On Thursday 12 January 2006 13:59, Kai Ponte wrote:
I know this is going way OT
no, no, no.... it's waaaaaaaaay OT!
First, I would disagree with using ZA as a software firewall. Actually, from all I've read/seen, a good hardware firewall is all you should need. (Provided it is configured correctly.)
You need direct program-level control installed on every single client (no exceptions) *in addition to* a hardware firewall (that was presumed.) Don't forget how quickly malware propagates from client to client inside a network if one machine is compromised... even by 'sneakernet.' This layered approach is the safest. In addition, ZA lets you control access differently for each program installed on the computer. If it doesn't recognize a program that tries to access the network, it'll block that access attempt and pop up an alert for the user. It also keeps decent logs.
If a software solution is needed, a very well respected one is Outpost (http://www.agnitum.com/products/), which isn't free, but very good. They also have a Trojan killer - Tauscan - which acts similar to the one you mentioned.
I listed the programs that I did because I've used each one for a very long time... actually since before spyware/malware ever became newsworthy or a mainstream topic. There are other programs out there and they may be effective, but they don't have the long track record that these programs have. Moreover, I haven't had to re-evaluate or change my list because the developers keep the software very current and the combination has *always* been effective; it just gets the job done every time. Having said that, this statement may not be true by this time next year... the way things are going... the nature of the threats on that platform is *so* mature and severe today that the only *practical* solution I can see is to install Linux.
Second - as an addition - go hang out at www.security-forums.com - they have a ton of peeps dedicated to security on all OS platforms, including Linux.
Thanks for the write up!!!!
Thanks for your input, Kai, particularly about the need for hardware firewalls, and I appreciate the link. regards, - Carl