blackice defender und ftp-server

[chefkoch]

hi leute
habe eine frage. wer kennt sich mit blackice defender aus und kann mir sagen wie ich es konfigurieren kann das leute auf meinen ftp server zugreifen können.
geht das überhaupt?
wenn nicht sagt mir bitte eine andere firewall mit der es geht!!!
mfg chefkoch

[renew]

Normalerweise sollte das schon funktionieren. Es müssen nur die Ports 20 und 21 offen sein, damit die User drauf zugreifen können.

[zend]

in black ice auf tools dann advanced firewall settings dann port - add - name ftp port 20,21 - typ tcp - accept - perpetual - ok

[chefkoch]

danke dir für die hilfe

[chefkoch]

lass die user noch immer nicht durch!!!!!
muss ich jede ip eingeben, die zugreift???

[Theoden]

ähhm..man kann doch auch den security level einstellen? ausserdem gibts ne checkbox in den optionen "enable internet file sharing". Hast du die eh aktiviert?

[GangMan]

Weil ich's hier wieder mal lese. Ich rate dringend von BlackICE Defender ab. Der Firewall ist alles andere als sicher. Wer sich davon überzeugen möchte, http://grc.com/ ist eine exzellente Security-Site, mit allerhand Test-Utilities, u.a. einem Fire-Wall Tester namens "LeakTest".
Dieser Webseiten betreiber hat sich auch mit Sub7 und ähnlichen Trojanern beschäftigt, hier ein Auszug:

Zitat:

Personal Firewalls and IRC Zombie/Bot Intrusions

ZoneAlarm v2.6 (Free) —

The last of my testing was to see whether the firewall I keep telling everyone to use: ZoneAlarm — either FREE or Pro — would be effective in stopping the IRC Zombie/Bot and the Sub7 Servers that had taken up residence in my poor "Sitting Duck" laptop.

I downloaded the current, completely free, version of ZoneAlarm 2.6 from the ZoneLabs web site and installed it on the "Sitting Duck" laptop. Upon restarting the machine I was gratified to receive immediate notification that the Zombie/Bot was attempting to make an outbound connection to its IRC chat server.

Meanwhile, the Sub7 Trojan was sitting quietly waiting for someone to connect to it. So I used another machine to "Telnet" to the port the Sub7Server Trojan was listening on. Up popped ZoneAlarm asking whether the nonsense-looking random character name the Sub7Server had chosen for itself should be allowed to accept a connection from the Internet.

Perfect performance from ZoneAlarm.

Then I had a thought: What would Network ICE's BlackICE Defender do under the same circumstances?



BlackICE Defender v2.5 ($39.95) —

I did not have a current copy of BlackICE Defender around, but I felt that this was an important test. So I laid out $39.95 through Network ICE's connection to the Digital River eCommerce retailer and purchased the latest version (v2.5) of BlackICE Defender hot off the Internet. I had already removed all traces of ZoneAlarm and restarted the machine, so I installed BlackICE Defender, let everything settle down, and restarted the machine with my packet sniffer running on an adjacent PC.

As far as I could tell, BlackICE Defender had ABSOLUTELY NO EFFECT WHATSOEVER on the dialogs being held by the Zombies and Trojans running inside the poor "Sitting Duck" laptop. I knew that BlackICE Defender was a lame personal firewall, but this even surprised me.

The Zombie/Bot happily connected without a hitch to its IRC chat server to await further instructions. The Sub7 Trojan sent off its eMail containing the machine's IP and the port where it was listening. Then it connected and logged itself into the Sub7 IRC server, repeating the disclosure of the machine's IP address and awaiting port number. No alerts were raised, nothing was flashing in the system tray. The Trojans were not hampered and I received no indication that anything wrong or dangerous was going on.

I took a lot of grief after my LeakTest utility cut right through BlackICE Defender. Network ICE told everyone that LeakTest was "being allowed through" because it was a completely benign Trojan. I knew that was a load of bull (and they must have too), but it didn't really matter to me, and I had no affirmative means of proving otherwise.

Well . . . I have that now, and so do you.

I performed one final test: As I had with ZoneAlarm, I attempted to connect to the Sub7Server Trojan running inside the "Sitting Duck" machine on the IP and listening port number the Trojan was advertising all over the Internet . . . and it worked perfectly. I received Sub7's "PWD" prompt asking me to login.


Anyone want an "only used once"
copy of BlackICE Defender?

Also ich kann jedem nur zu ZoneAlarm raten, vor allem weil er Freeware ist...

Greetz! GangMan