Jetico Personal Firewall freeware asks way to many questions

"Sebastian G." after much thought,came up with this jewel in news: snipped-for-privacy@mid.dfncis.de:

calling something nonsense doesn't make it so.......

Reply to
Maximus the Mad
Loading thread data ...

And not calling it so doesn't make it any less nonsense. Now will you please acknowledge the big downsides of the HOSTS file approach:

- doesn't support wildcards, but the bad guy's DNS server does. We will simply use .domain.tld, and you'd never be able to keep up with that (for a sufficiently long subdomain name)

- heavily interferes with DNS resolving and partitially breaks DNS caching

- applies to every DNS lookup instead of just the ones issued by the exposed application

- cannot be updated by a non-administrator user, and neither should

- OK, if I was an evil guy I'd add many non-malicious servers into the list as well, and I'd make it so large that it seriously break the system. Congratulations for having created a wonderful DoS condition.

- the HOSTS file is a 30 years old, totally outdated idea

As far as this concludes, only totally stupid computer users would follow such a ridiculous approach, and it seems like there are a lot of them. You're one, too!

Now coming to serious approaches on filtering spam from websites:

- AdBlock Plus. Simple, efficient, supports wildcards and filtering specific elements.

- wildcard DNS manipulation using a local caching-only nameserver. BIND is particularly easy, but PowerDNS works as well.

- blocking network segment by IP address range using a host-based packet filter or a firewall

At any rate, no approach whatsoever could be a security concept, it's only good for filtering out advertisement and other kinds of annoyance - it can't make a vulnerable internet facing application any less critical. Therefore, this entire discussion *is off-topic here*!

Reply to
Sebastian G.

"Sebastian G." after much thought,came up with this jewel in news: snipped-for-privacy@mid.dfncis.de:

The normal user is running an account with write access. You need to get out more. Normal is a setting on my dryer(which doesn't work very well).

Yes but the folks at portable apps make changes to the programs that make them USB friendly.

at which point the adverage user would get that glossy look in their eyes and say what????. Most folks go out to BigStoreUSA,bring the thing home and just plug it in and go.

I justify it by the users that keep their systems free from malware. Immunization does not mess anything up. A multi-layered approach is the best way for the adverage user(who, by the way, runs with rights). Users want to be able to install,change things etc.

Infections are spread around the most by the home user. Most have no idea about group policies,limited user accounts,etc. My concept works out here in the trenches.

Reply to
Maximus the Mad

Then there's no need to discuss security.

If they decide to ignore the minimum required knowledge to operate their computers properly, it's their problem, not mine. The computer and the way computers operate won't change that soon.

Oh, no we're talking about empty sets...

It clodges the HKLM\\Software\\Classes\\CLSID full of useless entries.

This has nothing to do with multiple layers (an often misused buzzword) or with security at all.

Expect that it doesn't work at all. And I'd even refrain from calling it a concept, because there's no logic behind it.

Reply to
Sebastian G.

It's called the DNS Client service in the services list, asshole.

down the machine. This only occurs in W2000/XP/Vista. Windows 98 and ME are not affected.

restart. [more info]

(after a little browsing) by opening the Services Editor again, scroll down to DNS Client and check the "Status" column. It should be blank, if it was needed it would show "Started" in that column. There are several Utilities that can reset the DNS Client for you ... [more info]

I've been using a hosts file to block shit for years now and don't intend to stop because of what some moronic self-proclaimed "expert" thinks.

Reply to
John Adams

John Adams after much thought,came up with this jewel in news:M_3Xi.15339$ snipped-for-privacy@fe01.news.easynews.com:

and there are some other services that should be turned off.

as it should be.......

Reply to
Maximus the Mad

Its internal name is DnsCache, and it has been well documented that the name "DNS Client service" is highly misleading.

It's really strange that almost any other expert will tell you how flawed this approach is. Beside that, there's no need to block anything, since you have to implement a serious filter at the application anyway.

Reply to
Sebastian G.

OK, how flawed? I'm happy with the effect that I SEE my Hosts file has. What harm? I'd seriously like to know.

Reply to
Michael J Kingston

I know what it does but why would I call it DNS Cache when it reads DNS Client in the services list? That would be just confusing to someone who may be reading this thread and want to implement a hosts file for blocking malicious sites.

Whatever. All I know is that if I have 127.0.0.1

formatting link
in my hosts file that site could never try to infect my PC. It works and it works well so I use it.

Reply to
John Adams

And how does that mess anything up? The registry size has no affect on OS performance under XP and Vista, unlike Win9x.

Reply to
John Adams

I already told you that disabling DNS Client Service fixes that.

Updating the HOSTS file requires write access that a normal user

If you use MVPS Hosts file it comes with a .bat file that takes care of that for you. And what's the big deal about logging in to admin account to write to the hosts file and then logging out and back into limited user after? You are making a mountain out of a molehill.

Reply to
John Adams

No, you didn't, and it isn't true either.

Yes, that's exactly the problem.

It demands me to provide the admin password to the system, which is something that should be avoided as much as possible. At any rate, I'd never provide for such an absolute idiotic administrative issue.

Reply to
Sebastian G.

Because we're discussing its actual functionality?

Which hasn't become any less stupid idea yet. Since almost every website should be considered malicious and especially truly malicious websites will simply bypass the filter (by using randomly generated subdomains), this approach will effectively be nothing else but a self-created DoS condition.

And what about sadofhsajkldhfkjlsagdhfjkghdsaf.drivebuydownloadsite.com? Huh, didn't got that entry?

Aside from that, Drive-by-downloads are a well-known myth, supported by the fools who can't even differ a shell from a webbrowser.

Sure it seems so to you, since you're too incompetent to judge where it fails (and it fails so blatantly).

Reply to
Sebastian G.

That's wrong, since it consumes memory and disk resources, as well as it slows down key traversal (which is quite the common thing exactly for the CLSID subkey).

Reply to
Sebastian G.

Sebastian G. wrote: [snip]

that, i think, says it all...

Reply to
kurt wismer

Not enough to be concerened about.

Reply to
John Adams

Seems like a sarcastic expression of doubt, but of course it's a myth. There's no general way that just by visiting a website malware could be installed. What's needed that this actually works is a vulnerable webbrowser or something that is abused as such, and the trivial solution to this problem is not using a vulnerable webbrowser, thus it's anything but unavoidable. Instead of now throwing away their broken webbrowser or stop abusing a non-webbrowser as such those fools instead created a buzzword to blame their own incompetence on, and this buzzword is "drive-by-downloads".

Reply to
Sebastian G.

a) i'm unaware of anyone saying that drive-by-downloads don't depend on the existence of vulnerabilities... as far as i know the dependence on vulnerabilities is a widely accepted attribute of drive-by-downloads... b) the fact that they depend on vulnerabilities and/or the fact that they are avoidable doesn't make them any less real, it just makes them significantly less than a silver bullet for the bad guys... c) things that are real are generally not referred to as myths...

Reply to
kurt wismer

kurt wismer wrote in news:fgrhuq$n71$ snipped-for-privacy@registered.motzarella.org:

You know your wasting your time right? I can't even get the fellow to answer my questions regarding BugHunter, despite the fact he spent a little time assuming what it does or doesn't do and went from there.

Reply to
Dustin Cook

The reasons I didn't bother to answer your questions are two-fold:

- You roughly tried to imply that I talked about something that I didn't test, which is something I'd never do.

- For the other things I had already given an answer.

Reply to
Sebastian G.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.