lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 22 Sep 2009 14:25:37 -0500
From: "a.kuriger" <a.kuriger@...uidphlux.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: 
 Dumb question: Is Windows box behind a router safe ?


On Tue, 22 Sep 2009 11:29:20 -0700, Steven Anders <anderstev@...il.com>
wrote:
> I received great responses and am very grateful to the help from
community
> of this list. Thank you.
> 
> 
> I have a dumb question: Is a Windows box behind a router safe ?
> 
> It is my father's PC and the Windows OS was not updated regularly. The
> Windows box was connected through wire (RJ45) to the router. The router
is
> then connected to the DSL modem.
> The Windows Box has SP2 installed and the default Windows firewall
enabled
> -
> and I think was last updated from Windows Update on in 2008. It has AVG
> anti
> virus.
> The PC was never moved anywhere and is always behind the router. The
router
> has default settings, which I believe has no ports open.
> 
> He never installed any applications or downloads anything off the net -
> mainly it is used for emails and general web browsing (using Firefox,
not
> IE). I informed him to use Firefox, since IE has so many security
issues.
> 
> 
> My questions are:
> 
> 1.  There are many exploits and vulnerabilities of Windows, but I was
> wondering if outdated Windows box behind router generally safe ?  Since,
> the
> Windows box was not updated with the latest updates.
> 
> I have always thought that having a computer behind the router (since
> router
> has firewall) is generally safe, but I would love to hear insights or
> thoughts.
> 
> 
> 2. If a Windows box is behind a router, could a botnet be installed to
it ?
> Assuming, the end user does not install/download any applications from
the
> Internet and always use Firefox.
> 
> 
> Thank you all in advance.
> steve

As far as Firefox goes, install adblock + noscript and only allow scripts
to run on pages you trust. You may also want to look at your firewall to
see if you can block outbound connections on any port you will not be
using.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ