Blackice Firewall

The company you work for are clueless. Sygate is way better.

Reply to
Redmond du Barrymond
Loading thread data ...

Lots of idiots are rich.

Reply to
Redmond du Barrymond

Just started a job where I often work from home with a company supplied Laptop (via a VPN).

Company also allows use of other PC's from home, but one of the criteria is that we must have Black ICE firewall.

I always thought Black Ice was NO one of the 'better' firewalls.

Is BlackIce any good. Before this I've always used Sygate Pro

Thanks

Clive

Reply to
Clive

Wouldn't say they are clueless - a very successful Multi billion dollar Global company. Yet I think their choice of Firewalls and AV (Trend) for Home workers is a little strange.

Maybe they go a good deal?

Clive

Reply to
Clive

"Clive" wrote in news:khi3e.1875$ snipped-for-privacy@text.news.blueyonder.co.uk:

Although I don't use BI except for on my laptop now, I never had a problem with the product.

Duane :)

Reply to
Duane Arnold

a technician installed Black Ice on my home computer. would you mind telling me what it is for? there are long lists of IPs supposedly trying to "attack" my computer every day, every second, and I can't believe it. so I was going to ditch it.

I also have AVG virus control, which looks less spooky to me, but I realize that's no way to talk about these high tech thingies.

Reply to
cantueso

We use the enterprise version where I work, Real Secure Desktop Protector. I think it's an excellent product. I personally don't use the application control module, but it is one of the better thought out ways of deal with application control I've seen. I just use its firewall and IDS module from wireless connections when I'm traveling on the road. If you do decide to use the app control, might I suggest you ditch the globalchecksum file and just use local checksumming for your machine?

Reply to
optikl

You probably just forgot to mention all the reasons why. I know, that happens to me a lot.

Reply to
optikl

I don't think either choice is strange. What you might want to do is check these products out for yourself and then form an opinion. An informed opinion, based on personal experience, is usually better than an opinion based on something you read in a Usenet NG, regardless from whom it comes.

Reply to
optikl

Now this shows you do a lot of thinking.

Reply to
optikl

Depends on the version you have installed. Newer versions provide firewalling, intrusion detection and application protection (control). The intrusion detection works off of a signature file data base. If you have the security cranked real high (Paranoid) you're probably going to see a lot of internet noise. But, the fact remains that unsolicited traffic is being blocked. Turn off the alerts in Black Ice. That way, you're not being aggravated by a lot of internet *noise*.

there are long lists of IPs supposedly

See the above.

Reply to
optikl

Internet Security Systems applications are the best we may have around. Nobody can compete but the only issue with those products is dickheads guys like you promoting something else without letting test...

Rosa

Reply to
Rosario Cevena

snipped-for-privacy@dieznet.com wrote in news:1112450810.359109.157830 @f14g2000cwb.googlegroups.com:

That's outrageous and you have no ideal about what you're talking about. All BI is doing is reporting inbound traffic that's hitting the FW most likely all the low-level Internet traffic that's flying around out there, which you can tell BI what type of threats you want reported to you and which ones you don't and basically mean nothing to you.

My WatchGuard FireBox SOHO 6 Firewall appliance that cost considerably more than BI logs everything that's hitting the FW and I have no choice but to view it, but I know what I am looking at. BI has many settings that can be used to tailor it for protection and reporting. You can configure it to not report certain things like low-level meaningless traffic and if you enable BI's logging you can still see all inbound traffic that's being stopped by BI's FW with VisualIce (free).

BI is not AV software it's a FW and Intrusion Detection application which does have some add features in it that can control malware but it is NOT a malware application. Yes, you either need to get the BI User manual which can be downloaded open it up and or read it or you uninstall BI because you do have to a little savvy to use BI.

Duane :)

Reply to
Duane Arnold

Hi Clive,

For your issue, why don't you call the ISS Support?

formatting link
Note, the ISS Support got the SCP Certification
formatting link
Kind regards,

Jean-Paul

Reply to
Jean-Paul Kuypers

thank you for your explanation. I will try to look into the BI manual. I simply do not understand what a "threat" is.

in other words, if I eliminate the program, what will happen to me or to my computer?

considerably

I cannot tell "meaningless traffic" from "a threat", and you are probably right in thinking that I should just get rid of that program or at least forget about it and let it do its thing while I look the other way.

it is strange to see that there are so many "attackers" whose IP is known so that suppliers and large computer based businesses like banks could identify and report them. or do they all use an anonymous IP so that it would be necessary first to stop the business of anonymous IP providers?

Reply to
cantueso

snipped-for-privacy@dieznet.com wrote in news:1112512502.585984.4710 @f14g2000cwb.googlegroups.com:

Well a threat basically is unsolicited inbound traffic from the Internet that's trying to reach your computer. BI's FW is stopping that unsolicited traffic. What is unsolicited traffic? An Internet accessing program such as IE or other programs running on the computer that makes contact with a remote IP a site like

formatting link
's IP from behind BI is solicited inbound traffic that's coming back from the site so BI is going to let it through. Any traffic that is reaching the FW and has not been solicited by a program running on your computer is a potential attack. All FW(s) work the same way and their job is to stop unsolicited traffic from reaching your computer.

There are all kinds of junk or low-level traffic that is flying around on the Internet. Some of that traffic is more serious as a threat like probing threats to find out what is the O/S fingerprint or some kind of discovery attempt for some service that's running on the machine.

Yes read the BI User manual to find out what attempts BI will report on. But basically you don't want the BI shield to flash Yellow because it's reporting all the low-level traffic that is hitting the FW. You want to set the reporting level to Orange or RED. However, BI can sound off on Orange a little too often so I always left it on RED. If it flashing

*RED* it was a serious enough for me to look at the BI log (using VisualICE).

So the bottom line is set the BI Reporting Level to RED, set the FW protection level to Paranoid, enable BI Logging and use VisualIce to review the logs. All unsolicited inbound traffic that's hitting the BI FW will be logged but only the serious threats will be reported to visually with BI attack indicator Icon.

You have no FW on the machine and unsolicted probs and attacks will reach the machine.

I don't even look the other way with the WG. And all personal FW solutions are sounding off or crying about nothing most of the time and are notorious for that type of reporting. And BI even more so since it has the IDS that is coupled with the FW and is recording and sounding off on what it considers attacks. That's what IDS does is sound alarms and report. But BI does look at the traffic that's coming through or reaching the computer and if it determines by looking at attack characteristics, protocols and signatures that's is an attack or has the potential to be an attack, it will block and report or just report on the attempt in the traffic. Otherwise, if it's being blocked at the FW and not making it, then it being blocked and IDS considers everything to be an attack and reporting it no matter what even if the FW is blocking meaningless low- level traffic or any other kind of unsolicted inbound traffic.

The choice is yours to make in determining what you're comfortable with in using something.

If I was a hacker/bank robber, I would use someone else's not protected properly or not protected period computer and use that computer for the attack using their computer's IP to pull the caper/robbery and they can trace it back to that person's computer and no further while I am in Rio de Janeiro or some place like that *Doing Big Pimping and spending the Cheese-($$$)*. ;-)

Duane :)

Reply to
Duane Arnold

Well, you could get off your lazy ass and look it up yourself. Or you could count all the posts in this group recommending Black Ice and put

2+2 together, dumbass.
Reply to
Redmond du Barrymond

No, just observant.

Reply to
Redmond du Barrymond

Screw you. Anyone who knows about firewalls knows Black Ice is one of the worst there is. Black Ice was popular, oh, about five years ago then people found out it was crap and moved onto better firewalls.

Reply to
Redmond du Barrymond

formatting link
's BlackICE Defender Update Apparently Designed to Mislead its Users

Eleven Months after the release of our first, simple, but effective and popular (4,340,641 downloads) LeakTest firewall testing utility, BlackICE Defender (BID) continues to "leak" ? as defined by LeakTest. But a recent update to BID (version 2.9cai) was hiding this fact from its users by effectively cheating the LeakTest.

Rather than enhancing BlackICE Defender by adding the sort of application-level controls that are available even from many completely free personal firewalls, BID's publisher, NetworkICE, apparently chose to prevent LeakTest's intended operation by adding specific awareness to BID of LeakTest's remote testing IP.

formatting link
BlackIce PC Protection: Dark and slippery

PC protection is a must, but many users will find BlackIce PC Protection's interface and rules baffling.

Waves apps through the blockade

Confusing, cluttered interface

Diligent but bothersome

Not everything is in stealth mode

formatting link
And Bad Online Security Check-Ups

You might think this a harmless prank, but I don't. That's because the site is using this ruse to scare users into buying a copy of Black Ice Defender, a personal firewall, supposedly to prevent this "vulnerability." (If you examine the site's sales URL, you'll see that the site owner is an "affiliate" of Network Ice, the publishers of Black Ice Defender.

------------------------------------------------

You people seen enough or do I have to beat you around the head some more?

Reply to
Redmond du Barrymond

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.