# New firewall



## pt (Jul 31, 2006)

Hi
My sygate firewall trial time just endend so i need a new free one, can anyone point me a good one?


----------



## randomperson21 (Jul 31, 2006)

zone alarm! well, the free version

if you have a nforce4 mobo, the internal hardware fw is nice.


----------



## Alec§taar (Jul 31, 2006)

To be "unbreakable", & I mean that?

See here (Click on the Windows Logo):

http://www.avatar.demon.nl/page/index.html

Let the journey begin... to what I call SOLID - Neutronium level security (heavily layered) online for a personal workstation...



* Native Window Firewall, in combination w/ limited protocols broadcast, hardware routers, diff. software firewalls, NIC settings tunings, CUSTOM-HOSTS files use + purpose for both security & speed, & Port Filtrations @ the Tcp level, & lastly Registry hacking of the Tcp/IP parameterization portion of the registry & browser tweaking even (& FAR more)...

APK


----------



## pt (Jul 31, 2006)

Alec§taar said:
			
		

> To be "unbreakable", & I mean that?
> 
> See here (Click on the Windows Logo):
> 
> ...



Forgot to mention i'm a total noob when it comes to security, i just used AVG and Sygate and let them run, but thanks for the link, if i have time i would read and try to learn a bit more
I have a NFORCE 570 ULTRA chipset, is the firewall good, or i need another?


----------



## randomperson21 (Jul 31, 2006)

well, if it has the forceware firewall built in, then i think its pretty good. i have that on my nforce4, just loads a small applet to control it. all administrative parts are thru a web applet, works really well and doesn't eat up a lot of system resources.

i'm not sure if your exact chipset has the forceware firewall built in, but it might be worth a google.


----------



## pt (Jul 31, 2006)

randomperson21 said:
			
		

> well, if it has the forceware firewall built in, then i think its pretty good. i have that on my nforce4, just loads a small applet to control it. all administrative parts are thru a web applet, works really well and doesn't eat up a lot of system resources.
> 
> i'm not sure if your exact chipset has the forceware firewall built in, but it might be worth a google.



I don't know if it's running it is suposed to appear in Windows? 
Edit: it has a firewall


----------



## randomperson21 (Aug 1, 2006)

yeah. the drivers for it come in the forceware driver package. might want to download the latest version fron nvidia.

it should install as a little shield-shaped icon in your system tray. there, you can set the security level. but for better logs, rule based stuff, etc, it'll open up a little browser window that you can change stuff with.


----------



## randomperson21 (Aug 1, 2006)

sorry, a bit of clarification. it does not install as a hardware component in windows, like in device manager. the firewall doesn't do anything until you install the driver for it. so after you install the driver, you should get a small sys tray icon for it as well as a entry in the start menu for it that launches the control panel for it.

gah that sounds really confusing. sorry.


----------



## pt (Aug 1, 2006)

But i have the NFORCE drivers installed and don't have any firewall


----------



## randomperson21 (Aug 1, 2006)

hmm hrrm.

is this the latest drivers? and are you sure that your motherboard has the nforce forceware firewall on it?

thats weird its not seeing it. mine just popped up right away. hmm.


----------



## pt (Aug 1, 2006)

Found it, while i was desinstalling the Nvidia stuff, so i can install the new drivers i bump into it,  as soon as i desinstaled it Windows start anoying me (like he always do) saying i don't have a firewall installed, i still don't have the tray icon but it's running (windows isn't complaining)
Thanks for the help


----------



## randomperson21 (Aug 1, 2006)

nice!
hope it works out well.


----------



## Aegis (Aug 1, 2006)

Alec§taar said:
			
		

> * Native Window Firewall, in combination w/ limited protocols broadcast, hardware routers, diff. software firewalls, NIC settings tunings, CUSTOM-HOSTS files use + purpose for both security & speed, & Port Filtrations @ the Tcp level, & lastly Registry hacking of the Tcp/IP parameterization portion of the registry & browser tweaking even (& FAR more)...
> 
> APK


Might be secure, but not unbreakable. With so many different filtering tools in place, you'd be lucky to get your applications working. The load on the processor would be much higher, since a single packet has to go through 10+ filters or so, so your speed will go down as well. Not to mention that such a configuration is only *slightly* more secure than just using a good firewall. My personal approach is to have a patched OS with no security applications and an NAT "firewall". Haven't had any troubles with security since.


----------



## randomperson21 (Aug 1, 2006)

Aegis said:
			
		

> Might be secure, but not unbreakable. With so many different filtering tools in place, you'd be lucky to get your applications working. The load on the processor would be much higher, since a single packet has to go through 10+ filters or so, so your speed will go down as well. Not to mention that such a configuration is only *slightly* more secure than just using a good firewall. My personal approach is to have a patched OS with no security applications and an NAT "firewall". Haven't had any troubles with security since.



not even antivir?  

personally, i like avg. pretty lightweight. norton internet security SUCKS! grah i have it on one of my laptops, it pisses me off to no end.  

thats why i'm liking the forceware firewall. no strain on the cpu, its all handled by the nforce chip. pretty schweet.


----------



## error_f0rce (Aug 1, 2006)

Gotta get my 2 cents in, hehe  

I've got Symantec Firewall Corporate Edition installed, along with the one on my Linksys router.  Turned off Windows Firewall, that thing is a pain in the beeeehind.  I also have Norton Anti-Virus Corporate Edition w/ real-time monitoring installed.  All this just to say that when I run Pi, Sandra, 3DMarks05, etc, I don't notice any increase in my score when they are turned off.  Not any slowdown in internet performance or gaming as far as I can tell either.  I don't even know they are running unless I install a new program and it catches it trying to connect to the internet, then I simply tell it yes or no and it auto creates a rule for it.  Or when someone tries to break into my computer / access one of my ports, and it gives me their IP address and domain    Simple as pie.... I love it. 

Alright all you Norton/Symantec haters, tear me apart... bring on the flames, come on


----------



## randomperson21 (Aug 1, 2006)

ok, i admit that the corp version isn't as bad. i do admin work for it at school all the time. really amuses me when all 500 school computers suddenly pop up saying "auto protect disabled". Thats right up there next to randomly shutting off all 500 computers at the same time. hehe.

But the Internet Security version sucks monkey balls, for lack of better words. 

Firstly, it takes up WAY too much system resources. something like 60mb of ram for the entire suite. Takes forever to load on startup. Plus, parts of it crash randomly, leaving me with a useless internet connection. For example, CCAP.exe or whatever its called continuously dies on my laptop, and after that, i can't get on the net. no biggie, you might think, but the major problem is that it happens several times a day. and after each time, you HAVE to reboot. graaaaah!!!

Plus, its rule system sucks, and is not paticulairly intuitive. Antivir scanning takes a year and a half, and it can't resolve some issues, mainly spyware. 

it just pisses me off to no end.


----------



## rh535 (Aug 1, 2006)

One that i use use. I like it and it seems to work well.

http://www.personalfirewall.comodo.com/


----------



## error_f0rce (Aug 1, 2006)

randomperson21 said:
			
		

> Antivir scanning takes a year and a half, and it can't resolve some issues, mainly spyware.


Yeah, I'm not sure why Norton hasn't made their Anti-Virus with an option to include spyware definitions during a scan... some of the best spyware programs these days still seem to be the free ones! (i.e. Adaware)


----------



## randomperson21 (Aug 1, 2006)

error_f0rce said:
			
		

> Yeah, I'm not sure why Norton hasn't made their Anti-Virus with an option to include spyware definitions during a scan... some of the best spyware programs these days still seem to be the free ones! (i.e. Adaware)



well, as far as i can tell, it does find the spyware. but it has mondo trouble removing it. it pops up as a detected item, it "fixes" it, then i reboot. run another scan, and its still there.

any of you guys use windows defender for spyware? its starting to irritate me. gotta find a new one.


----------



## Alec§taar (Aug 1, 2006)

Long read, but worth it... read on:



			
				Aegis said:
			
		

> Might be secure, but not unbreakable



Nothing REALLY is, but I would bet I am massively layered to the max, & as close as you CAN get doing what I do (noted in the URL I post above). 



			
				Aegis said:
			
		

> With so many different filtering tools in place, you'd be lucky to get your applications working.



My apps work just FINE!

After all, what I do, for filtering? It is only about "inbound" packets, afaik, because I can initiate things like email from the "inside" (my system) to other systems (like email servers) w/ out being 'blocked' by 'myself' basically... even though I don't ALLOW ports 110, or 25 (smtp) for mail in my filtering... I guess that proves it works for inbound only I suppose!

E.G.-> I only allow in 80, 8080, 443 (secure sockets stuff & HTML) here @ the IP stack level (tcp portion) only... 

The rest is layered via:

A.) Hardware router (CISCO technology bearing NAT true firewalling/stateful packet inspecting LinkSys unit)

B.) Software firewall (native to Windows Server 2003 SP#1 fully hotfix patched)

C.) Other registry hacks to the IP layer (inclusive of ONLY broadcasting Tcp/IP, no other clients or protocols (for better security AND speed, cuz no piggybacked/sandwiched in packets in the IP mix)).

Plus, a host of other things noted in the URL I posted earlier regarding this... @ both OS & software used online levels.



			
				Aegis said:
			
		

> The load on the processor would be much higher, since a single packet has to go through 10+ filters or so, so your speed will go down as well.



*First off* - I note a TON of ways to get better than stock speeds to offset the filtering, but it's NOT occuring @ the level I think you think it is the way I do it (not IPSec Policies, but you CAN combine these with what I do anyhow & I do, but not MANY here), broadcasting ONLY Tcp/IP, not other clients/protocols, & FAR MORE... you have to read that URL I first posted to see!

Via registry hacks, NIC driver settings, & more for internet speedups (including custom HOSTS files &/or filters & hacks @ the webbrowser level, plus running their caches off a solid-state ramdisk here & other OS tunings which help as well).

*Secondly* - the filter works on a SINGLE variable iirc, a datastructure/array!

*Thirdly:*  A "Structure" is a single record that carries numerous elements in it, yet is acted upon as a SINGLE variable to scan! IIRC, it is noted in WinSockAddr.h (not sure of name anymore,  but some file named like that in the C/C++ libs IP descends out of).

So afaik?

Ports 0-65535 etc. are scanned via a SINGLE structure that has that many (or less via filters) elements in it, & that's it... accessed via a single var, faster than parsing MULTIPLE filters.

Basically, structures ARE an array, but can carry diff. types of data in it... it may very WELL be an array, since it too can be accessed via arrayname(subscript element #).

(I think of structures, & strings, as nothing more than specialized arrays anyhow... but, those are the IMMEDIATE differences I note in them, data types can vary in a structure OR object (datastructure complete with functions inside of it encapsulated typically)).

I think you think this is like doing IPSec Policies filtering...

THAT? OCCURS LATER THAN THE LEVEL (source traffic-wise) I AM WORKING THIS AT/FROM & SAME #2 step (destination traffic-wise)! It is "less heavy" than numerous IPSEC filters usage.

Anyhow - This is NOT using filtering via IPSEC (though, iirc, they DO "boil down" to the same thing eventually, tcpip.sys), this is filtering @ the IP stack level.

==================================================
*THIS IS THE ORDER Tcp/IP packet processing actually USES (Source Traffic):*
----------------------------------------------------------------

*1. After the IP packet has been formed, Tcpip.sys passes it to the 
   firewall- hook driver, Ipnat.sys, for processing.*

   Windows Firewall checks whether the traffic is a specific type of Internet 
   Control Message Protocol (ICMP) message that Windows Firewall is 
   designed to block. If the ICMP message is blocked, Windows Firewall 
   discards the packet.

   Windows Firewall checks whether the traffic is Point-to-Point Tunneling 
   Protocol (PPTP) tunnel maintenance traffic. If so, Windows Firewall 
   analyzes the traffic to determine the Generic Routing Encapsulation (GRE) 
   Call ID that identifies the specific PPTP tunnel so that incoming GRE-
   based traffic for the PPTP tunnel is allowed.

   If needed, Windows Firewall adds a dynamic entry to the exceptions list 
   so that the response traffic will be allowed.

   After processing, Ipnat.sys passes the IP packet back to Tcpip.sys, 
   which uses the IP forwarding component to determine the next-hop IP 
   address and interface. For more information, see Understanding the IP 
   Routing Table.

*2. Tcpip.sys passes the packet to the filter-hook driver, Ipfltdrv.sys, 
        for processing.* 

    Based on the next-hop interface, Ipfltdrv.sys compares the packet to 
    the configured outbound IP packet filters.

    If the outbound IP packet filters do not allow the packet, Ipfltdrv.sys 
    silently discards the packet. If the outbound IP packet filters allow the 
    packet, Ipfltdrv.sys passes the packet back to Tcpip.sys.

*3. Tcpip.sys passes the packet to Ipsec.sys for processing.*

    Based on the set of IPsec filters, Ipsec.sys determines whether the 
    packet is permitted, blocked, or secured. If permitted, Ipsec.sys passes 
    the packet back to Tcpip.sys without modification. If blocked, Ipsec.sys 
    silently discards the packet. If secured, Ipsec.sys adds the appropriate 
    IPsec protection to the packet before handing it back to Tcpip.sys.

*4.) Tcpip.sys then sends the packet over the next-hop interface to 
        the next-hop IP address.*

==================================================
*THIS IS THE ORDER Tcp/IP packet processing actually USES (Destination Traffic):*
----------------------------------------------------------------

*1. After receiving the IP packet, Tcpip.sys passes it to Ipsec.sys for 
        processing.*

        If the packet has IPsec protection (the IP Protocol field value 
        indicates either Authentication Header [AH] or Encapsulating Security 
        Payload [ESP]), it is processed and removed. If the Windows Firewall: 
        Allow authenticated IPSec bypass Group Policy setting applies to the 
        computer, Ipsec.sys sets an IPsec Bypass flag associated with the 
        packet. Ipsec.sys passes the resulting packet back to Tcpip.sys.

        If the packet does not have IPsec protection, based on the set of 
        IPsec filters, Ipsec.sys determines whether the packet is permitted, 
        blocked, or requires security. If permitted, Ipsec.sys passes the 
        packet back to Tcpip.sys without modification. If the packet is 
        blocked or requires security, Ipsec.sys silently discards the packet.

*2. Tcpip.sys passes the packet to Ipfltdrv.sys for processing.*

        Based on the interface on which the packet was received, 
        Ipfltdrv.sys compares the packet to the configured inbound IP packet 
        filters.

        If the inbound IP packet filters do not allow the packet, Ipfltdrv.sys 
        silently discards the packet. If the inbound IP packet filters allow the 
        packet, Ipfltdrv.sys passes the packet back to Tcpip.sys.

*3. Tcpip.sys passes the packet to Ipnat.sys for processing.*

        If Internet Connection Sharing or the NAT/Basic Firewall is enabled 
        and the interface on which the packet was received is the public 
        interface connected to the Internet, Ipnat.sys compares the packet 
        to its NAT translation table. If an entry is found, the IP packet is 
        translated and the resulting packet is treated as source traffic.

        Windows Firewall checks the IPsec Bypass flag associated with the 
        packet. If the IPsec Bypass flag is set, Windows Firewall passes the 
        packet back to Tcpip.sys.

        If the IPsec Bypass flag is not set, Windows Firewall compares the 
        packet to its exceptions list. If the packet matches an exception, 
        Ipnat.sys passes the IP packet back to Tcpip.sys. If the IP packet 
        does not match an exception, Ipnat.sys silently discards the IP 
        packet.

*4. Tcpip.sys compares the IP packet to the configured set of allowed 
        packets for TCP/IP filtering.*

      If TCP/IP filtering does not allow the packet, Tcpip.sys silently discards 
      the packet. If TCP/IP filtering allows the packet, Tcpip.sys continues 
      processing the packet, eventually passing the packet payload to TCP, 
      UDP, or other upper layer protocols.

==================================================

----------------------------------------------------------------
*BOTH source/destination use THESE specific mechanisms:*
----------------------------------------------------------------

• IP forwarding Determines the next-hop interface and address for packets  
  being sent or forwarded.

• TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP 
   port, the types of traffic that are acceptable for incoming local host 
   traffic (packets destined for the host). You can configure TCP/IP filtering 
   on the Options tab from the advanced properties of the Internet 
   Protocol (TCP/IP) component in the Network Connections folder.

• Filter-hook driver A Windows component that uses the filter-hook API to f
  filter incoming and outgoing IP packets. On a computer running Windows 
  Server 2003, the filter-hook driver is Ipfltdrv.sys, a component of Routing 
  and Remote Access. When enabled, Routing and Remote Access allows 
  you to configure separate inbound and outbound IP packet filters for each 
  interface using the Routing and Remote Access snap-in. Ipfltdrv.sys
  examines both local host and transit IP traffic (packets not destined for 
  the host).

• Firewall-hook driver A Windows component that uses the firewall-hook API 
  to examine incoming and outgoing packets. On a computer running 
  Windows XP, the firewall-hook driver is Ipnat.sys, which is shared by both 
  Internet Connection Sharing and Windows Firewall. Internet Connection 
  Sharing is a basic network address translator (NAT). Windows Firewall is a 
  stateful host-based firewall. Ipnat.sys examines both local host and 
  transit IP traffic. On a computer running Windows Server 2003, Ipnat.sys 
  is shared by Internet Connection Sharing, Windows Firewall, and the NAT/
  Basic Firewall component of Routing and Remote Access. If the NAT/Basic 
  Firewall component of Routing and Remote Access is enabled, you cannot 
  also enable Windows Firewall or Internet Connection Sharing.

• IPsec The IPsec component, Ipsec.sys, is the implementation of IPsec in
  Windows to provide cryptographic protection to IP traffic. Ipsec.sys 
  examines both local host and transit IP traffic and can permit, block, or 
  secure traffic.

* LOTS TO KNOW UP THERE, but worth noting, here...



			
				Aegis said:
			
		

> Not to mention that such a configuration is only *slightly* more secure than just using a good firewall



Maybe so, & maybe "slightly" isn't correct @ all about it...but, the point is there!

Depends on attack vectors, & against email bombs + scriptable macro'd apps etc.? You just have to be smart about THAT one!

Against IP Ports ingress?

Well, by my "cutting off" nearly all of them (ones I don't use, & open more if needed like 113 for IRC for instance) is the smartest thing I could think of - simple, & efficiently so. 

NOW, If I am wrong above (I am not) about the structure.element access of these filters using Ipfltdrv.sys, rather than IPSec.sys?

I made it even TINIER, by far, cutting off all but 3 ports or so, of 65535 total... smaller, & faster!

(Layered security is "IN" now, but I have been using/doing it since 1997-1998 or so on NT-based OS' & it works & IS more secure, period!)



			
				Aegis said:
			
		

> My personal approach is to have a patched OS with no security applications and an NAT "firewall". Haven't had any troubles with security since.



Until your apps get hit... 

That is "THE" opening being misused the most nowadays... apps can be 'hacked/tweaked' as well which are vulnerable (like Office & the shortcut /safemode startup option, email using ONLY .txt rendering & no scripts, & of course, browser settings & turning off scripting & extensions of ANY kind).

APK

P.S.=> Heh, on a side-note?

I gathered that, from your description Aegis (odd, name of a military defense system no (Naval iirc)? lol, yes... I know about it & iirc, greek myth for a Gorgon's skull on some hero's armor (Jason?))... apk


----------



## cjoyce1980 (Aug 1, 2006)

outpost v1 is free and serves me well


----------



## cdawall (Aug 15, 2006)

for $20 you can get defender pro and no one has gotten in on my system and it comes w/ everything firewall antivirus spam removal and all that shit


----------



## pt (Aug 15, 2006)

cdawall said:


> for $20 you can get defender pro and no one has gotten in on my system and it comes w/ everything firewall antivirus spam removal and all that shit



i refuse myself to pay for something i can get for free


----------



## Steevo (Aug 15, 2006)

Ahh the seven layer burrito of networking. Crispy and crunchy on the outside and netwok packety on the inside.


Nothing like a little kick in the net to get someones attention.


----------



## KennyT772 (Aug 15, 2006)

i dont even use a software firewall. just limited port selection on my router.


----------



## Alec§taar (Aug 15, 2006)

Steevo said:


> Ahh the seven layer burrito of networking. Crispy and crunchy on the outside and netwok packety on the inside.
> 
> 
> Nothing like a little kick in the net to get someones attention.



LOL!

(Good one)

* I'm going to "pinch that" for my style/repetoire, if you don't mind!

APK


----------



## KennyT772 (Aug 15, 2006)

answer this then. how many layers in the internet stack?


----------



## Alec§taar (Aug 15, 2006)

KennyT772 said:


> answer this then. how many layers in the internet stack?



For security filterings (edit part - in the WINDOWS world, @ least)? 

See last page...

APK

P.S.=> If you mean the "OSI model"? It depends... physical, or software layer?? 7 total, afaik... 

Application
Presentation
Session
Transport
Network
DataLink
Physical

apk


----------



## KennyT772 (Aug 15, 2006)

no not the osi network model the osi internet model 
them damn cisco networking classes are good for somthing...


----------



## Alec§taar (Aug 15, 2006)

KennyT772 said:


> no not the osi network model the osi internet model
> them damn cisco networking classes are good for somthing...



?

You tell me... I would like to see the diff. here!

APK

P.S.=> I mostly understand this from a programming/OS perspective, not the physical routers layer, etc.! BUT, it's not THAT tough to understand there either... so, run it by me! apk


----------



## KennyT772 (Aug 15, 2006)

the internet is all tcp/ip networking and only has a 4 layer stack vs the 7layer networking stack. i cant even remember what is actually in the stacks atm...

ahh here we go





the internet one is app/protocol/interface/medium


----------



## Alec§taar (Aug 15, 2006)

KennyT772 said:


> the internet is all tcp/ip networking and only has a 4 layer stack vs the 7layer networking stack. i cant even remember what is actually in the stacks atm...
> 
> ahh here we go
> 
> ...



Thanks, I was NOT aware of the difference, & NOW?

I AM!



* Stronger...

APK


----------



## KennyT772 (Aug 15, 2006)

no problem my friend. 

some of my friends get annoyed when i call myself a nerd. they always say im not ect ect...but how many 16yr olds have been fixing pcs for 6 years and read an A+ cert book in their free time?


----------



## Alec§taar (Aug 15, 2006)

KennyT772 said:


> no problem my friend.
> 
> some of my friends get annoyed when i call myself a nerd. they always say im not ect ect...but how many 16yr olds have been fixing pcs for 6 years and read an A+ cert book in their free time?



Not many I know of... I wasn't doing THAT, until I was a sophomore!

(On my 2 yr. degree, my 2nd one in this field, straight Comp. Sci., 1992-1994, when I first saw PC's really)

First was MIS, 4 yr., many years prior (1984-1988) & I hated it... 

COBOL, BASIC, & not much else as it was the dinosaur days in the 1980's (dataprocessing really).

Windows & DOS got me "back into it" later, because it was nicer & better than the b.s. timesharing/dumb(ass) terminals & glass house model... green screen ugly IBM, VMS, OR UNIX boxes.

Keep @ it?

You'll earn bigtime, later... especially on the CISCO router stuff!

APK

P.S.=> Start on the other side now too (Windows-wise Tcp/IP implementation of security filtering OS-side), see what I put up 2 pages back... 

It DOES explain much & SHOULD BE, for the most part (Hell ALL) accurate! apk


----------



## Steevo (Aug 15, 2006)

Alec§taar said:


> Windows & DOS got me "back into it" later, because it was nicer & better than the b.s. timesharing/dumb(ass) terminals & glass house model... green screen ugly IBM, VMS, OR UNIX boxes.



Client access express is my friend. Or the good old I-O terminals. We still have two.

D U
F16
wrkactjob
wrkusrprf







The level of security in one of those boxes was high due to the limited amount of things that could be done, same as the inventory-POS server we use at work.


Too fun to use when you have secusr authourity though. Hospitals and many high security facilitys use them. The only bummer is when you try to explain to the IT guy at a hospital that peeps are installing shareware proggys that could contain keyloggers, and no system is immune to a dumb user-IT department. SSN's, CCN's, DL numbers, etc.... And all he does is blush and start huffing like a idiot.


----------



## Alec§taar (Aug 15, 2006)

LOL, Steevo? Read this WHOLE thing, end-to-end, you will laugh most likely (AND, I have a question for you in my p.s.):



Steevo said:


> Client access express is my friend. Or the good old I-O terminals. We still have two.
> 
> D U
> F16
> ...



IBM ClientAccess 400 - I remember it well, with RUMBA!



As/400 (OS/400 terminal emulators) - I've done QUITE A BIT of "Cross-Platform" programming to IBM midranges & that was the DLL toolset I used (the function calls present in their libs in RUMBA application mostly, after I "hacked my way" thru their DLL function calls using notepad.exe & GUESSING on the data types to pass to their functions (had to in those days, they were not published publicly AND, you had to spend a LOT more on the SDK put out for them too if you wanted to save time, but not money))

I also had setup & used ClientAccess @ other places too, but RUMBA was what I used mostly for development.

It's too bad imo though, that Wyse WinTerms are coming in largely lately, to do the SAME thing: Constrict users, & also make a networkers job TOO easy.

Heck - IMO? You're better off using PC's you own already & Windows Terminal Server (RDP based), or better yet Citrix WinFrame/MetaFrame stuff (lighter, faster, & generally more capable protocol, in some/most circumstances vs. RDP).



Steevo said:


> Too fun to use when you have secusr authourity though. Hospitals and many high security facilitys use them. The only bummer is when you try to explain to the IT guy at a hospital that peeps are installing shareware proggys that could contain keyloggers, and no system is immune to a dumb user-IT department. SSN's, CCN's, DL numbers, etc.... And all he does is blush and start huffing like a idiot.



Yea, well... last place I worked? Our "CTO" was the dork!

E.G.-> I kept showing up this F'd up randomly named process in memory... I kept my mouth shut for a bit, I figured they were "shadowing me"... 

Well, it was a keylogger, & on my system since day #1 no less (I got my machine "presetup for me" I did not see it be done, nor was I part of its setup process watching it & Usually? I DEMAND THAT!)

Anyhow, and I certainly did NOT put it there, & brought it to everyone's attention no less, starting with the junior net admin, who started same week I did (maybe week later).

Turns out, This "big shot CTO" (dunce) "preferred antivirus" solution, Trend Micro was crappy & setup bad!

LOL, & how it was setup was WRONG was crap! Read on (Should amuse you):

I.E.-> It wasn't updating (& was MONTHS out of date)...

Now, when I pointed this out to his junior net admin & we found that out? 

LOL, Mr. "CTO" looked like shit & a liar... 

Mainly, because in a meeting of the ENTIRE dept. he outright lied & b.s.'d telling us "TREND IS THE BEST", before I figured out that TREND as he set it up? Was NOT working & not updating clients!

I then said in front of everyone there, "CAN YOU SHOW ME YOUR DATA ON THIS?"

He was unable to, like usual... He said "Oh I can't remember where I saw it"

(More like he was given some "kickback" to buy it, & YOU KNOW AND I KNOW, it happens all the time with "crooked" or blatantly STUPID managers, & many are)

I said "Gee, year in & year out, on ALL THE TESTS I HAVE SEEN EVER? Norton, AVG, & AntiVir always come out 1/2/3 a CLOSE respectively"... 

(Trend was not even in the SAME LEAGUE in the tests we all see in the traderags, but, it is cheaper typically iirc... WELL, you do get what you pay for!)

LOL!

And, certainly NOT if it was NOT updating properly as the "CTO" moron I refer to had set it up... lol, we PROMPTLY went AVG afterwards... 

(Gee, wonder why? Thought TREND WAS THE BEST from Mr. "I am always right" CTO w/ little professional experience (imo @ least, less than 10 years worth for SURE))

He is the type of guy that asks other for solutions & cannot do them himself... this? It often backfires, I have seen it SO many times over the years in my career, it's NOT funny!

So much for that!

That dumbass left us ALL exposed due to his stupidity and doubtless kickback for purchase oriented greed.

Funniest part is? I will be dealing with him again soon, on a professional note, & WILL SMOKE HIM ON THIS POINT SPECIFICALLY!

(Dude, don't get me wrong, But... I love running circles around a-holes who need it & this guy? NEEDS IT, & he is no longer my "superior" (never was in this field on ANY level) & I don't have to 'kow tow' to his b.s. anymore)

Man, I can't wait... time to scorch him, good...

(Ordinarily? I am NOT like that believe me - it's NOT my nature, I'll avoid fights & hassles @ most ANY cost & especially with the unreasonable & inflexible types, especially those that talk a good game but produce NO backing data!)

They piss me off!

LOL, but this fool?? He was downright amazing:

E.G.-> He would come over to us coders, call us stupid & such, right in public... 

One day, I told him he was full of shit & all the other coders just laffed!

(Especially one he started an argument with & was WAY wrong to top it off, I just listened on THAT one, & told them to quit arguing near my desk (could not concentrate))

However, later?

He started up w/ me on security issues saying "Oh, you don't know shit. you talk kindergarten stuff, and I know network security etc." Yea, because he has his MSCE... lol, I used to have that (circa NT 3.51 days etc. but no longer work as networker, mostly coder since 1997 onwards)... I guess his cert means he "knows all"...

Another "paper MSCE/CNE" etc. type, having to belittle others with his b.s. title he doesn't merit... I can spot those, 10 miles out, quick.

Anyhow this happened, because I merely pointed out some facts/suggestions to him, & after THAT name calling he gave me? 

HELL, I wanted to pop that punk in the nose for it... couldn't though, need the paycheck!

(I merely mentioned how IP filtering works & such & the manner in which IP stacks process requests on Windows & where our company was NOT secured all the way & I told him what could be done, additionally, for this (has to be, it dealt in SSN's & more like healthcare data) on a testbox if needed (using IPSec &/or port filtrations if needed))?

He shut the F up fast, was WAY outta his element!

Then, like usual, as dumbass mgt. is wont to do?

WELL,  He said "it would take too much time & money to implement"!

Oh, really? 

Maybe about 20-30 minutes on a test box setup (already done one) using netstat -ano & nbtstat etc. to see what we need open ports-wise & what to shutdown.

Tested w/ all our apps too... TOPS?

Maybe 1/2-1 day work, tops, for security. Our rep is based largely on that, & part of WHY I was hired was for security in new apps we built too. He is penny-wise & POUND FOOLISH!

IMO? You get "penetrated" & it comes out in public? You lose customers (do you want your money in a bank with an open to the public vault basically?), You lose shareholders, you lose it all! Bad rep...

Sure, made me an enemy, but that prick needed to be exposed for his crap! You cannot live like a man imo @ least, & NOT make enemies.

APK

P.S.=> Steevo... you wouldn't just so happen to be from Utica, N.Y.area OR near to it, would you? Just curious... Just a hunch/weird premonition of sorts I guess is why I ask... lol! Humor me, let me know via PM if needed... apk


----------



## Steevo (Aug 15, 2006)

Colorado.


That is funny.


Too many people in the business are just smart enough to be dangerous. But we all were at one time. I can't count the times I crashed 95 stomping through the registry, but I still never profess to know it all. Or anything for that matter.


----------



## Alec§taar (Aug 15, 2006)

Steevo said:


> Colorado.



Ah... ok, just curious is all!



Steevo said:


> That is funny.



Yea, it is... & it's NOT! If stuff like that got out to our customers, they'd leave man... they leave? Folks like myself & others lose their jobs, & the "vicious circle" as I call it, starts.

Death spiral...

And, I don't blame customers that, again: Would you want your money or personal info. in a bank or other institution that left its vault doors wide open?

HECK NO! Speaking for myself, @ least...



Steevo said:


> Too many people in the business are just smart enough to be dangerous. But we all were at one time.



Yes, I agree... we ALL start someplace. It's just folks that are "inflexible" once you point out things that may need doing are needed - they get all "bent" & toss names and such as he did my way & my colleagues' way many times.

We just suggested things we KNEW needed doing which are not "his way" (which his perspective is EXTREMELY limited & one-sided, no questions asked) & that since we code around IP for years now in apps (e.g.-> Secure FTP, emailing from apps (w/ & w/out Outlook libs present via say, SMTP, & far more?))!

It IS possible that we may actually KNOW what we're doing in these capacities... after all, it is WHAT we do! Some coders, like myself??

Started OUT as network engineers/admins! It helps... it really does. Has 'saved the day' for myself & colleagues on jobs of "Enterprise Class" simply because I understood the networking side to a decent extent & the OS as well.

We are, as coders, after all the guys that make the tools network admins/engineers & users all alike, USE!



Steevo said:


> I can't count the times I crashed 95 stomping through the registry, but I still never profess to know it all. Or anything for that matter.



I agree... for instance, I have learned a GREAT DEAL on these forums that I did not know before (hardware & o/c'ing-wise, areas I let "slide" for a good 5 year or more stretch now because of concentrating SOLELY on coding (.NET & all the changes, mostly good, some bad, etc. & just NEW (constant change, you KNOW how that is))).

APK

P.S.=> I have to apologize for some of my "tone" up there, but folks like the person I speak about above? Really, REALLY, tick me off... especially when they may be affecting my personal rep in this field which is my livelyhood, & yes, those of my colleagues potentially as well (they want A$$kissing "yes-men", not people offering constructive critique for the good of the whole, etc. is why)... too much of it out there imo, in this field & yes, others... apk


----------

