Glaucus wrote:
mikeymike wrote:
ZoneAlarm is a gaping security hole.
huh?!? Why do you say that?!?
It has been victim to some of the most trivial and obvious exploits (that even I could exploit, and I have no programming skills or s'kiddie tools).
Perhaps you ought to read up on your preferred security tool before putting your trust in it.
www.securityfocus.com might be a good first stop, though googling for zonealarm vulnerabilities might also help.
It is a
poor product.
My favourite of the vulnerabilities I read about it was one that, if an attacker attacked the system 'more than 200 times' (which is just a simple single port scan), zonealarm would crash, and the vulnerability allowed insertion of code into the memory space, which means an attacker could run any program they wanted.
Ok, so no program is perfect, but this is silly. It's like the zillion vulnerabilities in Outlook/Express regarding file extensions, adding double of triple extensions on the end of attachments, and they'd walk straight past attachment security. A firewall should be able to handle a port scan. It is not a firewall otherwise. It's a great big sign saying "NEWBIE HERE! TAKE OVER MY SYSTEM!".
Although the most amusing app for even the least knowledgable 'hacker' is Miribalis ICQ. I must have remotely crashed that app about 20 times using different methods, sometimes trashing its local ICQ database in the process. (I did this in a test environment btw - my job required testing Internet-talking apps a good deal more than others).
The only Windows firewall I've tried that seems to be half-decent, while not carrying along the kitchen sink is 8Signs Firewall. Although I haven't finished testing it yet.