Re: Home network security WAS Re: upgrade from 98 to XP

Subject: Re: Home network security WAS Re: upgrade from 98 to XP
From: Andrew Plato <intrepid_es -at- yahoo -dot- com>
To: "TECHWR-L" <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Wed, 6 Feb 2002 06:37:44 -0800 (PST)

"Earl Cooley" <shiva -at- io -dot- com> wrote

> Anyone who upgrades to XP should take a look at Steve Gibson's comments
> at <http://grc.com/UnPnP/UnPnP.htm> about XP's security problems.

AND

"Win Day" <winday -at- wordsplus -dot- net> wrote:

> I've been following the thread on securing home networks running
> Windows,
> and I have a quesion:
>
> Is the security check offered by Gibson Research Corporation at
> https://grc.com/x/ne.dll?bh0bkyd2 a good test of the security of my home
>
> network?
>
> According to its measurements, my PCs are running in full stealth mode
> and
> can't be found. I'm wondering how accurate that really is.

Ugh. Not GRC! Steve Gibson is to the security industry what Enron is to
"employer of the year lists"...a complete fraud. Although he has a basic
grasp of security issues, most of his stuff if just outlandish posturing
and emotional manipulation. He takes a simple problem and aggrandizes into
some personal crusade. He was totally of the mark on the "raw sockets"
deal and most security gurus have been quick to dismiss him as nothing
more than a self-promoting fool.

Whats more interesting is a site that exposes his BS: www.grcsucks.com.

Steve's Leaktest for example has to be one of the biggest jokes on the
planet. He might as well call it the "ZoneAlarm Marketing Gimmick of the
Year" tool, since all it does is essentially verify the operation of
ZoneAlarm. It certainly does not behave in a manner that is like any hack.
All it does is send an FTP or HTTP request to his web site. This is his
big test of a firewall? Considering virtually every personal firewall can
be evaded, Steve's Leaktest doesn't tell you anything other than your PC
can send HTTP packets - which virtually any PC in the world could do.

His SheildsUp Scanner is also a joke, since it only scans about 1/100th of
the ports on your machine, it isn't really telling you anything of value.
You can get an idea of what ports are open by running:

netstat /a

at the command prompt and look for ports that are LISTENING. Or download
SuperScan from FoundStone or nmap and scan your computer.

He has also been after BlackICE for years, although he never properly
tested the product, does not understand what an IDS is, and refuses to
discuss it. Again, Steve has some backdoor deal with ZoneLabs and
therefore thinks the only decent product is ZoneAlarm. Zone is okay, but
it certainly has its weaknesses.

I wouldn't waste much time listening to Steve Gibson. Go to a real
security site like SecurityFocus.

Andrew Plato


--- Win Day <winday -at- wordsplus -dot- net> wrote:
> I've been following the thread on securing home networks running
> Windows,
> and I have a quesion:
>
> Is the security check offered by Gibson Research Corporation at
> https://grc.com/x/ne.dll?bh0bkyd2 a good test of the security of my home
>
> network?
>
> According to its measurements, my PCs are running in full stealth mode
> and
> can't be found. I'm wondering how accurate that really is.
>
> Win
> --------------
>
>
> Win Day
> Multimedia Developer
>
> http://www.wordsplus.net
> mailto:winday -at- wordsplus -dot- net
>


__________________________________________________
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Collect Royalties, Not Rejection Letters! Tell us your rejection story when you
submit your manuscript to iUniverse Nov. 6 -Dec. 15 and get five free copies of
your book. What are you waiting for? http://www.iuniverse.com/media/techwr

Have you looked at the new content on TECHWR-L lately?
See http://www.raycomm.com/techwhirl/ and check it out.

---
You are currently subscribed to techwr-l as: archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.


References:
Home network security WAS Re: upgrade from 98 to XP: From: Win Day

Previous by Author: Re: upgrade from 98 to XP
Next by Author: Re: upgrade from 98 to XP
Previous by Thread: Home network security WAS Re: upgrade from 98 to XP
Next by Thread: Re: upgrade from 98 to XP


What this post helpful? Share it with friends and colleagues:


Sponsored Ads