[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dailydave
Subject:    RE: [Dailydave] Slashback!
From:       "Skyler King" <SKing () us ! checkpoint ! com>
Date:       2006-01-18 21:10:22
Message-ID: 79EEEE28B0432B45BEA63288D90231D77CAFFC () sfex02 ! ad ! checkpoint ! com
[Download RAW message or body]

:)  Yeah, that bugged me for a long time as well.  There are other
things that bug me...For instance, the configuration wizard should give
the user an option to automatically add his DNS servers to the trusted
zone.

sky 

> -----Original Message-----
> From: Dave Korn [mailto:dave.korn@artimi.com] 
> Sent: Wednesday, January 18, 2006 12:33 PM
> To: Skyler King; 'Dino A. Dai Zovi'; 'Taylor, Gord'
> Cc: dailydave@lists.immunitysec.com
> Subject: RE: [Dailydave] Slashback!
> 
> Skyler King wrote:
> >> Hello Gord,
> >> 
> >> Do you know how the firewall identifies a "friendly" network?  Does
> >> the firewall tap into the wireless layer in Windows to get out the
> >> SSID and base station MAC address, or does it just verify the
> >> subnet?  I don't actually "use" any of my windows boxes, so I have
> >> never used this kind of stuff :).
> >> 
> > 
> > I can't speak for other PFWs, but ZoneAlarm uses a 
> combination of the
> > gateway ip and MAC address to indentify a network (wired 
> and wireless).
> > In
> > addition, unsecured wireless networks are automatically put in the
> > untrusted
> > "Internet" zone.
> > 
> > sky
> 
> 
>   Up until very recently, ZA was sooooo secure that it didn't 
> even place the
> loopback adapter/subnet in the trusted zone by default.
> 
> <g>  Needless to say this was responsible for more confusion 
> than security....
> 
> 
>     cheers,
>       DaveK
> -- 
> Can't think of a witty .sigline today....
> 
> 

[prev in list] [next in list] [prev in thread] [next in thread]