Only if there is no proxy software running. If you use proxy with Sygate then it will let things out via the proxy without even asking. This is one glaring "hole" in Sygate which has never been fixed.
Yes, I am aware of the fact that Sygate has no control over local host 127.0.0.1. Most users don't run proxies. Casey
Quite a few do actually. One good example is if you use Avast anti-virus (Nod32 also), which does proxy on port 80 traffic. In that case, Firefox, IE or Opera slide right thru Sygate without even a word. If you don't use proxies then great, but many people do, sometimes without even realizing it.
It's quite obvious that you have no clue whatsoever what Wolfgang and your very self are talking about. Please read [1] and STFU until then.
[1]
IF the personal firewall was doing that it wasn't a PERSONAL firewall anymore (hint: you may want to deliberate over why they are called PERSONAL). Plus, if it were running on a separate machine it wouldn't be able to try and filter by process anyway.
/me detects: Quaestor is in dire need of dried frog pills.
cu
59cobalt
Catching the dried frog is the hard part. E.
You can plonk me, too, because Wolfgang is completely right here.
The security system of a classical OS like Windows does not protect code in the OS kernel at all. So if you don't trust Microsoft, then you should not run _any_ Microsoft code in the kernel - you may not use Windows then.
An additional software program like a "Personal Firewall" cannot change Windows' kernel code completely. And it cannot prevent security issues with kernel code _by_ _design_. This is not the fault of anybody, it is a result of the concept, that code in processes is protected, while code in kernel can do what it wants to.
It is the direct result of the concept _having_ a kernel and processes.
Now you can ignore all these facts and plonk me, too. Have fun being an ignorant.
Yours, VB.
It is laughable in this context. It is not laughable in general, because you don't need an OS for running software programs on a computer. An OS is optional (and practical).
ACK.
Yours, VB.
ACK.
Jede Menge merkbefreite Volldeppen hier ... ;-)
Wolfgang
if I put enough of these *PLONKS* together I can write a symphony
May personal firewall products will not run well together. Even if they manage to install without clobbering each other's DLL's they may have strange unforseen interactions in a production environment -- both of them are hooking in to and trying to control your machines etherent activity. Just like you shouldn't run two antivirus products for the same reason.
Volker is right about this one, use the Windows firewall carefully and keep your patch levels up to date.
-Russ.
Am Mon, 12 Dec 2005 03:59:57 -0800 schrieb Quaestor:
Well, just write it, but be warned, nobody will come to the concert.
Wolfgang
Well said...
*sigh*
Why do I keep replying to address-spoofing people anyway? They usually turn out to be clueless and reluctant to change anything about it.
cu
59cobalt
... yet still wrong.
You can configure and maintain any personal firewall as properly as you like, it still can't prevent applications from communicating outbound, if the applications are smart enough to reconfigure, disable or bypass the personal firewall. Period.
Funny you mention the IF part, but I've had a PFW on every laptop in our group, been in some really bad places, always have the systems secured, and found that it's been every effective at blocking outbound, blocking inbound, and in general has kept the machines from being compromised.
Now, in normal hands, like with the Windows XP firewall, it's easy to punch holes in it - even AOL can do that, as well as many other apps, but, when it comes to other PFW apps, I've not had one yet punch a hole outbound.
Yea, I know that some apps can make use of lamers account status if they run as Admin, but, at the same time, if they are properly configured I've not seen one instance of a break.
Your link didn't work, nothing is displayed and nothing left my system except to request the page.
Nope, getting the formula for the frog pills from nurse Johanna is.
Wolfgang
Well said...
Let's be *practical* though. I would say that in 95% of the cases, the personal firewall would prevent the outbound attempt. Well, might be
99%, I don't know.
I agree - today.
Current malware typically does not include personal firewall circumvention code, because lack of same does not significantly impede it's effectiveness.
If the situation changed as a result of widespread adoption of personal firewalls, malware would adapt accordingly - without impediment as the notion of a "firewall" process securely controlling the behavior of other local processes is nonsense under anything less than a multi-level operating system.
Triffid
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.