On Friday 12 April 2002 02:37 pm, Toby wrote: > Alan writes: > > > I think the fact that Graham designed an intrusion detection product > > > (BlackICE now the core technology in ISS's RealSecure) is demonstrative > > > of his commitment to building solutions that are neither a nuisance or > > > an inconvenience. In fact, I would argue (although I have a rather > > > obvious bias here) that Mr. Graham's technologies are some of the least > > > intrusive security products that still deliver outstanding > > > capabilities. > > > > I tend to prefer ZoneAlarm. BlackIce has had too many problems in the > > past for me to trust it very far. > > Yes, but ZoneAlarm is NOT an IDS. It is a firewall with some other > abilities because it is on a host. Run IIS on two systems- load blackICE on > one, load ZoneAlarm on the other. Configure them both to be as secure as > possible while allowing HTTP access to port 80. Then run CodeRed (if you've > got a copy, or else some other attack if you don't) against them. See which > one blocks it- BI will. ZA will not. One is an IDS and watches the traffic. > One is a firewall and controls access. IDS allows for the need for > untrusted traffic/apps. Firewalls don't. I have not run it in a while, so the info I have is dated. One of the reasons I like ZoneAlarm is that it will flag OUTGOING traffic. Makes finding spyware/adware so much easier. Since I don't use Windows very much at all anymore, I have not investigated the current versions of the apps. I guess I will have to go back and review the current ones on the Windows side again.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:40:35 PDT