. When I was
>using only ZA I was recording intrusions several times a day. Since I added
>the router ZA has only detected one intrusion and I think it was someone
>that somehow "latched on" to one of my web searches. It apparently planted
>several trojans which were trying to "call home" but ZA halted the activity.
>Would "stateful packet filtering" of the SonicWALL have helped in this
>situation? For the time being I'll continue to run ZA behind the router.
>
>Bob
|