Re: Zone Alarm & Wireless Access Point Security

>> I have been successful in getting everyone to notify me if any
>> unusual warning are sent by Zone Alarm or any of the anti-virus,
>> anti-malware programs. I just started requiring my nephew to allow me
>> to install any new software, mostly games, so that I can try to
>> eliminate any threats before they become an issue.
>
>You're not going to get threats that way. How you will get them is if
>the user opens unknown email, clicks or unknown links in the attachment
>of the email, go to dubious sites and click on something, and bringing a
>dubious diskette and slap it into a machine etc, etc. Anything that the
>users has to contribute to the compromise or are being duped. All that
>other software including ZAG with its application control can be
>circumvented and defeated. The only thing you have mentioned that I
>would count on is the AV and even it can be defeated on a zero day exploit.

 For the longest time we could not figure out how some of the spyware
was being installed on my Nephew's computer. The we discovered that
some of his games installed various spyware when the game was being
installed. Sometimes the games would try to call home themselves, but
most often they installed add-on programs that caused problems.

>
>>
>> For the most part we have been very successful. Once we were able to
>> identify his games as including spyware, we have been able to clean up
>> all of them.
>>
>> It used to amuse me that my wife's former employer, a technology
>> company with a great claim to network security prowess, was constantly
>> having its system infected with malware. The first time I decided to
>> clean up her laptop it had more infections than a Vietnamese
>> prostitute.
>
>Well, it needs better control and education of its user base using the
>machines on the network. The company cannot stop the end user from
>clicking on something and really cannot control what a person will bring
>to work and slap into a machine. Once the machine has been compromised,
>it's over and it will spread because the machine are network and sharing
>resources.

 Most of their infections were transmitted throughout the company via
email. They were hacked a few times too. It was a real mess. It was
amusing that I was able to keep my wife's laptop clean only after I
removed the corporate anti-virus, anti-malware, and email scanner
software and replaced them the same software that I used on my home
machines.

 This pissed off the tech department so much that when her laptop went
in for an upgrade the removed all of my software. Within a week her
laptop was filled with malware again.
>>
>> Time will tell if Volker is right. Its just too bad that we all have
>> to spend so much time, effort, and money making sure that our
>> computers are safe from the creeps on the web.
>>
>
>The end-user on the job or home user must be educated. Until that
>happens, what can you say about it?
>
>Did you get your original questions about the WAP a ZA in either NG
>answered? :)

 I think that Volker believes that it does not matter. Other than
that, no. I have put the WAP in a trusted zone in Zone Alarm. Since it
is not between my PC and the Internet, I think that it is safe to do
this. As I said before, my guess is that is doing a port scan or it is
trying to send its log to my PC.

 I guess that if I discover that Bin Laden is using my WAP that I'll
have to put it back into the Internet zone again. <g>

 Last night I upgraded the software for my Linksys BEFSX41 router. I
now have it emailing all log files so that I can review anything that
the router thinks is a threat.

>
>Duane :)
Received on Mon May 1 00:50:29 2006