<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.0.5762.3">
<TITLE>RE: [Full-Disclosure] [OFFTOPIC] Zone Alarm</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">I have on asbestos underwear, so I am prepared for your flames...</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">However, </FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Because security is inconvenient does not make it irrelevant. You do have your car serviced? You do</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">go see a doctor regularly? You do perform maintenance to your home? ....don't you?</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">How can you expect the right thing to be easy? You must have at least NAT running on a fairly safe box.</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Everything, software/hardware/firmware/you/me/the damed dog have security vulnerabilities. Safe sex is </FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">everyone's responsibility isn't it? Safe driveing is everyone's responsibility. Safe gun handling. And we all</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">know what happens.</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Come on. If we don't make demands that people wake the hell up and be responsible human beings, and</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">responsible computer users... Give up and get a different career on a different planet. I have a VERY small</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">office. Only 30 users. But EVERY one of them has DSL at home. Every one of them has hardware providing</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">NAT, every one of them has system monitoring utilities and antivirus utilities, every one of them has much </FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">more than the basic precautions taken. But now, two years later, they take it as a given. As a requisit for </FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">computing in this information age.</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">My users, my lame ass users who forget how to print, who can seldom remember how to zip a file, or any</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">number of other things users don't know how to do because they weren't practiced.... They laugh at people</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">who don't concider some security issues.</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Take your stance a little bit further...</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">How many sysadmins, netadmins, secadmins don't follow policy? How many skip security because its too hard.</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Because its too complicated, because it takes too long? I know how many. Look at the penetrations, look at </FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">the defacements. This is everyones issue. This is not offtopic.</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Lets take this further still...</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">Suppose you don't expect users to do this. Suppose I plant a zombie on your users machine because all they</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">had was Zone Alarm, or better yet, Nothing at all. Now your user comes to work. My zombie says "hey, this address</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">is an RFC1918 address, Time to wake up and go to work." Then I can weasle my way in to your very well</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">maintained network. </FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">This isn't easy. Neither was getting people to take a bath during the plagues. Neither is carrying herpes because</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">you didnt wear a condom, Netiher is burying family because you didn't put your gun away, or put on a saftey</FONT>
<BR><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">belt...</FONT>
</P>
<P><FONT COLOR="#0000FF" SIZE=2 FACE="Arial">off topic? How?</FONT>
</P>
<BR>
<UL>
<P><FONT SIZE=2 FACE="Arial">----------</FONT>
<BR><B><FONT SIZE=2 FACE="Arial">From:</FONT></B> <FONT SIZE=2 FACE="Arial">Kurt Seifried</FONT>
<BR><B><FONT SIZE=2 FACE="Arial">Reply To:</FONT></B> <FONT SIZE=2 FACE="Arial">Kurt Seifried</FONT>
<BR><B><FONT SIZE=2 FACE="Arial">Sent:</FONT></B> <FONT SIZE=2 FACE="Arial">Wednesday, June 4, 2003 4:21 PM</FONT>
<BR><B><FONT SIZE=2 FACE="Arial">To:</FONT></B> <FONT SIZE=2 FACE="Arial">Michael Reilly; Schmehl, Paul L</FONT>
<BR><B><FONT SIZE=2 FACE="Arial">Cc:</FONT></B> <FONT SIZE=2 FACE="Arial">Ben Tyson-Norrman; full-disclosure@lists.netsys.com</FONT>
<BR><B><FONT SIZE=2 FACE="Arial">Subject:</FONT></B> <FONT SIZE=2 FACE="Arial">[Full-Disclosure] [OFFTOPIC] Zone Alarm</FONT>
</P>
<P><FONT FACE="Chicago">Increased complexity is not a good thing. Think about it folks:</FONT>
</P>
<P><FONT FACE="Chicago">Solution A) PC with zonealarm, relatively easy to configure (it's what I</FONT>
<BR><FONT FACE="Chicago">reccomend to most users).</FONT>
</P>
<P><FONT FACE="Chicago">Solution B) Hardware firewall with potential security flaws such as web</FONT>
<BR><FONT FACE="Chicago">interface, firmware flaws, etc. Difficult for user to update, if firmware</FONT>
<BR><FONT FACE="Chicago">update fails product is largely "Dead". None of these systems I have seen</FONT>
<BR><FONT FACE="Chicago">have automated updates or even prompt the user to check for new software</FONT>
<BR><FONT FACE="Chicago">versions/etc. Result: firmware falls out of date, web interface/etc possibly</FONT>
<BR><FONT FACE="Chicago">exposed, increased exposure for user.</FONT>
</P>
<P><FONT FACE="Chicago">Solution C) a PC with some form of UNIX installed to act as a firewall. User</FONT>
<BR><FONT FACE="Chicago">needs to learn to become UNIX administrator, configure and update system.</FONT>
<BR><FONT FACE="Chicago">You are kidding right? This opens up a HUGE number of potential</FONT>
<BR><FONT FACE="Chicago">vulnerabilities, increases complexity hugely, and costs quite a bit as well.</FONT>
</P>
<P><FONT FACE="Chicago">This is insane.</FONT>
</P>
<P><FONT FACE="Chicago">NOW PLEASE LET'S KILL THIS THREAD. DO NOT REPLY TO THIS PUBLICLY.</FONT>
</P>
<P><FONT FACE="Chicago">Kurt Seifried, kurt@seifried.org</FONT>
<BR><FONT FACE="Chicago">A15B BEE5 B391 B9AD B0EF</FONT>
<BR><FONT FACE="Chicago">AEB0 AD63 0B4E AD56 E574</FONT>
<BR><U><FONT COLOR="#0000FF" FACE="Chicago"><A HREF="http://seifried.org/security/">http://seifried.org/security/</A></FONT></U>
</P>
<P><FONT FACE="Chicago">_______________________________________________</FONT>
<BR><FONT FACE="Chicago">Full-Disclosure - We believe in it.</FONT>
<BR><FONT FACE="Chicago">Charter:</FONT><U> <FONT COLOR="#0000FF" FACE="Chicago"><A HREF="http://lists.netsys.com/full-disclosure-charter.html">http://lists.netsys.com/full-disclosure-charter.html</A></FONT></U>
</P>
<BR>
</UL>
</BODY>
</HTML>