ZoneAlarm Pro vs Outpost Pro?

Especially if you use IE and/or Outlook you need a desktop firewall that controls outbound connections. WF in SP2 does not do this.

Dan

Dan wrote in news:UKZ2f.32$ snipped-for-privacy@tornado.rdc-kc.rr.com:

IPsec on Win 2k, XP and Win 2K3 can stop inbound and outbound traffic. I use IPsec to supplement BlackIce as a packet filter. I would also use IPsec with XP's FW/packet filter solution. I would also use IPsec to supplement a NAT router that couldn't stop outbound instead of a PFW solution with its damn near worthless Application Control and any of those other worthless bells and whistles bloat ware in those types of solutions.

I use IE (Firefox is default) and OE and would use Outlook that's on the machine but it doesn't work with EarthLink's dialup.

If I was not using BlackIce, I would be using XP's FW supplemented by IPsec. App Control in BI which is one of the best with App Control is disabled.

I don't have any problems using OE, Outlook or IE. I am not being compromised. :)

All I see here is a bunch of bashing and whining in this thread.

Duane :)

How do you surf using IPSEC. Don't you web browse over standard http?

You guys are classic. I ask question and you guys go off into your standard rants. BTW I fixed my problem with ZA. ZA -> Firefox -> Program Options -> Uncheck 'enable privacy for this program'.

Dan

Ok, toy playing are you with Application Control in a persoanl FW solution OKAY DOKEY?

Duane :)

IE/Outlook is susceptible to downloading active content unknown to the user etc. Outlook auto exe's attachments. Yes, I know 'keep it up to date' and 'you can configure it such...'. But why play catch up constantly when there are more secure alternatives?

Dan wrote in news:1S03f.44$ snipped-for-privacy@tornado.rdc-kc.rr.com:

HERE!

AnalogX IPsec Secpol rules are what I have implemented to supplement BlackIce or it can be used to supplement the XP FW. If I want HTTP or HTTPS etc then I enable the *client* rules. If I don't want something, then I disable the *client* rules like I don't need Windows networking while on the road using a dial-up so it's disabled.

If I need to go beyond what AnalogX is doing and I have not as of yet, then I can do it.

Duane :)

I know what IPSEC is; I use it to connect to my company network from home or while traveling. But to surf the web you need plain old http. I guess you could connect to a proxy server using IPSEC to surf the net, but most people at home don't have a proxy server. Bye.

Block PING? My hardware firewall on the perimeter does that. Bye.

Dan wrote in news:es13f.47$ snipped-for-privacy@tornado.rdc-kc.rr.com:

especially

If you know what IPsec is then may also know that it can act in a FW like manner as a packet filter. I don't know what a proxy server has to do with any it. I am not using a proxy server now while on the road using IPsec making this post or surfing the WEB nor or at home when I was using IPsec to supplement the Linksys NAT router. IPsec is just a supplemental tool that on the Win 2K, XP and Win 2K3 O/S(s).

Duane :)

Dan wrote in news:at13f.48$ snipped-for-privacy@tornado.rdc-kc.rr.com:

especially

Oh, would that be a NAT router you're calling a *hardware FW*, that may have SPI, since you're dancing with ZA. Or are you talking something else like a FW applince?

And I am talking about using IPsec to stop outbound and the PING is just an example of the use of IPsec as a FW like solution. Or are you so think headed and cannot see that?

Duane :)

>

Duane Arnold wrote in news:Xns96ECEB4FE54A6notmenotmecom@207.217.125.201:

I want to make a correction here I don't want it going to your head.

That's thick/hard headed. :)

Duane :)

This one can help you:

What I posted, is called a Message ID. Every posting has one, see the header of any posting.

You can find the posting I referenced with Google, too, see:

To find it, use Google groups and klick on "Advanced Groups Search".

It's very common in German usenet to reference a posting by its Message ID. And I think, this will work in US, too. ;-)

No. I just was referencing the discussion so far. It's part of courtesy as a new reader, I think, first to read a little bit what was discussed right before, and then enter the discussion.

Maybe.

Thank you. I wanted to discuss in Usenet, not in Web.

Look, if somebody wants to listen, then she/he will listen. If not, why bother?

Yours, VB.

Interesting definition. And so useless.

From your header:

"User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.2) Gecko/200 40804 Netscape/7.2 (ax)"

Why are you using Windows then?

VB.

I cannot see that. Please explain.

Yours, VB.

Volker Birk wrote in news: snipped-for-privacy@news.uni-ulm.de:

Well, you can do that too with IPsec. :) But I am not concerned about MS's version of IPsec as a VPN solution in this situation but more in its abilities to act in a FW like manner to protect at the machine level as a supplemental tool.

I myself would never do a direct connection with a machine to the Internet with just a PFW solution nor would I run two PFW(s) on the machine as some do. MS's version of IPsec is very powerful that it can be a VPN solution in a LAN or WAN situation but can also act in an packet filtering FW like manner supplemental solution that can stop inbound or outbound to the machine by port, protocol or IP. So I use IPsec on the road to supplement BlackIce or any PFW I may be using at the time.

While at home and connected to the FW appliance, I don't need BI or MS's version of IPsec and they disabled on the machine. However, if the machines were sitting behind the typical NAT router for home usage, IPsec and possibly BI or with its App Control disabled.

Hey BYE!

Duane :)

Microsoft is confusing people by calling their configuration tool for the port filtering in Windows "IPSec", too.

I think, Duane does not mean what the IETF calls IPSec.

Yours, VB.

Microsoft is abusing the term IPSec here. With IPSec people usually mean a protocol for IP, with which one can have encrypted payload as well as tunneling.

Yours, VB.

Better don't use IE/Outlook for communicating in the Internet.

Yes.

Yours, VB.