Anyone using the Online Armor firewall? At the moment I'm using the free version, wondering if there's really any reason to move to the paid version. What has your experience been?
Also running NOD32 and various Spyware programs on a regular, but not realtime, basis. Usually use Firefox with NoScript - but I do need to use Outlook.
Louise
There's always the reason of wasting some money. I'm just wondering what reason you've found for even using the free one. Please elaborate.
Bad. Realtime is the only thing that at least provides *some* protection. Scanning for malware is nonsense. BTW, malware of any kind is mainly a user-introduced problem.
Not so bad.
Not so good.
Sorry, the paid version also includes known vulnerabilities that the vendor is unwilling to fix.
Then why are you even discussing about security?
Perhaps I manage to run my machine more successfully than you.
I have been running Outlook since it came into existence and I have never had my system crash from malware or an infection. I generally use safe hex, I use a good spam filter which works with Outlook and the only crashes I've had is the occasional hard drive failure. And yes, I've had backups.
I can discuss security even though I run a program known for vulnerabilities - and if you can't - then you can't talk to most of the population - why are you even reading this newsgroup?
Louise
It alerts me when processes run, when programs have changed etc. - with an NAT router, it seems to provide some added protection, perhaps it's not necessary.
The new version of NOD32 presents itself as AV and AntiSpyware but most think the spyware component is weak.
I can't run SAS because they can't create an interface that adjusts to customized font sizes on windows and I can't ever see the controls to use them because the interface is incomplete. This has been going on since its inception and I've contacted Nick a few times. He recognizes the problem but has not fixed the coding.
I am confused. Many on this ng seem What real time anti'spyware would you recommend - something that doesn't eat resources?
Thanks.
Louise
Bullshit. The most reasonable assumption in this case is that your system is compromised.
Which doesn't mean anything, since malware does intend to hide.
Which is mutually exclusive with using Outlook.
Well, you may discuss, but it's useless. As long as one unavoidable trivial attack vector exists, it's no use securing any other part of the system - the attacker will simply use this attack vector.
What are these known vulnerabilities that the vendor is unwilling to fix?
Its a security forum isnt it? me
Ohh do shut up and stop trying to impress the ladies ;) me
- buffer overflows in the kernel-mode driver due to lacking parameter validation
- runs a privileged service with 6 invisible windows, making it vulnerable to shatter attacks
Isn't. This is a Usenet newsgroup, not a forum.
I trialed that solution back in 2002 or 2003. I liked that pesonal FW solution. At the time, it didn't have any snake-oil in it. I don't know what it's got now.
Can you provide links to this ,and also links to show that the vendor is unwilling to fix this?
Technically you are correct,though some folks actually use it to discuss firewall security ,with the intention of helping other posters me
Sorry, the 30 days of disclosure time aren't over yet. At any rate, the windows for the shatter attacks are trivial to see with Spy++.
That's doesn't make the discussion any less pointless. What use is it to secure the windows if the door is standing open?
I wont take this discussion to far off topic I promise. i do however have a question and a few statements.
There is no reason to debate how nonsecure or secure for that matter any email client is. I ask anyone here what email client is "completely" secure? For that matter the only secure computer/server/ or network that I have ever seen is the one that is turned off. Some people might argue the point that any of the previous systems mentioned are secureable as long as they are in a locked room with one exit and one entry and not on the internet or connected to any other type of public access point. After being part of this news group for over a year now and having the chance to speak to a number of extremely talented folks, I would bet there are quite a number of people on this group who would be able to still steal your stuff.
So I ask why give people a hard time. If you can help then please do. It will only make this group and those who read it stronger, more educated people. If you cant help then why respond? Is it just so you can flex a little muscle to give people a hard time.
Carma always wins!
.
That's no point. Outlook has many *publically known* vulnerabilities that Microsoft is *unwilling* to fix, and are *not securable otherwise* (that is, any trial to detect an exploit would create a security issue itself). That is, for Outlook any hope for security is already lost in first place, whereas the real MUAs at least have a chance to be secure.
I don't, because at least at the mentioned things I'm not discussing with arguments, but simply apply scientific conclusions (that is, stating facts).
If the system is already insecure in theory, then you can't get it secure in the real world either. And as long as at least one part of the system is insecure, all layers of the same security context also become insecure.
Even further, one should reasonably assume that at least one attacker actually took the opportunity and hacked into your system silently, removed all traces he could remove, and is continously hiding his presence.
Are you referring to matousec or secunia advisorys?
Thats true ,and why many prefer a lyered approach to security in case one part fails.What security would you recommend using such as av ,firewall,hips (if any) etc and what would be your reasons? me
Hm? I haven't seen any of those ever discussing shatter attacks. But well, Google is your friend. I for one only post public advisories on Bugtraq, if the vendor fails to address the vulnerabilities appropriately.
"Layered security" is a typical buzzword showing a misinterpretation of "defense in depth". Vertically stacked independent layers with enforcable security policies increase security, because breaking the system requires breaking all intermediate layers. Horizontally side-by-side layers, as you describe your system, decrease security, because exploiting just one layer compromises all other layers in the same security context.
AV - none at all, since it doesn't even partially solve any problem and only introduces new vulnerabilities. A plain virus scanner not using any privileged service serving as a pure host-based intrusion detection system might be beneficial,but typically not worth the effort. And it might also be beneficial as a spam filter, but other kinds of spam filters are typically much better.
Firewall - depends on your system. I'm quite happy with a small host-based packet filter enforcing some ingress and egress filtering.
HIPS - are you nuts? An automated solution to DoS yourself...
Can you give any software examples of vertically stacked independent layers with enforcable security policies for the home user on a windows OS?.
Would you recommend that all users i.e new windows pc users, not use an av or just those like yourself who has some knowledge
possibly...
I have not seen your posts in a long time. How are you doing? Hey, I got this clown in another NG that I must have trashed and burned a few years back over BlackIce. I stopped using BlackIce and moved on long ago, but he just brought-up BlackIce to me on unrelated issue. I must tell you that I was rolling on the floor with laughter and was tickled. I must have wounded the ol'boy badly, and his nose has been open from that point long ago. :)
Windows (NT 3.51,NT 4,2000, XP, Server 2003, Vista) itself is a C2 conformant system with granular descretionary access control. That is, when you're running as a non-admin user, neither the user nor any program running under his security context can compromise the data of other users or the system. This access control is enforced by the Windows kernel and the page protection mechanisms provided by the CPU. Now add, f.e. MSIE being abused as a webbrowser. If someone successfully subverts MSIE (which is actually trivial, since it was never supposed to be secure on the net), he gains access to all data of the user and can run arbitrary code in this context. However, this doesn't allow him to access the data of other users. Now, for some even more stupidity, add MSOE being abused as a newsreader. Trivial to exploit as well. Now, if someone wants to break into the user context, be can subvert MSIE *or* MSOE (or both). For gaining access to the data of other users (or complete control of the system), he has to subert MSIE/MSOE *and* the security mechanisms of Windows.
I'd recommend them to not think that a virus scanner could address the virus problem or any security issue, that is, being aware of its limitations. If carefully used, it might serve as an intrusion detection system.
Rather by design. Hint: IP spoofing
Ahh i see..
And thats cleared that up
Some poeple just cant take a hint.
Thank you for your time. me
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.