[access-uk] Re: SP2 and some incorrect information
- From: "Andrew Hodgson" <andrew@xxxxxxxxxxxxxxxxx>
- To: <access-uk@xxxxxxxxxxxxx>
- Date: Mon, 30 Aug 2004 22:20:48 +0100
Hi,
I suppose it depends on the way that ZA protects against this, and the =
way
that the trojan operates. If the trojan connects to the Internet =
directly,
then yes, the MS firewall would block this. However, if it just logs =
the
keystrokes in a file, then this wouldn't happen. However, I don't =
believe
that the basic versions of ZA would actually do this.
Andrew.
> -----Original Message-----
> From: access-uk@xxxxxxxxxxxxx=20
> [mailto:access-uk@xxxxxxxxxxxxx] On Behalf Of Colin @ New Vision
> Sent: 30 August 2004 21:38
> To: access-uk@xxxxxxxxxxxxx
> Subject: [access-uk] Re: SP2 and some incorrect information
>=20
> Hi Andrew
> I guess ZoneAlarm are concerned about SP2 and what it will do=20
> to their own
> business, but it is them who are reporting that SP2 does not=20
> protect against
> outbound threats of keystroke-logging Trojans. So they must have their
> reasons for making this statement.
> Regards
> Colin
>=20
> ----- Original Message -----=20
> From: "Andrew Hodgson" <andrew@xxxxxxxxxxxxxxxxx>
> To: <access-uk@xxxxxxxxxxxxx>
> Sent: Sunday, August 29, 2004 6:16 PM
> Subject: [access-uk] Re: SP2 and should you install it
>=20
>=20
> > Hi,
> >
> > Some incorrect information in this message.
> > F
> > Irstly, the MS firewall does protect against outbound applications
> > connecting to the Internet. This is why, when I started=20
> with SP2, I got
> > a heap of warnings asking whether I wanted to permit applications to
> > connect to the network. What actually happened was that=20
> when the system
> > did eventually connect to my domain controler, I set a=20
> policy on there
> > to disable the firewall, as I have better protection from a hardware
> > firewall, and don't need application protection on this machine.
> >
> > The issue is that most companies currently don't want the security
> > centre or firewalls on their systems, mainly because they=20
> have better
> > programs to do this all for them. True, the updates are useful,
> > especially the stability/driver/security updates, but I=20
> would argue the
> > usefulness of the security centre for companies. =3D20
> >
> > Some of the issues that a company may have to considder=20
> when upgrading
> > to SP2 is:
> >
> > 1. Will prompts that pop up cause users confusion.
> > 2. Will the security centre take up extra memory, or just=20
> be another
> > application to be compromised later on?
> > 3. Will some of IE's new features, specificly pop-up=20
> blocker, interfeer
> > with our web based applications or our intranet?
> > 4. If we need to go back to SP1 for any reason, what=20
> issues will this
> > cause?
> > 5. How easy will it be to install updates to other=20
> applications to work
> > correctly with SP2? How much could this cost us?
> > 6. How will our own applications work with SP2, how much=20
> will it cost
> > to change their behaviour?
> >
> > These are just some of the issues I could think of from the=20
> top of my
> > head, there could be many more.
> >
> > Andrew.
>=20
>=20
>=20
> ** Going on holiday and want to halt messages? Send a message to:-
> ** access-uk-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** vacation ## d
> ** where ## is the number of days followed by d for days.
> ** For other things like digest mode, send a message, to=20
> ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
>=20
** Going on holiday and want to halt messages? Send a message to:-
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** vacation ## d
** where ## is the number of days followed by d for days.
** For other things like digest mode, send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
Other related posts:
