BlackIce / ZA or ZA / BlackIce?

BlackIce / ZA or ZA / BlackIce?

Post by Blue Bir » Mon, 24 Dec 2001 15:10:58



I've recently gone broadband and used to run just ZoneAlarm.  I'd run
BlackIce Defender on a machine at work.

When the broadband came in I installed BlackIce on my PC so I'm now running
both.

THE QUESTION OF THE DAY IS:

In what order should they be loaded?  Currently ZA loads last.  Would it be
better if BlackIce loaded last?  Does it matter?  Who's on first (so to
speak)?

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by PatricK Jackso » Mon, 24 Dec 2001 15:51:11


I run 'em both, and have done so happily for better than a year.  It doesn't
matter which loads first *except* that I would run ZA at medium security so
that BID manages incoming and ZA does outgoing.  BID is the better incoming
[IDS] GUI.  Happy sailing.

PJ


Quote:> I've recently gone broadband and used to run just ZoneAlarm.  I'd run
> BlackIce Defender on a machine at work.

> When the broadband came in I installed BlackIce on my PC so I'm now
running
> both.

> THE QUESTION OF THE DAY IS:

> In what order should they be loaded?  Currently ZA loads last.  Would it
be
> better if BlackIce loaded last?  Does it matter?  Who's on first (so to
> speak)?


 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by siljali » Mon, 24 Dec 2001 16:28:35




Quote:>I've recently gone broadband and used to run just ZoneAlarm.  I'd run
>BlackIce Defender on a machine at work.

>When the broadband came in I installed BlackIce on my PC so I'm now running
>both.

>THE QUESTION OF THE DAY IS:

>In what order should they be loaded?  Currently ZA loads last.  Would it be
>better if BlackIce loaded last?  Does it matter?  Who's on first (so to
>speak)?

Please give this a careful read before you proceed :
http://www.veryComputer.com/
http://www.veryComputer.com/

HTH
--
siljaline
GMT - 5:00

"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous six*-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Cynthia Melros » Mon, 24 Dec 2001 17:28:08





> >I've recently gone broadband and used to run just ZoneAlarm.  I'd run
> >BlackIce Defender on a machine at work.

> >When the broadband came in I installed BlackIce on my PC so I'm now
running
> >both.

> >THE QUESTION OF THE DAY IS:

> >In what order should they be loaded?  Currently ZA loads last.  Would it
be
> >better if BlackIce loaded last?  Does it matter?  Who's on first (so to
> >speak)?

> Please give this a careful read before you proceed :
> http://samspade.org/d/firewalls.html
> http://samspade.org/d/persfire.html

These are both good articles to read.

A BI/Zone combo is actually a very cool way to go. You get the best of both
worlds.  Zone gives you Application Gate capability to stop dumb Trojans. BI
gives you an industrial strength IDS to monitor actual traffic on the wire.
If you keep BI in trusting mode and use Zone to do most of your firewalling
you should be okay.

BlackICE loads its drivers at a much lower level in the operating system, so
you should probably load those first. The Blackd.exe application has to
attach to the Windows networking API to grab raw frames from your NIC.

Needless to say, no security is 100% effective. Keep an eye on what comes
and goes out of your PC and you'll be fine.

Cynthia

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by tommyro » Tue, 25 Dec 2001 01:30:13



> A BI/Zone combo is actually a very cool way to go. You get the best of both
> worlds.  Zone gives you Application Gate capability to stop dumb Trojans. BI
> gives you an industrial strength IDS to monitor actual traffic on the wire.
> If you keep BI in trusting mode and use Zone to do most of your firewalling
> you should be okay.

Am I reading thisright?  "trusting mode?"  Am I correct in assuming that
Ice will still examine all traffic even at this level of security?
 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Chris » Tue, 25 Dec 2001 03:23:12


If I've understood the discussions here and the material I've read. Even in
trusting mode, BID will still look at strange, anomalous traffic with a
watchful eye and report it's detection.

--
Chris L



> > A BI/Zone combo is actually a very cool way to go. You get the best of
both
> > worlds.  Zone gives you Application Gate capability to stop dumb
Trojans. BI
> > gives you an industrial strength IDS to monitor actual traffic on the
wire.
> > If you keep BI in trusting mode and use Zone to do most of your
firewalling
> > you should be okay.

> Am I reading thisright?  "trusting mode?"  Am I correct in assuming that
> Ice will still examine all traffic even at this level of security?

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Ric Griff » Tue, 25 Dec 2001 13:37:46


Quote:> Am I reading thisright?  "trusting mode?"  Am I correct in assuming that
> Ice will still examine all traffic even at this level of security?

Yes. Many a trusted user of our Proxy server has been totally blocked by
BlackIce in trusting mode because they committed an improper act while
surfing.
HTH
Ric Griffy
 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by jag » Tue, 25 Dec 2001 13:23:07


Quote:

> I've recently gone broadband and used to run just ZoneAlarm.  I'd run
> BlackIce Defender on a machine at work.

> When the broadband came in I installed BlackIce on my PC so I'm now running
> both.

> THE QUESTION OF THE DAY IS:

> In what order should they be loaded?  Currently ZA loads last.  Would it be
> better if BlackIce loaded last?  Does it matter?  Who's on first (so to
> speak)?

Black Ice has MAJOR FLAWS, set it o caustion and run ZA first, then get a
hardware firewall ASAP.
 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Ric Griff » Tue, 25 Dec 2001 16:12:19


I do have hardware firewalls.
Network security is not the job of one piece of software or hardware.
In order to surf the net (no incoming!) our users go through a Proxy Server
with Blackice, a real hardware firewall ($6000) and a Nat Router.

Black Ice is just one piece of the puzzle which does its job very well.
Ric Griffy

Quote:

> Black Ice has MAJOR FLAWS, set it o caustion and run ZA first, then get a
> hardware firewall ASAP.

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by EliteSi » Wed, 02 Jan 2002 07:18:24



> Black Ice has MAJOR FLAWS, set it o caustion and run ZA first, then get a
> hardware firewall ASAP.

Do you know of a web article that can verify this?
 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Charles Johnsto » Wed, 02 Jan 2002 07:21:00


How many umbrellas are needed to stay dry when it is raining outside?

--

73  /  DX

Charles T Johnston
Prescott, Arizona - U.S.A.

AB7SL -  Ham Radio Pages
Official W9INN Antennas Page
www.ab7sl.com

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by EliteSi » Wed, 02 Jan 2002 07:43:55



Quote:> How many umbrellas are needed to stay dry when it is raining outside?

> --

Thats nothing to do with the subject. the fact is that people who read this
newsgroup will I repeat WILL NOT believe anything unless it is backed up
with a valid artical. Period.
 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Black Helicopter » Wed, 02 Jan 2002 10:03:23


If one asumes that each umbrella might have a hole in it, then as long as
the holes don't overlap then two umbrellas would be better than one.
=======================

How many umbrellas are needed to stay dry when it is raining outside?

--

73  /  DX

Charles T Johnston
Prescott, Arizona - U.S.A.

AB7SL -  Ham Radio Pages
Official W9INN Antennas Page
www.ab7sl.com

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by Charles Johnsto » Wed, 02 Jan 2002 12:21:34


Can't one simply test and authenticate the integrity of their umbrellas
therefore only using one?  That would keep them from looking like fools
carrying 3 or 4 or more umbrellas because of " what might be"

Any one umbrella that is tested and verified is all one needs...beyond
that it is simply an exercise in paranoia.....

--

73  /  DX

Charles T Johnston
Prescott, Arizona - U.S.A.

AB7SL -  Ham Radio Pages
Official W9INN Antennas Page
www.ab7sl.com

 
 
 

BlackIce / ZA or ZA / BlackIce?

Post by EliteSi » Thu, 03 Jan 2002 06:59:51



> If one asumes that each umbrella might have a hole in it, then as long as
> the holes don't overlap then two umbrellas would be better than one.
> =======================


> How many umbrellas are needed to stay dry when it is raining outside?

> --

I  rest  my  case.