lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Jan 18 04:34:18 2006
From: greybrimstone at aim.com (greybrimstone@....com)
Subject: PC Firewall Choices 

Thats assuming that malware isn't being designed for that firewall. I'm 
sure you already know that software is software regardless of the 
hardware that it is running on. Likewise a vulnerability is still a 
vulnerability...

I suppose you could r/o the system... but you need to write the confs 
somewhere right?

-Adriel

-----Original Message-----
From: Valdis.Kletnieks@...edu
To: Nick Hyatt <me@...t.org>
Cc: full-disclosure@...ts.grok.org.uk
Sent: Tue, 17 Jan 2006 21:08:39 -0500
Subject: Re: [Full-disclosure] PC Firewall Choices

  On Tue, 17 Jan 2006 18:59:52 MST, Nick Hyatt said:
> Given the choice between one of those selections and a standard 
Linksys
> router / firewall combo, wouldn't it be safer to go with the hardware
> firewall? I find the configuration options to be quite a bit more 
in-depth,
> and the hardware firewall doesn't get itself as stuck in the system 
as say,
> ZA does.

Even more important, a hardware firewall can't be compromised as easily
by malware that's on a host behind the firewall.  It's easy for a 
program
on a PC to tell ZA to look the other way.  It's a little harder for it 
to
tell a hardware firewall to look the other way.

Unless of course, the firewall implements the UPnP "Pants Down!" RPC.. 
;)

   _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and 
industry-leading spam and email virus protection.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ