Norton's firewall not fiery enough Users of Norton Personal Firewall have been urged to update their software following the discovery of a serious vulnerability in the security package. A stack-based buffer overflow vulnerability involving ActiveX controls creates a means for hackers to inject hostile code onto vulnerable systems, Symantec warns. The security …
The issue here is the people sorry enough to use Norton for security.
Active X has been an issue sense its creation.... funny... I don't hear of these issues for Zone Alarm...and/or CA's firewalls.
I seem to recall something like this happening in the past with Norton's products.
: O /
The silly Windows XP "firewall" has far fewer vulnerabilities than the Norton brand - but then, relying on a software firewall that's installed on the same computer you want to protect is about as smart as protecting your money by keeping it in a paper sack.
For those who insist on using software that gives them a false sense of security, something from a Sourceforge developer is a better choice. And it won't cost any money.
And for those who want actual protection, get an external firewall/router device. Refurbished Netgear devices can be had for as little as US$11 if you shop around. Brand new "white box" router/firewalls are only about US$12.
Compare to Norton's vulnerable package, which is rented, not sold, at about $40 - $60 annually.
This is part of my job - computer security is NOT accomplished by slapping a band-aid on top of Windows.
The Windows XP firewall will not block traffic going out. Norton firewall will. There's a huge difference in functionality...
The difficulty of setting Netgear routers (or any other in fact) is that the blocking of egress ports is difficult with all these new games. Each one has a slightly different port, making the firewall rules look like swiss cheese.
My clients get all egress traffic blocked except port 80 and 25 from the server (obviously depending on the site), the server runs squid to allow web traffic to get through (and supports caching and monitoring), and all PCs have blanket block-everything-except-RDP XP firewalls, and it works extremely well - but the policies for SOE are easy when you can enforce to applications that are used...
Why do you need a firewall anyway? No daemon hanging off a port == no risk (unless you've got a serious vulnerability in the kernel). If there is a daemon listening, you need a hole in the firewall anyway and then you're just as vulnerable as the daemon.
OK ..... sometimes it's nice to block particular addresses from hammering your MTA under the mistaken impression that it might be capable of sending spam. Not because it might actually succeed; but because while it's flicking one eye up to notice that the visitor isn't welcome, it's taking a fraction of a second which could have been spent dealing with a legitimate request.
But of course, if you go installing a piece of software without reading and understanding the Source Code (or at the very least having it analysed by an expert, independent of the original authors and whom you trust) then you deserve everything you get.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
