Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: PC Firewall Choices
From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 19 Jan 2006 14:36:33 -0000

Nic Werner wrote in 
news:a050c2f00601171542o37d217d0r85a92048d6b62739 () mail gmail com
On 1/17/06, Greg <full-disclosure2 () pchandyman com au> wrote:
-----Original Message-----
From: full-disclosure-bounces@ On Behalf Of Nic Werner
Sent: Wednesday, 18 January 2006 10:05 AM

ZoneAlarm - gets in the way, and hard to diagnose problems.
You end up turning it off because it never remembers your
settings and you can't trust it.

Rubbish. Sure it gets in the way. It is MEANT to get in the way. If you
close it down, it is likely because you don't know how to drive it. The
prog CAN be a little hard to newbies to understand if you want to go
internet banking etc but people on this list ought to know how to handle

Getting in your way as opposed to letting you get work done are two
different things. Kerio does a great job of popping up and explaining
what is happening while I've seen more people confused by ZA and its

No, we've turned ZA off as web sites or programs won't load
(Ciscoworks, nGenius, etc) and even though we've checked the logs of
ZA, nothing shows as being blocked. Turn it off and everything
magically works. I will never run the bloat that is ZA.

  I'd like to second what Greg says.

  I've used ZA for years, through many changes of version.

  It's never forgotten its settings for me.
  It's never blocked anything it shouldn't or not blocked anything it 
  It's not remotely bloated compared to similar packages like anything 
  Nor do I find a dialog such as "Should internet explorer be allowed to 
connect to the internet" at all confusing.

  So I'm convinced the problem exists between chair and keyboard.

  Can you actually back up your claims?  For example, can you describe a 
simple procedure, that anyone with ZA installed could try out, that shows it 
to misbehave?  Or do you have detailed notes that you took at the time one 
of these problems occurred that shows the symptoms you observed and the 
steps you took to attempt to diagnose and solve the problem?

  Or can we just expect to hear "No, I didn't know what was going on, I 
didn't keep proper notes, I was in a rush and just needed to get things 
working so I didn't investigate"?  In which case it would be false to claim 
that you knew ZA to be the cause of the problem, rather than either pilot 
error or a faulty PC or any number of other confounding factors that could 

  I hear people slagging off ZA quite often, but not one of them has ever 
been able to actually demonstrate a real problem or even explain what the 
problem is in terms any more precise then "Uh I dunno it just went wrong".


[*] which I consider to be the gold standard for lousy, bloated, buggy, 
faulty software.
Can't think of a witty .sigline today.... 

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]