Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Client End Firewalls

from [GuidoZ] Network Security [Permanent Link]
Subject: Re: Client End Firewalls
Date: Wed, 29 Sep 2004 19:46:52 -0700 
Personally, I believe a client side solution is a MUST. That includes
a personal firewall and an antivirus suite of some kind. There are
ways past perimeter security, without a doubt. I was just discussing
this very thing with someone concerning the GDI/JPEG exploit. There
are ways around content filtering and such. You should have an
all-encompassing solution.

After all, say something gets through your perimeter AV solution and
firewall (maybe through an SSL session, for example). If a trojan
executes or is downloaded to the client system, wouldn't you want an
AV solution (centrally managed for ease of use and updates) to be
there to double check it? Giving the same scenario, wouldn't you want
a personal firewall to be there to stop any connect back attempts? The
GDI/JPEG exploit is a perfect example. It's possible you COULD of been
exploited before your AV knew a thing about it. A client side firewall
would stop the outgoing connection request.

All this completely depends, of course, on client side education. =)
If they just allow all to pass through the firewall because they don't
know any better, then you shouldn't waste your time in allowing it. If
you are going to take the time to properly educate everyone using it
however, that's a different story. Knowledge of what they have control
over is the key - they must know how to use the security tools in
place so they don't bypass them entirely for ease of use. A common
problem.

As for ZoneAlarm's current solution, I can't speak for it. I don't
have enough expereince with it in a production environment to even
give an educated guess on it's effectiveness and reliability.
Hopefully someone else will pipe up with some ideas as well. =)

--
Peace. ~G


On Tue, 28 Sep 2004 14:27:44 +1000, grant.orchard@aws.aust.com
<grant.orchard@aws.aust.com> wrote:



Hi guys,

How much protection do you believe client side firewalls provide? My boss
has asked for my thoughts on a system like Zone Labs are now offering. Can
anyone provide me with their thoughts on what benefits this actually
provides?

Many thanks

Grant Orchard
NOTICE - This e-mail (and any attachments) is confidential. It may contain
privileged information or copyright material. You should not read, copy,
use or disclose it without the written authorisation of AWS.  If you are
not an intended recipient, please contact AWS by return e-mail and then
delete both messages.  AWS does not accept liability in connection with
computer virus, data corruption, delay, interruption, unauthorised access
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Qs Regarding DNS, Jeffrey S. Sims
Next by Date:  RE: Qs Regarding DNS, Sanjay K. Patel
Previous by Thread:  Re: Client End Firewalls, Steve
Next by Thread:  SV: Client End Firewalls, Kim Guldberg
Indexes:  [Date] [Thread] [Top] [All Lists]