Is your firewall spying on you???

[ZuePhok]

one router fixes everything

im not running DOD systems or sensitive database. as long as my PC/network is a behind a NAT and I close every un-needed ports, Im pretty much safe from any window loopholes attack. running a software based firewall is just a waste of my pc resources, at least for me personally.

besides, one of the reason why xp users are having so much security problems (malicious app auto install..etc) is that they always login as administrator (or acc that has administrative right). 99% of us (home users) do. if u want to lower the risk, create a basic acc. if you want to install something, use Run As.

in linux (etc. ubuntu), gnome doesnt allow u to login as root on X. thats pretty strict and good.

[hyper_raider]

Quote:

Originally Posted by ZuePhok

one router fixes everything

im not running DOD systems or sensitive database. as long as my PC/network is a behind a NAT and I close every un-needed ports, Im pretty much safe from any window loopholes attack. running a software based firewall is just a waste of my pc resources, at least for me personally.

besides, one of the reason why xp users are having so much security problems (malicious app auto install..etc) is that they always login as administrator (or acc that has administrative right). 99% of us (home users) do. if u want to lower the risk, create a basic acc. if you want to install something, use Run As.

in linux (etc. ubuntu), gnome doesnt allow u to login as root on X. thats pretty strict and good.

You can login using the command prompt in X wat...open up a terminal and type sudo -s

[Domster]

Quote:

Zone Labs says its firewall is no spy

No need for alarm


ZONE LABS claims the communications detected by Infoworld boffin James Borck between its Zone Alarm Firewall and a bunch of remote servers are benign.

See "Is your fireall spying on you?" here.

The company sent us a statement outlining what it says is the truth of the matter.

Furthermore, it suggests that blocking communications between the product and the company could "significantly compromise" the protection offered by its ZoneAlarm product.

It says the software is periodically updated as new web-threats arise and claims, "the only way to deliver those updates is to maintain some level of communication between the software on a user’s PC and the Zone Labs servers".

Here's a chunk of the statement:

"For any users who are concerned about this communication between the user’s PC and the Zone Labs servers, it is important to note that Zone Labs does not infringe upon the privacy of our customers. We don’t save personal information. We don’t do many other things that legitimate software companies do to enhance their marketing efforts, like use persistent Web cookies. This conservative approach is intentional because we take privacy extremely seriously.

"After being contacted by James Borck of Infoworld, we maintained an ongoing dialogue with him to discover the source of his issue. Initially, we were unable to reproduce it in our labs, until he submitted his log files. At that point, we were able to identify the bug and provided Mr. Borck with a temporary workaround. We never refuted his contention that an issue existed, although it did take some time to replicate it.

"The actual communication in dispute is a simple encrypted GET request that is checking to see if the user’s security software is current. We will continue to work with Mr. Borck and anyone else who might have any concerns about this issue." µ

Source: http://www.theinquirer.net/?article=29254

[ZuePhok]

Quote:

Originally Posted by hyper_raider

You can login using the command prompt in X wat...open up a terminal and type sudo -s

yeah i know. but my point isn't about the command prompt.
i mean ubuntu thru the main gnome gui login.. nope, but on windows yes.

Quote:

Originally Posted by fyire

or try using the DLINK DSL-500T. runs linux inside, using a MIPs CPU, and u can access the command prompt to do your own custom firewall rules as well (I personally find this to be a lot easier than trying to navigate through their web interface for the firewall.)

hi, how do we add our own ruleset permanently because after every reboot, still the same old one la

[buildcustompc]

WOW! No more ZoneALARM for me. I'm switching to my hardware firewall. Dummy me...

[1031982]

Why would they care what there users look at? The only thing I could think of is that it tracks how software uses the internet, and what that software is. The reason, to make the firewall more automated. It can send back what software is allowed access to the internet, what ports it uses, and that's all. Now, if it looks at more, then there breaking there own system.

[fyire]

Quote:

Originally Posted by PlaySafe

hi, how do we add our own ruleset permanently because after every reboot, still the same old one la

If I remember correctly, there's a file named something like config.xml somewhere in the /etc of the router when u telnet into it. Filewall rules should be in there if I'm not mistaken, as that's the file where any changes made via the web interface is saved to.

Try hunting down the XSD or DTD declaration of that .xml file, and you should be able to get an idea of how the XML syntax for declaring the firewall rules in config.xml is like. Alternatively you can add some firewall rules via the web interface, and see what kinda XML is generated for it.

Cant really help out much beyond that at the moment, 'cause the DLINK router that I had tried, I actually got it for my parents (who live a few hundred KM away) and havent really had the chance to go and fiddle with the thing in depth.

[Domster]

Quote:

No phoning home


JIM BORCK of Infoworld having originally caught Zone Alarm 'phoning home', was kind enouh to send us the following work-around to stop the firewall connecting to four remote servers for whatever reason.

Jim's fix is better than the one we suggested previoulsy, as it only blocks Zone Alarm's connections to those servers which do only Zone Labs knows what.

To implement the fix, add the following to your Hosts file:

127.0.0.1 cm2.zonelabs.com
127.0.0.1 hs2.zonelabs.com
127.0.0.1 ls2.zonelabs.com
127.0.0.1 pa2.zonelabs.com

Thanks Jim. µ

Source: http://www.theinquirer.net/?article=29616

[m0dD3r]

Wow that's nice to know. I've been using it for quite some time. Almost everyone I know uses it.