How to tell if a firewall alert is suspicious or not

Nice. Proxomitron is your filtering Web-Proxy? Just compare, please, what Sygate is logging, if you enter "

formatting link
" into your browser yourself.

What do you mean with "more polished"?

Yours, VB.

Reply to
Volker Birk
Loading thread data ...

I think it would be more impressive to average users if you had it invoke IE rather than have them have to start it themselves, for one thing. It would dazzle them to see IE pop up. You should get a bit into "show biz" like Steve Gibson :) You shouldn't serve up a boring message on the screen. The message should say something like:

THIS DEMONSTRATES THE ABILITY OF TROJANS AND SPYWARE TO EASILY BYPASS YOUR FIREWALL!!!

YOUR BROWSER IS NOW DISPLAYING A PAGE FROM OUR SERVER!!!

Much as technical people dislike this sort of thing, I think it's important to hit the user over the head with a sledgehammer when it comes to a demonstration program. And don't call it a POC. Call it a demo program.

Art

formatting link

Reply to
Art

You'll forever remain obscure and ineffective with that attitude.

Art

formatting link

Reply to
Art

Yes. Obcure. Your demo program should have a README with it that explains (in both German and English) what it's all about in plain non-technical language. It should explain what users should expect to experience when they run the demo. And the message leaves much to be desired for both technical types and average users.

Nonsense.

You can obviously be unique and still make attempts to reach a wide international audience as you're doing by posting to this newsgroup. But you _must_ make adjustments according to the audience. I maintain that your demo program requires polishing for both technical and non-technical users. Please give it some thought since I'm on your side :)

Art

formatting link

Reply to
Art

There is already such a version:

formatting link
I got the argument "but you cannot start Internet Explorer when you need one, because my 'Personal Firewall' is denying that". So I showed this way.

And then I got the argument "this is a problem with Internet Explorer, but I'm using Firefox". So I wrote this:

formatting link

Sorry, I don't want to.

"Multiple exclamation marks are a sure sign of a diseased mind." (Terry Pratchett)

No, thank you. All what I'm publishing, is plain. And it's intentionally left plain.

Well,

I don't want to be in show business with such topics. What we need in the security sector, is more which is proofable and clear, and less, which is only nonsense.

There is enough nonsense already, believe me. And how could a user then distinguish between one show and another?

Yours, VB.

Reply to
Volker Birk

Obscure? No. Ineffective in a way, people in show-business would think? That may be. And I remain different from people like Gibson.

Yours, VB.

Reply to
Volker Birk

This doesn't work on Win 2K Pro. I get a message from Windows asking what I want to Open. Much more polishing required :)

Art

formatting link

Reply to
Art

OM-FSM ;-)

Look, Art (is that your name?), I'm trying _not_ to make a show. I'm trying to _reduce_ my arguments to facts, and to _prove_ what I'm telling.

Of course, this is not as impressive as making a show and spreading ideas all over the planet. Of course, perhaps I would reach much more people immediately by making a show than I'm reaching now, and maybe then I could implement my views directly in their minds.

But this is what I want to avoid.

I have another idea: in the places, where people talk, who will under- stand, for example *here*, people will hear the arguments, not only mine, but also the arguments of Torsten, of Ansgar, of many other people.

Then they will start to think about what we're telling. They will want to prove or disprove what we're alleging. And then, because it's just _facts_, they will see that this is right.

Then this small number of people will tell their friends. And because those people are the people who understand, usually they have many friends who ask them. And want to see the proofs or are believing, does not matter.

This will spread it without making shows. And this must be enough.

It is enough.

BTW: I'm not a prophet, and I don't want to invest much time or energy in such shows. I just want to introduce other sights in the discussion, people perhaps did not have before.

This is for what there is Usenet, isn't it?

And that's it.

Hey, the "demo" program is published under the GNU Public License. It's Free Software.

That means, if you want to become famous, just modify it as you want to and publish it yourself ;-)

For me it's enough, when people getting awake, and are noticing, that Microsoft is the problem here in this point, and "Personal Firewalls" are _not_ a solution.

To make this clear also: I have nothing against the point, that people are making business with selling useful security products to other people. If those products are good, and customers have great benefits from them, then I'm happy to hear that the authors are making lots of money with such products.

But I cannot stand people, who are selling nonsense, selling even counterproductive stuff, and doing advertizing with real trash to confuse and play their customers for a sucker, and are earning much money by this cheating and ripping off.

Those people must live with a little quill in their flesh :-P

Yours, VB.

Reply to
Volker Birk

Maybe. Please feel free to improve it ;-)

Yours, VB.

Reply to
Volker Birk

Hmm... you might be right. That IP address appears to be in Japan and appears to have no DNS name. Is there any reason your machine should have been contacting Japan at that moment? [Doing a whois lookup of the IP address at

formatting link
which tells you to do a whois lookup at
formatting link
gives this information.]

Reply to
Karl Levinson, mvp

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.